core,oauth_provider: cleanup templates, add MFA error view

2018-12-14 15:18:02 +01:00 · 2018-12-14 15:18:02 +01:00 · e81f525cea
parent 6314ffab46
commit e81f525cea
6 changed files with 24 additions and 4 deletions
--- a/passbook/core/auth/mfa.py
+++ b/passbook/core/auth/mfa.py
@ -8,6 +8,7 @@ from django.shortcuts import get_object_or_404, redirect, reverse
 from django.views.generic import View

 from passbook.core.models import User
+from passbook.core.views.utils import PermissionDeniedView
 from passbook.lib.utils.reflection import class_to_path, path_to_class

 LOGGER = getLogger(__name__)
@ -81,7 +82,7 @@ class MultiFactorAuthenticator(View):
    def user_invalid(self):
        """Show error message, user could not be authenticated"""
        LOGGER.debug("User invalid")
-        # TODO: Redirect to error view
+        return redirect(reverse('passbook_core:mfa-denied'))

    def _user_passed(self):
        """User Successfully passed all factors"""
@ -90,3 +91,6 @@ class MultiFactorAuthenticator(View):
        login(self.request, self.pending_user, backend=backend)
        LOGGER.debug("Logged in user %s", self.pending_user)
        return redirect(reverse('passbook_core:overview'))
+
+class MFAPermissionDeniedView(PermissionDeniedView):
+    """User could not be authenticated"""
--- a/passbook/core/forms/rules.py
+++ b/passbook/core/forms/rules.py
@ -1,6 +1,7 @@
 """passbook rule forms"""

 from django import forms
+from django.utils.translation import gettext as _

 from passbook.core.models import DebugRule, FieldMatcherRule, WebhookRule

@ -46,3 +47,6 @@ class DebugRuleForm(forms.ModelForm):
        widgets = {
            'name': forms.TextInput(),
        }
+        labels = {
+            'result': _('Allow user')
+        }
--- a/passbook/core/templates/login/base.html
+++ b/passbook/core/templates/login/base.html
@ -8,6 +8,8 @@
  .login-pf-page .login-pf-page-footer-links {
    padding: 15px;
    background-color: #fff;
+    border-top: 2px solid transparent;
+    box-shadow: 0 1px 1px rgba(3,3,3,.175);
  }

  .login-pf-page .login-pf-page-footer-link {
--- a/passbook/core/templates/overview/index.html
+++ b/passbook/core/templates/overview/index.html
@ -2,6 +2,15 @@

 {% load i18n %}

+{% block head %}
+{{ block.super }}
+<style>
+  img.app-icon {
+    max-height: 72px;
+  }
+</style>
+{% endblock %}
+
 {% block content %}
 <div class="container">
  <div class="row row-cards-pf">
@ -19,7 +28,7 @@
                {% if not app.icon_url %}
                <span class="pficon pficon-arrow"></span>
                {% else %}
-                <img src="{{ app.icon_url }}" alt="{% trans 'Application Icon' %}">
+                <img class="app-icon" src="{{ app.icon_url }}" alt="{% trans 'Application Icon' %}">
                {% endif %}
              </a>
            </span>
--- a/passbook/core/urls.py
+++ b/passbook/core/urls.py
@ -20,6 +20,7 @@ core_urls = [
    path('auth/logout/', authentication.LogoutView.as_view(), name='auth-logout'),
    path('auth/sign_up/', authentication.SignUpView.as_view(), name='auth-sign-up'),
    path('auth/mfa/', mfa.MultiFactorAuthenticator.as_view(), name='mfa'),
+    path('auth/mfa/denied/', mfa.MFAPermissionDeniedView.as_view(), 'mfa-denied'),
    # User views
    path('user/', user.UserSettingsView.as_view(), name='user-settings'),
    path('user/delete/', user.UserDeleteView.as_view(), name='user-delete'),
--- a/passbook/oauth_provider/templates/oauth2_provider/authorize.html
+++ b/passbook/oauth_provider/templates/oauth2_provider/authorize.html
@ -4,12 +4,12 @@
 {% load i18n %}

 {% block title %}
-{% title 'SSO - Authorize External Source' %}
+{% title 'Authorize Application' %}
 {% endblock %}

 {% block card %}
 <header class="login-pf-header">
-  <h1>{% trans 'SSO - Authorize External Source' %}</h1>
+  <h1>{% trans 'Authorize Application' %}</h1>
 </header>
 {% include 'partials/messages.html' %}
 <form method="POST">