Skip to content

MFA #405

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
dantownsend merged 18 commits into from
Sep 9, 2024
Merged

MFA #405

Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
18 commits
Select commit Hold shift + click to select a range
a2abf17
add basic view for MFA setup
dantownsend Aug 7, 2024
81dd329
add link in dropdown
dantownsend Aug 7, 2024
64d3c27
Merge branch 'master' into mfa
dantownsend Aug 7, 2024
9c5c521
integrate MFA from `piccolo_api`
dantownsend Aug 16, 2024
6672ef9
fix issue with `npm run build`
dantownsend Aug 18, 2024
5299d87
fix rate limit for MFA setup endpoint
dantownsend Aug 20, 2024
de7eed9
fix variable name
dantownsend Aug 20, 2024
61ba38f
fix `MFA Setup` link in nav bar dropdown
dantownsend Aug 22, 2024
1d3fc75
show MFA Code input
dantownsend Aug 22, 2024
ca29a59
show banner telling user that MFA code is required
dantownsend Aug 22, 2024
c8b59fb
use the correct param name for the MFA code
dantownsend Aug 22, 2024
674f9f5
update for latest piccolo api changes
dantownsend Aug 30, 2024
2988cc8
change param to `mfa_code`
dantownsend Sep 8, 2024
0b8388a
bump `piccolo_admin` version
dantownsend Sep 9, 2024
5195a38
use `XChaCha20Provider` in example, and bump `piccolo_api` version
dantownsend Sep 9, 2024
4cc6df6
add placeholder translations for now
dantownsend Sep 9, 2024
2e02a14
fix tests
dantownsend Sep 9, 2024
c3b1a28
add very basic docs
dantownsend Sep 9, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
fix rate limit for MFA setup endpoint
  • Loading branch information
@dantownsend
dantownsend committed Aug 20, 2024
commit 5299d87c82ace2e468eef9811d79fd9665064118
32 changes: 19 additions & 13 deletions piccolo_admin/endpoints.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -433,7 +433,7 @@ def __init__(
allowed_hosts: t.Sequence[str] = [],
debug: bool = False,
sidebar_links: t.Dict[str, str] = {},
mfa_provider: t.Optional[MFAProvider] = None,
mfa_providers: t.Optional[t.Sequence[MFAProvider]] = None,
) -> None:
super().__init__(
title=site_name,
Expand Down Expand Up @@ -690,17 +690,23 @@ def __init__(
#######################################################################
# MFA

if mfa_provider:
private_app.mount(
path="/mfa-setup/",
app=RateLimitingMiddleware(
app=mfa_setup(
provider=mfa_provider,
auth_table=self.auth_table,
if mfa_providers:
if len(mfa_providers) > 1:
raise ValueError(
"Only a single mfa_provider is currently supported."
)

for mfa_provider in mfa_providers:
private_app.mount(
path="/mfa-setup/",
app=RateLimitingMiddleware(
app=mfa_setup(
provider=mfa_provider,
auth_table=self.auth_table,
),
provider=InMemoryLimitProvider(limit=5, timespan=300),
),
provider=rate_limit_provider,
),
)
)

#######################################################################

Expand Down Expand Up @@ -1106,7 +1112,7 @@ def create_admin(
allowed_hosts: t.Sequence[str] = [],
debug: bool = False,
sidebar_links: t.Dict[str, str] = {},
mfa_provider: t.Optional[MFAProvider] = None,
mfa_providers: t.Optional[t.Sequence[MFAProvider]] = None,
):
"""
:param tables:
Expand Down Expand Up @@ -1273,5 +1279,5 @@ def create_admin(
allowed_hosts=allowed_hosts,
debug=debug,
sidebar_links=sidebar_links,
mfa_provider=mfa_provider,
mfa_providers=mfa_providers,
)
10 changes: 6 additions & 4 deletions piccolo_admin/example.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -616,10 +616,12 @@ def booking_endpoint(request: Request, data: BookingModel) -> str:
"Top Movies": "/#/movie?__order=-box_office",
"Google": "https://google.com",
},
mfa_provider=AuthenticatorProvider(
db_encryption_key="wqsOqyTTEsrWppZeIMS8a3l90yPUtrqT48z7FS6_U8g=",
secret_table=AuthenticatorSecret,
),
mfa_providers=[
AuthenticatorProvider(
db_encryption_key="wqsOqyTTEsrWppZeIMS8a3l90yPUtrqT48z7FS6_U8g=",
secret_table=AuthenticatorSecret,
),
],
)


Expand Down