From 97c6d747890931ff8072ec86f9b0c286017aeb77 Mon Sep 17 00:00:00 2001 From: ckosiegbu Date: Sun, 23 Jul 2017 02:16:12 +0100 Subject: [PATCH] Updates to System Settings and login.js to allow for specification of the name of the token issuer. --- frappe/auth.py | 11 +++--- .../system_settings/system_settings.json | 34 ++++++++++++++++++- .../system_settings/test_system_settings.js | 23 +++++++++++++ frappe/templates/includes/login/login.js | 3 +- 4 files changed, 65 insertions(+), 6 deletions(-) create mode 100644 frappe/core/doctype/system_settings/test_system_settings.js diff --git a/frappe/auth.py b/frappe/auth.py index cee4752edd..f6823d7b2d 100644 --- a/frappe/auth.py +++ b/frappe/auth.py @@ -138,6 +138,7 @@ class LoginManager: return bool(two_factor_user_role) def get_verification_obj(self): + otp_issuer = frappe.db.get_value('System Settings', 'System Settings', 'otp_issuer_name') if self.verification_method == 'SMS': user_phone = frappe.db.get_value('User', self.user, ['phone','mobile_no'], as_dict=1) usr_phone = user_phone.mobile_no or user_phone.phone @@ -146,7 +147,7 @@ class LoginManager: 'prompt': status and 'Enter verification code sent to {}'.format(usr_phone[:4] + '******' + usr_phone[-3:]), 'method': 'SMS'} elif self.verification_method == 'OTP App': - totp_uri = pyotp.TOTP(self.otp_secret).provisioning_uri(self.user, issuer_name="Estate Manager") + totp_uri = pyotp.TOTP(self.otp_secret).provisioning_uri(self.user, issuer_name=otp_issuer) if frappe.db.get_default(self.user + '_otplogin'): otp_setup_completed = True @@ -399,6 +400,7 @@ class LoginManager: clear_cookies() def send_token_via_sms(self, otpsecret, token=None, phone_no=None): + otp_issuer = frappe.db.get_value('System Settings', 'System Settings', 'otp_issuer_name') try: from frappe.core.doctype.sms_settings.sms_settings import send_request except: @@ -412,7 +414,7 @@ class LoginManager: return False hotp = pyotp.HOTP(otpsecret) - args = {ss.message_parameter: 'Your verification code is {}'.format(hotp.at(int(token)))} + args = {ss.message_parameter: 'Your verification code is {}'.format(hotp.at(int(token))), ss.sms_sender_name: otp_issuer} for d in ss.get("parameters"): args[d.parameter] = d.value @@ -423,13 +425,14 @@ class LoginManager: return True def send_token_via_email(self, token, otpsecret): + otp_issuer = frappe.db.get_value('System Settings', 'System Settings', 'otp_issuer_name') user_email = frappe.db.get_value('User', self.user, 'email') if not user_email: return False hotp = pyotp.HOTP(otpsecret) email_args = { - 'recipients':user_email, 'sender':None, 'subject':'Verification Code', - 'message':'

Your verification code is {}

'.format(hotp.at(int(token))), + 'recipients':user_email, 'sender':None, 'subject':'Verification Code from {}'.format(otp_issuer or "Frappe Framework"), + 'message':'

Your verification code is {}.

'.format(hotp.at(int(token))), 'delayed':False, 'retry':3 } enqueue(method=frappe.sendmail, queue='short', timeout=300, event=None, async=True, job_name=None, now=False, **email_args) diff --git a/frappe/core/doctype/system_settings/system_settings.json b/frappe/core/doctype/system_settings/system_settings.json index 7f2ab54e0c..c7c9d2174d 100644 --- a/frappe/core/doctype/system_settings/system_settings.json +++ b/frappe/core/doctype/system_settings/system_settings.json @@ -744,6 +744,38 @@ "set_only_once": 0, "unique": 0 }, + { + "allow_bulk_edit": 0, + "allow_on_submit": 0, + "bold": 0, + "collapsible": 0, + "columns": 0, + "default": "Frappe Framework", + "fieldname": "otp_issuer_name", + "fieldtype": "Data", + "hidden": 0, + "ignore_user_permissions": 0, + "ignore_xss_filter": 0, + "in_filter": 0, + "in_global_search": 0, + "in_list_view": 0, + "in_standard_filter": 0, + "label": "OTP Issuer Name", + "length": 0, + "no_copy": 0, + "options": "", + "permlevel": 0, + "precision": "", + "print_hide": 0, + "print_hide_if_no_value": 0, + "read_only": 0, + "remember_last_selected_value": 0, + "report_hide": 0, + "reqd": 0, + "search_index": 0, + "set_only_once": 0, + "unique": 0 + }, { "allow_bulk_edit": 0, "allow_on_submit": 0, @@ -1062,7 +1094,7 @@ "issingle": 1, "istable": 0, "max_attachments": 0, - "modified": "2017-07-07 17:21:50.082744", + "modified": "2017-07-23 01:35:39.150010", "modified_by": "Administrator", "module": "Core", "name": "System Settings", diff --git a/frappe/core/doctype/system_settings/test_system_settings.js b/frappe/core/doctype/system_settings/test_system_settings.js new file mode 100644 index 0000000000..53edaba99d --- /dev/null +++ b/frappe/core/doctype/system_settings/test_system_settings.js @@ -0,0 +1,23 @@ +/* eslint-disable */ +// rename this file from _test_[name] to test_[name] to activate +// and remove above this line + +QUnit.test("test: System Settings", function (assert) { + let done = assert.async(); + + // number of asserts + assert.expect(1); + + frappe.run_serially('System Settings', [ + // insert a new System Settings + () => frappe.tests.make([ + // values to be set + {key: 'value'} + ]), + () => { + assert.equal(cur_frm.doc.key, 'value'); + }, + () => done() + ]); + +}); diff --git a/frappe/templates/includes/login/login.js b/frappe/templates/includes/login/login.js index 91477069ba..dfa7fde5c8 100644 --- a/frappe/templates/includes/login/login.js +++ b/frappe/templates/includes/login/login.js @@ -269,7 +269,8 @@ var continue_otp_app = function(setup, qrcode){ var qrcode_div = $('
').attr({'id':'qrcode_div','style':'text-align:center;padding-bottom:15px;'}); if (!setup){ - direction = $('
').attr('id','qr_info').text('Scan QR Code and enter the resulting code displayed' ), + direction = $('
').attr('id','qr_info').text('Scan QR Code and enter the resulting code displayed. \ + You can use apps such as Google Authenticator, Lastpass Authenticator, Authy, Duo Mobile and others.'), qrimg = $('').attr({ 'src':'data:image/svg+xml;base64,' + qrcode, 'style':'width:250px;height:250px;'});