- commit
- b59da7e15231839529dcd57795785be817f4f2e8
- parent
- 47ea69f88e08c2b9dca9da37303e88556252b2d9
- Author
- Tobias Bengfort <tobias.bengfort@posteo.de>
- Date
- 2023-04-14 07:29
add setting MFA_FIDO2_USER_VERIFICATION
Diffstat
| M | mfa/methods/fido2.py | 6 | +++++- |
| M | mfa/settings.py | 4 | ++++ |
2 files changed, 9 insertions, 1 deletions
diff --git a/mfa/methods/fido2.py b/mfa/methods/fido2.py
@@ -62,6 +62,7 @@ def register_begin(user): 62 62 'displayName': user.get_full_name(), 63 63 }, 64 64 get_credentials(user), -1 65 user_verification=settings.FIDO2_USER_VERIFICATION, 65 66 ) 66 67 return encode(registration_data), state 67 68 @@ -78,7 +79,10 @@ def register_complete(state, request_data): 78 79 79 80 def authenticate_begin(user): 80 81 credentials = get_credentials(user)81 -1 auth_data, state = fido2.authenticate_begin(credentials)-1 82 auth_data, state = fido2.authenticate_begin( -1 83 credentials, -1 84 user_verification=settings.FIDO2_USER_VERIFICATION, -1 85 ) 82 86 return encode(auth_data), state 83 87 84 88
diff --git a/mfa/settings.py b/mfa/settings.py
@@ -13,3 +13,7 @@ METHODS = getattr(settings, 'MFA_METHODS', ['FIDO2', 'TOTP', 'recovery']) 13 13 # `valid_window` parameter passed to PyOTP's verify method 14 14 # See https://pyauth.github.io/pyotp/#pyotp.totp.TOTP.verify 15 15 TOTP_VALID_WINDOW = getattr(settings, 'MFA_TOTP_VALID_WINDOW', 0) -1 16 -1 17 # `user_verification` parameter passed to python-fido2 -1 18 # See https://www.w3.org/TR/webauthn/#enum-userVerificationRequirement -1 19 FIDO2_USER_VERIFICATION = getattr(settings, 'MFA_FIDO2_USER_VERIFICATION', None)