Skip to content

Commit

Permalink
支持同时开启多种验证方式
Browse files Browse the repository at this point in the history
  • Loading branch information
@nick2wang
nick2wang committed Jun 20, 2022
1 parent 262034c commit a534afa
Show file tree
Hide file tree
Showing 14 changed files with 307 additions and 136 deletions.
10 changes: 0 additions & 10 deletions common/auth.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -109,33 +109,23 @@ def authenticate_entry(request):
if SysConfig().get('enforce_2fa'):
# 用户是否配置过2fa
if twofa_enabled:
auth_type = twofa_enabled[0].auth_type
phone = twofa_enabled[0].phone
verify_mode = 'verify_only'
else:
auth_type = 'totp'
phone = ''
verify_mode = 'verify_config'
# 设置无登录状态session
s = SessionStore()
s['user'] = authenticated_user.username
s['auth_type'] = auth_type
s['verify_mode'] = verify_mode
s['phone'] = phone
s.set_expiry(300)
s.create()
result = {'status': 0, 'msg': 'ok', 'data': s.session_key}
else:
# 用户是否配置过2fa
if twofa_enabled:
auth_type = twofa_enabled[0].auth_type
phone = twofa_enabled[0].phone
# 设置无登录状态session
s = SessionStore()
s['user'] = authenticated_user.username
s['auth_type'] = auth_type
s['verify_mode'] = 'verify_only'
s['phone'] = phone
s.set_expiry(300)
s.create()
result = {'status': 0, 'msg': 'ok', 'data': s.session_key}
Expand Down
84 changes: 48 additions & 36 deletions common/templates/2fa.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -27,7 +27,7 @@ <h4 style="font-weight: bold">启用两步验证</h4>
</div>
<div class="form-group">
<label for="auth_type">验证方式:</label>
<select id="auth_type" class="form-control show-tick selectpicker" name="instances"
<select id="auth_type" class="form-control show-tick selectpicker" name="auth_type"
title="选择额外验证方式:"
data-live-search="true">
<option value="totp" selected="selected">Google身份验证器</option>
Expand All @@ -44,34 +44,34 @@ <h4 style="font-weight: bold">启用两步验证</h4>
<input class="form-control ng-valid ng-dirty ng-touched" id="phone" name="phone" type="text"
oninput="value=value.replace(/[^\d]/g,'')" autocomplete="off" required>
</div>
<div class="form-group"><label class="control-label" for="otpCode">2. 输入6位验证码完成验证</label><input class="form-control ng-valid ng-dirty ng-touched" id="otpCode" name="otpCode" type="text" oninput="value=value.replace(/[^\d]/g,'')" autocomplete="off" required>
<div class="form-group">
<label class="control-label" for="otpCode">2. 输入6位验证码完成验证</label>
<input class="form-control ng-valid ng-dirty ng-touched" id="otpCode" name="otpCode" type="text"
oninput="value=value.replace(/[^\d]/g,'')" autocomplete="off" required>
</div>
<div class="form-group" style="text-align: center">
<button id="btnCaptcha" type="button" class="btn btn-primary" style="display: none">获取验证码</button>
<button id="btnCaptcha" type="button" class="btn btn-primary btn-block" style="display: none">获取验证码</button>
<button id="btnAuth" type="button" class="btn btn-success btn-block"><i class="fa-lock"></i>验证</button>
</div>
{% else %}
{% if auth_type == 'totp' %}
<div class="form-group is-focused">
<label class="control-label" for="otpCode">OTP验证码</label>
<input class="form-control ng-valid ng-dirty ng-touched" id="otpCode" name="otpCode" type="text"
oninput="value=value.replace(/[^\d]/g,'')" autocomplete="off" required>

</div>
<div class="form-group">
<button id="btnAuth" type="button" class="btn btn-success btn-block"><i class="fa-lock"></i>验证</button>
</div>
{% else %}
<div class="form-group is-focused">
<label class="control-label" for="otpCode">短信验证码</label>
<input class="form-control ng-valid ng-dirty ng-touched" id="otpCode" name="otpCode" type="text"
oninput="value=value.replace(/[^\d]/g,'')" autocomplete="off" required>
</div>
<div class="form-group">
<button id="btnCaptcha" type="button" class="btn btn-primary btn-block" >获取验证码</button>
<button id="btnAuth" type="button" class="btn btn-success btn-block"><i class="fa-lock"></i>验证</button>
</div>
{% endif %}
<div class="form-group">
<label for="auth_type">选择验证方式:</label>
<select id="auth_type" class="form-control show-tick selectpicker" name="auth_type"
title="选择额外验证方式:"
data-live-search="true">
</select>
</div>
<div class="form-group">
<label id="totp-form" class="control-label" for="otpCode">OTP验证码</label>
<label id="sms-form" class="control-label" for="otpCode">短信验证码</label>
<input class="form-control ng-valid ng-dirty ng-touched" id="otpCode" name="otpCode" type="text"
oninput="value=value.replace(/[^\d]/g,'')" autocomplete="off" required>
</div>
<input id="phone" value="{{ phone }}" style="display: none">
<div class="form-group">
<button id="btnCaptcha" type="button" class="btn btn-primary btn-block" >获取验证码</button>
<button id="btnAuth" type="button" class="btn btn-success btn-block"><i class="fa-lock"></i>验证</button>
</div>
{% endif %}
<input type="text" style="display:none">
</form>
Expand Down Expand Up @@ -120,17 +120,31 @@ <h4 style="font-weight: bold">启用两步验证</h4>
//keycode==13为回车键
if (event.keyCode === 13) {
let otp = $('#otpCode').val();
if (!otp) {
alert('请输入验证码!')
return
}
authOTP(otp);
}
});
});

$(document).ready(function () {
if ('{{ verify_mode }}' === 'verify_config') {
if ('{{ auth_type }}' === 'totp') {
let data = config_2fa();
$("#qrcode-img").attr("key", data.data.key)
$("#qrcode-img").attr("src", "/user/qrcode/" + data.data.key)
let data = config_2fa();
$("#qrcode-img").attr("key", data.data.key)
$("#qrcode-img").attr("src", "/user/qrcode/" + data.data.key)
} else if ('{{ verify_mode }}' === 'verify_only') {
let auth_types = {{ auth_types|safe }};
for (i=0;i < auth_types.length;i++) {
let auth_type;
if (i === 0) {
auth_type = '<option value="' + auth_types[i].code + '" selected="selected">' + auth_types[i].display + '</option>'
} else {
auth_type = '<option value="' + auth_types[i].code + '">' + auth_types[i].display + '</option>'
}
$("#auth_type").append(auth_type)
$("#auth_type").trigger('change')
}
}
})
Expand Down Expand Up @@ -160,33 +174,31 @@ <h4 style="font-weight: bold">启用两步验证</h4>
})

$("#auth_type").change(function () {
$("#otpCode").val('');
let auth_type = $("#auth_type").val();
if (auth_type === 'totp') {
$("#totp-form").show();
$("#sms-form").hide();
$("#btnCaptcha").hide();
$("#btnAuth").addClass('btn-block');
$("#btnCaptcha").hide()
} else if (auth_type === 'sms') {
$("#totp-form").hide();
$("#sms-form").show();
$("#btnCaptcha").show();
$("#btnAuth").removeClass('btn-block');
$("#btnCaptcha").show()
}
})

function config_2fa() {
// 配置2fa
let result;
let phone = $("#phone").val();
let auth_type = $("#auth_type").val();
$.ajax({
type: "post",
url: "/api/v1/user/2fa/",
dataType: "json",
data: {
engineer: '{{ username }}',
auth_type: auth_type?auth_type:'{{ auth_type }}',
phone: phone?phone:'{{ phone }}'
enable: 'true',
auth_type: $("#auth_type").val(),
phone: $("#phone").val()
},
async: false,
complete: function () {
Expand Down
Loading

0 comments on commit a534afa

Please sign in to comment.