Closed perryr16 closed 1 week ago
@perryr16, this is great! Documenting a few issues I ran into:
first, when I choose the 'email' verification method, I see a whole lot of errors in the logs. A lot of these: "AttributeError": type object RequestContext has no attribute 'cancel_url', 'is_ali_root', 'ali_leaf', .... etc.
I've also run into this error in the logs: raise VariableDoesNotExist("Failed lookup for key " django.template.base.VariableDoesNotExist: Failed lookup for key [method] in <EmailDevice: default (email@nrel.gov)> 2024-05-14 15:23:51 DEBUG Exception while resolving variable 'method' in template 'two_factor/core/setup.html'. Traceback (most recent call last): File "/Users/kflemin/.pyenv/versions/seed-10/lib/python3.10/site-packages/django/template/base.py", line 829, in _resolve_lookup current = current[bit] TypeError: 'EmailDevice' object is not subscriptable
On the login screens, there are 2 things that we need to change:
This is the old login screen:
And the new ones:
![Screenshot 2024-05-14 at 4 16 01 PM](https://github.com/SEED-platform/seed/assets/
2205659/b8ceb482-080c-4f43-8bd9-a201c7a4a75a)
Maybe if you just turn "Create my account" into "Forgot my password" it might be good enough?
thanks!
Any background context you want to provide?
What's this PR do?
Uses an open source, well rated, free library django-two-factor-auth to add token authentication via any authenticator app (google authenticator, microsoft authenticator, etc...) or via email.
Users will only be prompted to enable 2FA on their first login following the introduction of this code. Opting in or out is at the user level and users can always access the 2FA settings from /profile > Two Factor.
If a user chooses "Token Generator" then a QR code is displayed and can be scanned by any number of auth apps. Once scanned, users can enter the token to login
If a user chooses "Email" then a token will be sent via email to the associated account.
The UI for this library uses Django templates and does not enter the angular layer. To customize the Django templates they have been imported into the seed/landing/templates/two_factor directory and edited. To make navigation changes to the response from django-2-f-a, the response must be caught in a custom django view (see /CustomLoginView.py)
How should this be manually tested?
With token generator Login with any user > Enable 2Fa > Select "Token Generator " Scan QR code with auth app of choice and enter token User should be logged in
With email Go to profile > Two Factor > disable two factor authentication then re-enable two factor and select "Email". An email will be sent out, if testing locally it will likely be found in the seed_web logs. Enter the token User should be logged in
What are the relevant tickets?
4657
Screenshots (if appropriate)