Handle missing SMS OTP config, missing user TOTP config

2021-12-06 18:36:33 +01:00 · 2021-12-06 18:36:33 +01:00 · 81c536c70a
parent 8c42b386f3
commit 81c536c70a
5 changed files with 12 additions and 8 deletions
--- a/core/classes/otp.py
+++ b/core/classes/otp.py
@ -19,10 +19,13 @@ class BaseOTPProvider:

    def active_for_user(self, user):
        '''Returns True if the provider is active and ready to be used by user.'''
-        return self.is_active
+        try:
+            return self.is_active
+        except RuntimeError:
+            return False

    def start_authentication(self, user):
        return "Authentication started, please enter your 2FA token."

    def validate_token(self, user, token):
-        raise NotImplementedError(f"{type(self)} does not implement validate_token()!")
+        raise NotImplementedError(f"{type(self)} does not implement validate_token()!")
--- a/core/mixins/auth.py
+++ b/core/mixins/auth.py
@ -33,4 +33,4 @@ class AdminMixin(AccessMixin):

        error(self.request, self.permission_denied_message)
        
-        return redirect_to_login(self.request.get_full_path(), self.get_login_url(), self.get_redirect_field_name())
+        return redirect_to_login(self.request.get_full_path(), self.get_login_url(), self.get_redirect_field_name())
--- a/core/modules/otp.py
+++ b/core/modules/otp.py
@ -8,6 +8,7 @@ for module in settings.EXPEPHALON_MODULES:
    try:
        moo = importlib.import_module(f"{module}.otp")
        for name, provider in moo.OTPPROVIDERS.items():
-            providers[name] = provider
-    except (AttributeError, ModuleNotFoundError):
-        continue
+            if provider.is_active:
+                providers[name] = provider
+    except (AttributeError, ModuleNotFoundError, RuntimeError):
+        continue
--- a/core/modules/sms.py
+++ b/core/modules/sms.py
@ -19,7 +19,7 @@ for module in settings.EXPEPHALON_MODULES:
            providers.append(provider)
        if mos.CREATE:
            modules_available.append(mos.CREATE)
-    except (AttributeError, ModuleNotFoundError):
+    except (AttributeError, ModuleNotFoundError, RuntimeError):
        continue
    except Exception as e:
        logger.error("Error importing SMS module {module}: {e}")
--- a/core/views/auth.py
+++ b/core/views/auth.py
@ -211,4 +211,4 @@ class PWRequestView(AuthView):
            request_password(user)
        finally:
            messages.success(self.request, "If a matching account was found, you should shortly receive an email containing password reset instructions. If you have not received this message after five minutes, please verify that you have entered the correct email address, or contact support.")
-            return redirect("login")
+            return redirect("login")