core,oauth_provider: cleanup templates, add MFA error view

passbook/core/auth/mfa.py

@@ -8,6 +8,7 @@ from django.shortcuts import get_object_or_404, redirect, reverse
 from django.views.generic import View
 
 from passbook.core.models import User
+from passbook.core.views.utils import PermissionDeniedView
 from passbook.lib.utils.reflection import class_to_path, path_to_class
 
 LOGGER = getLogger(__name__)
@@ -81,7 +82,7 @@ class MultiFactorAuthenticator(View):
     def user_invalid(self):
         """Show error message, user could not be authenticated"""
         LOGGER.debug("User invalid")
-        # TODO: Redirect to error view
+        return redirect(reverse('passbook_core:mfa-denied'))
 
     def _user_passed(self):
         """User Successfully passed all factors"""
@@ -90,3 +91,6 @@ class MultiFactorAuthenticator(View):
         login(self.request, self.pending_user, backend=backend)
         LOGGER.debug("Logged in user %s", self.pending_user)
         return redirect(reverse('passbook_core:overview'))
+
+class MFAPermissionDeniedView(PermissionDeniedView):
+    """User could not be authenticated"""

passbook/core/forms/rules.py

@@ -1,6 +1,7 @@
 """passbook rule forms"""
 
 from django import forms
+from django.utils.translation import gettext as _
 
 from passbook.core.models import DebugRule, FieldMatcherRule, WebhookRule
 
@@ -46,3 +47,6 @@ class DebugRuleForm(forms.ModelForm):
         widgets = {
             'name': forms.TextInput(),
         }
+        labels = {
+            'result': _('Allow user')
+        }

passbook/core/templates/login/base.html

@@ -8,6 +8,8 @@
   .login-pf-page .login-pf-page-footer-links {
     padding: 15px;
     background-color: #fff;
+    border-top: 2px solid transparent;
+    box-shadow: 0 1px 1px rgba(3,3,3,.175);
   }
 
   .login-pf-page .login-pf-page-footer-link {

passbook/core/templates/overview/index.html

@@ -2,6 +2,15 @@
 
 {% load i18n %}
 
+{% block head %}
+{{ block.super }}
+<style>
+  img.app-icon {
+    max-height: 72px;
+  }
+</style>
+{% endblock %}
+
 {% block content %}
 <div class="container">
   <div class="row row-cards-pf">
@@ -19,7 +28,7 @@
                 {% if not app.icon_url %}
                 <span class="pficon pficon-arrow"></span>
                 {% else %}
-                <img src="{{ app.icon_url }}" alt="{% trans 'Application Icon' %}">
+                <img class="app-icon" src="{{ app.icon_url }}" alt="{% trans 'Application Icon' %}">
                 {% endif %}
               </a>
             </span>

passbook/core/urls.py

@@ -20,6 +20,7 @@ core_urls = [
     path('auth/logout/', authentication.LogoutView.as_view(), name='auth-logout'),
     path('auth/sign_up/', authentication.SignUpView.as_view(), name='auth-sign-up'),
     path('auth/mfa/', mfa.MultiFactorAuthenticator.as_view(), name='mfa'),
+    path('auth/mfa/denied/', mfa.MFAPermissionDeniedView.as_view(), 'mfa-denied'),
     # User views
     path('user/', user.UserSettingsView.as_view(), name='user-settings'),
     path('user/delete/', user.UserDeleteView.as_view(), name='user-delete'),

passbook/oauth_provider/templates/oauth2_provider/authorize.html

@@ -4,12 +4,12 @@
 {% load i18n %}
 
 {% block title %}
-{% title 'SSO - Authorize External Source' %}
+{% title 'Authorize Application' %}
 {% endblock %}
 
 {% block card %}
 <header class="login-pf-header">
-  <h1>{% trans 'SSO - Authorize External Source' %}</h1>
+  <h1>{% trans 'Authorize Application' %}</h1>
 </header>
 {% include 'partials/messages.html' %}
 <form method="POST">