Token delete formdata fix method

.gitignore

@@ -50,7 +50,6 @@ coverage.xml
 .pytest_cache/
 
 # Translations
-*.mo
 *.pot
 
 # Django stuff:

MANIFEST.in

@@ -1,2 +1,3 @@
 recursive-include mfa/templates *
-recursive-include mfa/static *
+recursive-include mfa/static *
+recursive-include mfa/locale *

mfa/FIDO2.py

@@ -16,7 +16,7 @@
 import datetime
 from .Common import get_redirect_url
 from django.utils import timezone
-
+from django.http import JsonResponse
 
 def recheck(request):
     """Starts FIDO2 recheck"""
@@ -49,13 +49,15 @@ def begin_registeration(request):
 def complete_reg(request):
     """Completes the registeration, called by API"""
     try:
+        if not "fido_state" in request.session:
+            return JsonResponse({'status': 'ERR', "message": "FIDO Status can't be found, please try again"})
         data = cbor.decode(request.body)
 
         client_data = CollectedClientData(data['clientDataJSON'])
         att_obj = AttestationObject((data['attestationObject']))
         server = getServer()
         auth_data = server.register_complete(
-            request.session['fido_state'],
+            request.session.pop['fido_state'],
             client_data,
             att_obj
         )
@@ -75,7 +77,7 @@ def complete_reg(request):
             client.captureException()
         except:
             pass
-        return HttpResponse(simplejson.dumps({'status': 'ERR', "message": "Error on server, please try again later"}))
+        return JsonResponse({'status': 'ERR', "message": "Error on server, please try again later"})
 
 
 def start(request):

mfa/TrustedDevice.py

@@ -2,11 +2,12 @@
 import random
 from django.shortcuts import render
 from django.http import HttpResponse
-from django.template.context import RequestContext
+from django.utils.translation import gettext
 from django.template.context_processors import csrf
 from .models import *
 import user_agents
 from django.utils import timezone
+from django.utils.translation import gettext
 
 def id_generator(size=6, chars=string.ascii_uppercase + string.digits):
     x=''.join(random.choice(chars) for _ in range(size))
@@ -28,7 +29,7 @@ def trust_device(request):
     tk.properties["status"]="trusted"
     tk.save()
     del request.session["td_id"]
-    return HttpResponse("OK")
+    return HttpResponse(gettext("OK"))
 
 def checkTrusted(request):
     res = ""
@@ -70,7 +71,7 @@ def add(request):
             ua=request.META['HTTP_USER_AGENT']
             agent=user_agents.parse(ua)
             if agent.is_pc:
-                context["invalid"]="This is a PC, it can't used as a trusted device."
+                context["invalid"]=gettext("This is a PC, it can't used as a trusted device.")
             else:
                 tk.properties["user_agent"]=ua
                 tk.save()
@@ -80,7 +81,7 @@ def add(request):
             # context["success"]=True
 
         else:
-            context["invalid"]="The username or key is wrong, please check and try again."
+            context["invalid"]=gettext("The username or key is wrong, please check and try again.")
 
         return  render(request,"TrustedDevices/Add.html", context)
 
@@ -110,11 +111,11 @@ def send_email(request):
     if e=="":
         e=request.session.get("user",{}).get("email","")
     if e=="":
-        res = "User has no email on the system."
-    elif send([e],"Add Trusted Device Link",body):
-        res="Sent Successfully"
+        res = gettext("User has no email on the system.")
+    elif send([e],gettext("Add Trusted Device Link"),body):
+        res=gettext("Sent Successfully")
     else:
-        res="Error occured, please try again later."
+        res=gettext("Error occured, please try again later.")
     return HttpResponse(res)
 
 

mfa/U2F.py

@@ -10,11 +10,12 @@
 from django.template.context_processors import csrf
 from django.conf import settings
 from django.http import HttpResponse
+from django.utils.translation import gettext
 from .models import *
 from .views import login
 from .Common import get_redirect_url
-import datetime
 from django.utils import timezone
+from django.utils.translation import gettext
 
 def recheck(request):
     context = csrf(request)
@@ -37,7 +38,7 @@ def check_errors(request, data):
     if "errorCode" in data:
         if data["errorCode"] == 0: return True
         if data["errorCode"] == 4:
-            return HttpResponse("Invalid Security Key")
+            return HttpResponse(gettext("Invalid Security Key"))
         if data["errorCode"] == 1:
             return auth(request)
     return True
@@ -90,7 +91,7 @@ def bind(request):
     cert_hash=hashlib.md5(cert.public_bytes(Encoding.PEM)).hexdigest()
     q=User_Keys.objects.filter(key_type="U2F", properties__icontains= cert_hash)
     if q.exists():
-        return HttpResponse("This key is registered before, it can't be registered again.")
+        return HttpResponse(gettext("This key is registered before, it can't be registered again."))
     User_Keys.objects.filter(username=request.user.username,key_type="U2F").delete()
     uk = User_Keys()
     uk.username = request.user.username

mfa/__init__.py

@@ -1 +1 @@
-__version__="2.2.0"
+__version__="2.4.1"

mfa/helpers.py

@@ -1,9 +1,8 @@
-import pyotp
 from .models import *
 from . import TrustedDevice, U2F, FIDO2, totp
 import simplejson
 from django.shortcuts import HttpResponse
-from mfa.views import verify,goto
+from mfa.views import verify
 def has_mfa(request,username):
     if User_Keys.objects.filter(username=username,enabled=1).count()>0:
         return verify(request, username)