2fa-0.9

app.py

@@ -54,8 +54,9 @@ def get_index():
 
 @get('/user')
 def get_index():
+    print('SESSION:',newSession().get())
     try:
-        print(newSession().get())
+        print('SESSION:',newSession().get())
         return user_tpl(data=newSession().get(), str=i18n.str)
     except Exception as e:
         return index_tpl(str=i18n.str)
@@ -152,8 +153,8 @@ def post_user():
     if not tools.pwd_validation(form('password')):
         return error(i18n.msg[21])
 
-    username = form('username')
-    password = form('password')
+    #username = form('username')
+    #password = form('password')
 
     try:
         login(form('username'), form('password'))
@@ -170,12 +171,13 @@ def post_user():
     try:
         if(check_2fa_step1(form('username'))):
             print('kk')
+            logout(form('username'))
             return index_tpl(two_factor_authentication=True, key=key, str=i18n.str)
     except Error as e:
         LOG.warning("Erabiltzailea ez da aurkitu???")
 
     return user_tpl(alerts=[('success', '%s %s' % (i18n.msg[1], form('username').capitalize()), 'fadeOut' )], data=newSession().get(), str=i18n.str)
-
+'''
 @post('/user')
 def post_user():
     form = request.forms.getunicode
@@ -196,14 +198,8 @@ def post_user():
     except Error as e:
         LOG.warning("Unsuccessful attempt to login %s: %s" % (form('username'), e))
         return error(str(e))
-    '''
-    if(not newSession().get()['secureAuth']):
-        return user_tpl(alerts=[('success', '%s %s' % (i18n.msg[1], form('username').capitalize()), 'fadeOut' )], data=newSession().get(), str=i18n.str)
-    elif(newSession().get()['secureAuth']):
-        return index_tpl(two_factor_authentication=True, str=i18n.str)
-    '''
     return user_tpl(alerts=[('success', '%s %s' % (i18n.msg[1], form('username').capitalize()), 'fadeOut' )], data=newSession().get(), str=i18n.str)
-
+'''
 @post('/user_step2/<key>')
 def post_user_step2(key):
     form = request.forms.getunicode
@@ -220,7 +216,7 @@ def post_user_step2(key):
     print("sid:",newSession().get()['id'])
     print('pwd:',password)
 
-    logout(newSession().get()['username'])
+    #logout(newSession().get()['username'])
     
     def error(msg):
         return index_tpl(alerts=[('error', msg, 'fadeOut')], str=i18n.str)
@@ -228,7 +224,7 @@ def post_user_step2(key):
     #if not tools._2fa_validation(form('code'), newSession().get()['authCode']):
     if not tools._2fa_validation(form('code'), secret):
         #logout(newSession().get()['username'])
-        logout(username)
+        #logout(username)
         return error('Kode okerra. Saio hasierak huts egin du.')
     else:
 
@@ -237,6 +233,7 @@ def post_user_step2(key):
         except Error as e:
             LOG.warning("Unsuccessful attempt to login %s: %s" % (form('username'), e))
             return error(str(e))
+
     print(newSession().get())
     return user_tpl(alerts=[('success', '%s %s' % (i18n.msg[1], newSession().get()['username']), 'fadeOut' )], data=newSession().get(), str=i18n.str)
 
@@ -554,9 +551,12 @@ def login_user_ldap(conf, username, password):
     # Note: raises LDAPUserNameIsMandatoryError when user_dn is None.
     with connect_ldap(conf, authentication=SIMPLE, user=user_dn, password=password) as c:
         c.bind()
+        print('USERDN:', user_dn)
         if is_trusted_device(conf, user_dn):
             newSession().set(get_user_data(user_dn, c))
-            newSession().get()['id']=tools.session_id()
+            #newSession().get()['id'] = tools.session_id()
+            newSession().data['id'] = tools.session_id()
+            print(newSession().data)
             #update timestamp + ip address
             update_login_info(conf, user_dn)
             LOG.debug("%s logged in to %s" % (username, conf['base']))
@@ -1197,7 +1197,7 @@ def newSession():
         def __init__(self):
             super(Session, self).__init__()
             self.data = bottle.request.environ.get('beaker.session')
-            self.id = None
+            #self.id = None
             #self.lang = self.get_lang()
             #localization
             self.lang = self.get_lang()
@@ -1212,6 +1212,7 @@ def newSession():
                 return CONF['locale']['lang']
 
         def get(self):
+            print(self.data)
             if 'username' in self.data:
                 return(self.data)
             else: