Fixed Redirections, Removed the need for FIDO2_LOGIN_URL

mkalioby · Jan 25, 2019 · 8fe3d4e · 8fe3d4e
1 parent 263a5e2
commit 8fe3d4e
Show file tree

Hide file tree

Showing 3 changed files with 5 additions and 3 deletions.
diff --git a/README.md b/README.md
@@ -60,6 +60,8 @@ Depends on
    * Trusted_Devices
    * Email
 
+   **Note**: Starting version 1.1, ~~FIDO_LOGIN_URL~~ isn't required for FIDO2 anymore.
+
 1. Break your login function
 
    Usually your login function will check for username and password, log the user in if the username and password are correct and create the user session, to support mfa, this has to change

diff --git a/mfa/FIDO2.py b/mfa/FIDO2.py
@@ -112,6 +112,6 @@ def authenticate_complete(request):
                 mfa["next_check"] = int((datetime.datetime.now()+ datetime.timedelta(
                 seconds=random.randint(settings.MFA_RECHECK_MIN, settings.MFA_RECHECK_MAX))).strftime("%s"))
             request.session["mfa"] = mfa
-            login(request)
-            return HttpResponse(simplejson.dumps({'status':"OK","redirect":settings.FIDO_LOGIN_URL}),content_type="application/json")
+            res=login(request)
+            return HttpResponse(simplejson.dumps({'status':"OK","redirect":res["location"]}),content_type="application/json")
     return HttpResponse(simplejson.dumps({'status': "err"}),content_type="application/json")
diff --git a/setup.py b/setup.py
@@ -4,7 +4,7 @@
 
 setup(
     name='django-mfa2',
-    version='1.0.4',
+    version='1.1',
     description='Allows user to add 2FA to their accounts',
     long_description=open("README.md").read(),
     long_description_content_type="text/markdown",