rhodecode-enterprise-ce Commit - r5374:ced3d33b

chore(2fa): refactor some attributes for users

super-admin -

r5374:ced3d33b default

parent child

rhodecode/apps/_base/__init__.py

0 +1 -1

                     if not user_obj:
                         return
-                    if user_obj.has_check_2fa_flag and view_name != self.VERIFY_2FA_VIEW:
+                    if user_obj.check_2fa_required and view_name != self.VERIFY_2FA_VIEW:
                         raise HTTPFound(self.request.route_path(self.VERIFY_2FA_VIEW))
                 def _log_creation_exception(self, e, repo_name):

rhodecode/apps/login/views.py

0 +4 -4

                         # form checks for username/password, now we're authenticated
                         username = form_result['username']
                         if (user := User.get_by_username_or_primary_email(username)).has_enabled_2fa:
-                            user.has_check_2fa_flag = True
+                            user.check_2fa_required = True
                         headers = store_user_in_session(
                             self.session,
                             secret = form_details['secret_totp']
                             user_instance.init_2fa_recovery_codes(persist=True, force=True)
-                            user_instance.set_2fa_secret(secret)
+                            user_instance.2fa_secret = secret
                             Session().commit()
                             raise HTTPFound(self.request.route_path('my_account_configure_2fa', _query={'show-recovery-codes': 1}))
                     if self.request.method == 'POST':
                         post_items = dict(self.request.POST)
                         # NOTE: inject secret, as it's a post configured saved item.
-                        post_items['secret_totp'] = user_instance.get_secret_2fa()
+                        post_items['secret_totp'] = user_instance.secret_2fa
                         try:
                             totp_form.to_python(post_items)
-                            user_instance.has_check_2fa_flag = False
+                            user_instance.check_2fa_required = False
                             Session().commit()
                             raise HTTPFound(c.came_from)
                         except formencode.Invalid as errors:

rhodecode/apps/my_account/views/my_account.py

0 +1 -1

                     post_items = dict(self.request.POST)
                     # NOTE: inject secret, as it's a post configured saved item.
-                    post_items['secret_totp'] = user_instance.get_secret_2fa()
+                    post_items['secret_totp'] = user_instance.secret_2fa
                     try:
                         totp_form.to_python(post_items)
                         user_instance.regenerate_2fa_recovery_codes()

rhodecode/model/db.py

0 +10 -5

                     Session().commit()
                 @hybrid_property
-                def has_check_2fa_flag(self):
+                def check_2fa_required(self):
                     """
                     Check if check 2fa flag is set for this user
                     """
                     value = self.user_data.get('check_2fa', False)
                     return value
-                @has_check_2fa_flag.setter
+                @check_2fa_required.setter
-                def has_check_2fa_flag(self, val):
+                def check_2fa_required(self, val):
                     val = str2bool(val)
                     self.update_userdata(check_2fa=val)
                     Session().commit()
                         return secret
                     return ''
-                def get_secret_2fa(self) -> str:
+                @hybrid_property
+                def secret_2fa(self) -> str:
+                    """
+                    get stored secret for 2fa
+                    """
                     secret_2fa = self.user_data.get('secret_2fa')
                     if secret_2fa:
                         strict_mode = ConfigGet().get_bool('rhodecode.encrypted_values.strict', missing=True)
                             enc_utils.decrypt_value(secret_2fa, enc_key=ENCRYPTION_KEY, strict_mode=strict_mode))
                     return ''
-                def set_2fa_secret(self, value):
+                @secret_2fa.setter
+                def secret_2fa(self, value: str) -> None:
                     encrypted_value = enc_utils.encrypt_value(safe_bytes(value), enc_key=ENCRYPTION_KEY)
                     self.update_userdata(secret_2fa=safe_str(encrypted_value))

General Comments 0

Write
Preview

You need to be logged in to leave comments. Login now

No TODOs yet

	Site-wide shortcuts
/	Use quick search box
g h	Goto home page
g g	Goto my private gists page
g G	Goto my public gists page
g 0-9	Goto bookmarked items from 0-9
n r	New repository page
n g	New gist page

	Repositories
g s	Goto summary page
g c	Goto changelog page
g f	Goto files page
g F	Goto files page with file search activated
g p	Goto pull requests page
g o	Goto repository settings
g O	Goto repository access permissions settings
t s	Toggle sidebar on some pages