Merge pull request #69 from mgorny/otp-ldap

Proper bind for OTP setup
author: Theo Chatzimichos <tampakrap@gmail.com> 2013-08-19 04:47:25 -0700
committer: Theo Chatzimichos <tampakrap@gmail.com> 2013-08-19 04:47:25 -0700
commit: 9bd89190202d4319fbb5045c1c353f9bdfe0ef63 (patch)
tree: 51c55f6302b468d2e12407a7ce8fadadd502a976 /okupy/accounts
parent: Merge pull request #68 from dastergon/new_attributes (diff)
parent: Bind properly for *OTP setup. (diff)
download: identity.gentoo.org-9bd89190202d4319fbb5045c1c353f9bdfe0ef63.tar.gz
identity.gentoo.org-9bd89190202d4319fbb5045c1c353f9bdfe0ef63.tar.bz2
identity.gentoo.org-9bd89190202d4319fbb5045c1c353f9bdfe0ef63.zip
1 files changed, 7 insertions, 5 deletions
diff --git a/okupy/accounts/views.py b/okupy/accounts/views.py
index c9dcb11..dcfbadf 100644
--- a/okupy/accounts/views.py
+++ b/okupy/accounts/views.py
@@ -32,7 +32,8 @@ from .forms import (LoginForm, OpenIDLoginForm, SSLCertLoginForm,
                     OTPForm, SignupForm, SiteAuthForm)
 from .models import LDAPUser, OpenID_Attributes, Queue
 from .openid_store import DjangoDBOpenIDStore
-from ..common.ldap_helpers import (set_secondary_password,
+from ..common.ldap_helpers import (get_bound_ldapuser,
+                                   set_secondary_password,
                                    remove_secondary_password)
 from ..common.crypto import cipher
 from ..common.decorators import strong_auth_required
@@ -357,10 +358,11 @@ def otp_setup(request):
     secret = None
     conf_form = None
     skeys = None
+    user = get_bound_ldapuser(request)
 
     if request.method == 'POST':
         if 'disable' in request.POST:
-            dev.disable()
+            dev.disable(user)
         elif 'confirm' in request.POST and 'otp_secret' in request.session:
             secret = request.session['otp_secret']
             conf_form = OTPForm(request.POST)
@@ -374,11 +376,11 @@ def otp_setup(request):
                 messages.error(request, 'Token verification failed.')
                 conf_form = OTPForm()
             else:
-                dev.enable(secret)
+                dev.enable(user, secret)
                 secret = None
                 conf_form = None
                 sdev = SOTPDevice.objects.get(user=request.user)
-                skeys = sdev.gen_keys()
+                skeys = sdev.gen_keys(user)
                 messages.info(request, 'The new secret has been set.')
         elif 'enable' in request.POST:
             secret = dev.gen_secret()
@@ -386,7 +388,7 @@ def otp_setup(request):
             conf_form = OTPForm()
         elif 'recovery' in request.POST:
             sdev = SOTPDevice.objects.get(user=request.user)
-            skeys = sdev.gen_keys()
+            skeys = sdev.gen_keys(user)
             messages.info(request, 'Your old recovery keys have been revoked.')
         elif 'cancel' in request.POST:
             messages.info(request, 'Secret change aborted. Previous settings are in effect.')
author	Theo Chatzimichos <tampakrap@gmail.com>	2013-08-19 04:47:25 -0700
committer	Theo Chatzimichos <tampakrap@gmail.com>	2013-08-19 04:47:25 -0700
commit	9bd89190202d4319fbb5045c1c353f9bdfe0ef63 (patch)
tree	51c55f6302b468d2e12407a7ce8fadadd502a976 /okupy/accounts
parent	Merge pull request #68 from dastergon/new_attributes (diff)
parent	Bind properly for *OTP setup. (diff)
download	identity.gentoo.org-9bd89190202d4319fbb5045c1c353f9bdfe0ef63.tar.gz identity.gentoo.org-9bd89190202d4319fbb5045c1c353f9bdfe0ef63.tar.bz2 identity.gentoo.org-9bd89190202d4319fbb5045c1c353f9bdfe0ef63.zip