Skip to content

Some bugs in FIDO2 #13

Open
Open
@d3cline

Description

@d3cline

Line 72 template FIDO/recheck.html

      }).then(function (response) {if (response.ok) return res = response.json()}).then(function (res) {
          if (res.status=="OK")
          {

'res is undefined'

My fix is to remove the extra 'then' and just not dump it as json,

      }).then(function (response) {
          if (response.statusText=="OK")

Later in the same template 'res is used again for the redirect,

          {%  if mode == "auth" %}
          window.location.href=res.redirect;
          {% elif mode == "recheck" %}

I never actually saw one in the object when I console logged it, and was able to hard code it for my use case, but this should also be checked.

I am happy to fix the above but it should be reviewed for context/intent and see if I am missing something.

Line 139 of FIDO2.py is a bool not a callable

138                     request.session["mfa"] = mfa
139                     if not request.user.is_authenticated():
140                         res=login(request)

should be

138                     request.session["mfa"] = mfa
139                     if not request.user.is_authenticated:
140                         res=login(request)

Please review and if these fixes are OK I can do a PR for them. I feel like I am forgetting one more...

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions