added support for remove cmd and also sending suk in all responses

miki725 · May 11, 2015 · a0b8600 · a0b8600
1 parent 064bd9d
commit a0b8600
Show file tree

Hide file tree

Showing 2 changed files with 29 additions and 4 deletions.
diff --git a/sqrl/forms.py b/sqrl/forms.py
@@ -194,6 +194,17 @@ def _clean_client_cmd_enable(self, client):
  'Must supply urs (unlock request signature) to enable SQRL access.'
  )
 
+ def _clean_client_cmd_remove(self, client):
+ if not self.identity:
+ raise forms.ValidationError(
+ 'Must have identity associated in order to remove SQRL.'
+ )
+
+ if not self.cleaned_data.get('urs'):
+ raise forms.ValidationError(
+ 'Must supply urs (unlock request signature) to enable SQRL access.'
+ )
+
  def _clean_session(self):
  user_model = get_user_model()
 

diff --git a/sqrl/views.py b/sqrl/views.py
@@ -102,6 +102,7 @@ class SQRLAuthView(View):
 
  def dispatch(self, request, *args, **kwargs):
  self.tif = TIF(0)
+ self.identity = None
  try:
  return super(SQRLAuthView, self).dispatch(request, *args, **kwargs)
  except TIFException as e:
@@ -126,6 +127,9 @@ def get_server_data(self, data=None):
  self.request.get_host().split(':')[0])[:64]),
  ))
 
+ if self.identity:
+ _data['suk'] = self.identity.server_unlock_key
+
  if data is not None:
  _data.update(data)
 
@@ -157,7 +161,10 @@ def is_sqrl_disabled(self):
  self.is_disabled = True
 
  def get_nut_or_error(self):
- self.nut = SQRLNut.objects.filter(nonce=self.nut_value).first()
+ self.nut = (SQRLNut.objects
+ .filter(nonce=self.nut_value,
+ is_transaction_complete=False)
+ .first())
 
  if not self.nut:
  log.debug('Nut not found')
@@ -268,20 +275,27 @@ def disable(self):
  self.create_or_update_identity()
  self.identity.is_enabled = False
 
+ self.nut.is_transaction_complete = True
+
  def enable(self):
  self.create_or_update_identity()
  self.identity.is_enabled = True
 
+ self.nut.is_transaction_complete = True
+
+ def remove(self):
+ self.identity.delete()
+ self.identity = None
+
+ self.nut.is_transaction_complete = True
+
  def finalize(self):
  if self.identity and self.identity.user_id:
  self.identity.save()
  if self.session:
  self.session.save()
 
  def create_or_update_identity(self):
- if hasattr(self, '_identity_updated'):
- return self.identity
-
  if not self.identity:
  self.identity = SQRLIdentity()