From 3f9af26cfadbce27e88a9715f426eb90a6278f38 Mon Sep 17 00:00:00 2001 From: Valentin Deniaud Date: Tue, 16 Apr 2019 09:56:26 +0200 Subject: [PATCH 2/5] auth_oath: record auth event and move code to utils --- .../auth2_multifactor/auth_oath/authenticators.py | 3 +-- src/authentic2/utils.py | 6 ++++++ 2 files changed, 7 insertions(+), 2 deletions(-) diff --git a/src/authentic2/auth2_multifactor/auth_oath/authenticators.py b/src/authentic2/auth2_multifactor/auth_oath/authenticators.py index 7f1f02bb..9c7a4d16 100644 --- a/src/authentic2/auth2_multifactor/auth_oath/authenticators.py +++ b/src/authentic2/auth2_multifactor/auth_oath/authenticators.py @@ -38,8 +38,7 @@ class TOTPAuthenticator(object): if success: secret.drift = drift secret.save() - request.session['auth_level'] = self.auth_level - return utils.continue_to_next_url(request) + return utils.auth_level_increase(request, self.auth_level, self.id) form.add_error('code', _('Invalid code.')) context['form'] = form return render(request, 'auth_oath/totp_form.html', context) diff --git a/src/authentic2/utils.py b/src/authentic2/utils.py index 9377a693..796269a1 100644 --- a/src/authentic2/utils.py +++ b/src/authentic2/utils.py @@ -404,6 +404,12 @@ def last_authentication_event(session): return None +def auth_level_increase(request, auth_level, how): + request.session['auth_level'] = auth_level + record_authentication_event(request, how, auth_level=auth_level) + return continue_to_next_url(request) + + def login(request, user, how, service_slug=None, nonce=None, **kwargs): '''Login a user model, record the authentication event and redirect to next URL or settings.LOGIN_REDIRECT_URL.''' -- 2.20.1