paradizelost/paperless-ngx
1
0
Fork 0
mirror of https://github.com/paperless-ngx/paperless-ngx.git synced 2025-05-01 11:19:32 -05:00
Code Issues Packages Projects Releases Wiki Activity

Refactoring

Browse Source
This commit is contained in:
shamoon 2024-10-19 20:00:28 -07:00
parent 97889282b6
commit 52ca8025d4
3 changed files with 17 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
src-ui/src/app/services/profile.service.ts
View File

@ -51,7 +51,7 @@ export class ProfileService {
getTotpSettings(): Observable<TotpSettings> { getTotpSettings(): Observable<TotpSettings> {
return this.http.get<TotpSettings>( return this.http.get<TotpSettings>(
`${environment.apiBaseUrl}${this.endpoint}/totp_activate/` `${environment.apiBaseUrl}${this.endpoint}/totp/`
) )
} }
@ -60,7 +60,7 @@ export class ProfileService {
totpCode: string totpCode: string
): Observable<{ success: boolean; recovery_codes: string[] }> { ): Observable<{ success: boolean; recovery_codes: string[] }> {
return this.http.post<{ success: boolean; recovery_codes: string[] }>( return this.http.post<{ success: boolean; recovery_codes: string[] }>(
`${environment.apiBaseUrl}${this.endpoint}/totp_activate/`, `${environment.apiBaseUrl}${this.endpoint}/totp/`,
{ {
secret: totpSecret, secret: totpSecret,
code: totpCode, code: totpCode,
@ -70,7 +70,7 @@ export class ProfileService {
deactivateTotp(): Observable<boolean> { deactivateTotp(): Observable<boolean> {
return this.http.delete<boolean>( return this.http.delete<boolean>(
`${environment.apiBaseUrl}${this.endpoint}/totp_activate/`, `${environment.apiBaseUrl}${this.endpoint}/totp/`,
{} {}
) )
} }

8
src/paperless/urls.py
View File

@ -54,7 +54,7 @@ from paperless.views import GenerateAuthTokenView
from paperless.views import GroupViewSet from paperless.views import GroupViewSet
from paperless.views import ProfileView from paperless.views import ProfileView
from paperless.views import SocialAccountProvidersView from paperless.views import SocialAccountProvidersView
from paperless.views import TOTPActivateView from paperless.views import TOTPView
from paperless.views import UserViewSet from paperless.views import UserViewSet
from paperless_mail.views import MailAccountTestView from paperless_mail.views import MailAccountTestView
from paperless_mail.views import MailAccountViewSet from paperless_mail.views import MailAccountViewSet
@ -166,9 +166,9 @@ urlpatterns = [
name="profile_view", name="profile_view",
), ),
path( path(
"totp_activate/", "totp/",
TOTPActivateView.as_view(), TOTPView.as_view(),
name="activate", name="totp_view",
), ),
# TODO: remove allauth urls? # TODO: remove allauth urls?
], ],

19
src/paperless/views.py
View File

@ -151,7 +151,7 @@ class ProfileView(GenericAPIView):
return Response(serializer.to_representation(user)) return Response(serializer.to_representation(user))
class TOTPActivateView(GenericAPIView): class TOTPView(GenericAPIView):
""" """
TOTP views TOTP views
""" """
@ -159,6 +159,9 @@ class TOTPActivateView(GenericAPIView):
permission_classes = [IsAuthenticated] permission_classes = [IsAuthenticated]
def get(self, request, *args, **kwargs): def get(self, request, *args, **kwargs):
"""
Generates a new TOTP secret and returns the URL and SVG
"""
user = self.request.user user = self.request.user
mfa_adapter = get_mfa_adapter() mfa_adapter = get_mfa_adapter()
secret = totp_auth.get_totp_secret(regenerate=True) secret = totp_auth.get_totp_secret(regenerate=True)
@ -173,13 +176,15 @@ class TOTPActivateView(GenericAPIView):
) )
def post(self, request, *args, **kwargs): def post(self, request, *args, **kwargs):
"""
Validates a TOTP code and activates the TOTP authenticator
"""
valid = totp_auth.validate_totp_code( valid = totp_auth.validate_totp_code(
request.data["secret"], request.data["secret"],
request.data["code"], request.data["code"],
) )
recovery_codes = None recovery_codes = None
if valid: if valid:
# from allauth.mfa.totp.internal.flows activate_totp
auth = totp_auth.TOTP.activate( auth = totp_auth.TOTP.activate(
request.user, request.user,
request.data["secret"], request.data["secret"],
@ -190,9 +195,6 @@ class TOTPActivateView(GenericAPIView):
user=request.user, user=request.user,
authenticator=auth, authenticator=auth,
) )
# adapter = get_adapter()
# adapter.add_message(request, messages.SUCCESS, "mfa/messages/totp_activated.txt")
# adapter.send_notification_mail("mfa/email/totp_activated", request.user)
rc_auth: Authenticator = auto_generate_recovery_codes(request) rc_auth: Authenticator = auto_generate_recovery_codes(request)
if rc_auth: if rc_auth:
recovery_codes = rc_auth.wrap().get_unused_codes() recovery_codes = rc_auth.wrap().get_unused_codes()
@ -204,17 +206,16 @@ class TOTPActivateView(GenericAPIView):
) )
def delete(self, request, *args, **kwargs): def delete(self, request, *args, **kwargs):
"""
Deactivates the TOTP authenticator
"""
user = self.request.user user = self.request.user
try: try:
# from allauth.mfa.totp.internal.flows deactivate_totp
authenticator = Authenticator.objects.filter( authenticator = Authenticator.objects.filter(
user=user, user=user,
type=Authenticator.Type.TOTP, type=Authenticator.Type.TOTP,
).first() ).first()
delete_and_cleanup(request, authenticator) delete_and_cleanup(request, authenticator)
# adapter = get_account_adapter(request)
# adapter.add_message(request, messages.SUCCESS, "mfa/messages/totp_deactivated.txt")
# adapter.send_notification_mail("mfa/email/totp_deactivated", request.user)
return Response(True) return Response(True)
except Authenticator.DoesNotExist: except Authenticator.DoesNotExist:
return HttpResponseBadRequest("TOTP not found") return HttpResponseBadRequest("TOTP not found")