codeforlife-portal 7.4.8__py2.py3-none-any.whl → 8.0.0__py2.py3-none-any.whl

portal/templates/two_factor/core/login.html

@@ -1,63 +1,70 @@
 {# Overriden the original "two_factor" template to remove extending base template and slightly adjust style #}
 
-{% load i18n two_factor %}
-
-  <section class="row mx-0">
-      <span class="oval-blue login-shape-left"></span>
-      <span class="polygon-yellow login-shape-right"></span>
-      <div class="form--login is-flex form--register--teacher">
-          <div class="form col-xs-12 col-sm-8 col-md-8 col-lg-9 center-block">
-  <h4>{% block title %}{% trans "Login as a teacher " %}{% endblock %}</h4>
-
-  {% if wizard.steps.current == 'auth' %}
-    <p>{% blocktrans %}Enter your credentials.{% endblocktrans %}</p>
-  {% elif wizard.steps.current == 'token' %}
-    {% if device.method == 'call' %}
-      <p>{% blocktrans trimmed %}We are calling your phone right now, please enter the
-        digits you hear.{% endblocktrans %}</p>
-    {% elif device.method == 'sms' %}
-      <p>{% blocktrans trimmed %}We sent you a text message, please enter the tokens we
-        sent.{% endblocktrans %}</p>
-    {% else %}
-      <p class="text-left">{% blocktrans trimmed %}Please enter the token generated by your token
-        generator.{% endblocktrans %}</p>
-    {% endif %}
-  {% elif wizard.steps.current == 'backup' %}
-    <p class="text-left">{% blocktrans trimmed %}Use this form for entering backup tokens for logging in.
-      These tokens have been generated for you to print and keep safe. Please
-      enter one of these backup tokens to login to your account.{% endblocktrans %}</p>
+{% load i18n %}
+{% load two_factor_tags %}
+
+{% block extra_media %}
+{{ form.media }}
+{% endblock %}
+
+{% block content %}
+
+<section class="row mx-0">
+  <span class="oval-blue login-shape-left"></span>
+  <span class="polygon-yellow login-shape-right"></span>
+  <div class="form--login is-flex form--register--teacher">
+    <div class="form col-xs-12 col-sm-8 col-md-8 col-lg-9 center-block">
+      <h4>{% block title %}{% trans "Welcome" %}{% endblock %}</h4>
+
+{% if wizard.steps.current == 'auth' %}
+<p>{% blocktrans %}Enter your credentials.{% endblocktrans %}</p>
+{% elif wizard.steps.current == 'token' %}
+<p>{{ device|as_verbose_action }}</p>
+{% elif wizard.steps.current == 'backup' %}
+<p>{% blocktrans trimmed %}Use this form for entering backup tokens for logging in.
+  These tokens have been generated for you to print and keep safe. Please
+  enter one of these backup tokens to log into your account.{% endblocktrans %}</p>
+{% endif %}
+
+<form action="" method="post">
+  {% block main_form_content %}
+  {% csrf_token %}
+  {% include "two_factor/_wizard_forms.html" %}
+
+  {# hidden submit button to enable [enter] key #}
+  <input type="submit" value="" hidden />
+
+  {% if other_devices %}
+  <p>{% trans "Or, alternatively, use one of your other authentication methods:" %}</p>
+  <p>
+    {% for other in other_devices %}
+    <button name="challenge_device" value="{{ other.persistent_id }}"
+            class="btn btn-secondary btn-block" type="submit">
+      {{ other|as_action }}
+    </button>
+    {% endfor %}</p>
   {% endif %}
 
-  <form action="" method="post" class="d-flex flex-column">{% csrf_token %}
-    {% if wizard.steps.current == 'backup' %}
-      {% include "two_factor/_wizard_forms_token.html" %}
-    {% else %}
-      {% include "two_factor/_wizard_forms.html" %}
-    {% endif %}
-
-    {# hidden submit button to enable [enter] key #}
-    <input placeholder="" type="submit" value="" class="hidden" />
-    {% if other_devices %}
-      <p>{% trans "Or, alternatively, use one of your backup phones:" %}</p>
-      <p>
-        {% for other in other_devices %}
-        <button name="challenge_device" value="{{ other.persistent_id }}"
-                class="btn btn-secondary" type="submit">
-          {{ other|device_action }}
-        </button>
-      {% endfor %}</p>
-    {% endif %}
-    {% if backup_tokens %}
-      <p>
-        <div class="d-flex flex-column justify-content-start align-items-start">
-
-          <button name="wizard_goto_step" type="submit" value="backup"
-          class="button button--primary">{% trans "Use a backup token" %}</button>
-        </div>
-        </p>
-        {% endif %}
-              {% include "two_factor/_wizard_actions_submit.html" %}
-            </form>
-          </div>
-        </div>
-      </section>
+  {% include "two_factor/_wizard_actions.html" %}
+  {% endblock %}
+</form>
+
+{% block 'backup_tokens' %}
+{% if backup_tokens %}
+<hr>
+<div class="backup_tokens_form">
+  <form action="" method="post">
+    {% csrf_token %}
+    <p>{% trans "As a last resort, you can use a backup token:" %}</p>
+    <p>
+      <button name="wizard_goto_step" type="submit" value="backup"
+              class="button button--primary">{% trans "Use Backup Token" %}</button>
+    </p>
+  </form>
+</div>
+    </div>
+  </div>
+</section>
+{% endif %}
+{% endblock %}
+{% endblock %}

portal/templates/two_factor/core/setup.html

@@ -3,55 +3,64 @@
 {% extends "two_factor/_base_focus.html" %}
 {% load i18n %}
 
+{% block extra_media %}
+{{ form.media }}
+{% endblock %}
+
 {% block content %}
-    <h4 class="text-center">{% block title %}{% trans "Two-factor authentication" %}{% endblock %}</h4>
-    {% if wizard.steps.current == 'welcome' %}
-        <p>{% blocktrans trimmed %}You are about to take your account security to the
-            next level. Follow the steps in this wizard to enable two-factor
-            authentication.{% endblocktrans %}</p>
-    {% elif wizard.steps.current == 'method' %}
-        <p>{% blocktrans trimmed %}Please select which authentication method you would
-            like to use.{% endblocktrans %}</p>
-    {% elif wizard.steps.current == 'generator' %}
-        <p>{% blocktrans trimmed %}Two-factor authentication is not currently set up on your account.
-            Enable two-factor authentication (2FA) for enhanced account security
-        {% endblocktrans %}</p>
-        <p>{% blocktrans trimmed %}To start using a token generator, please use your
-            smartphone to scan the QR code below. For example, use Google
-            Authenticator.
-        {% endblocktrans %}</p>
-        <p><img src="{% url 'two_factor:qr' %}" alt="QR Code" /></p>
-    {% elif wizard.steps.current == 'sms' %}
-        <p>{% blocktrans trimmed %}Please enter the phone number you wish to receive the
-            text messages on. This number will be validated in the next step.
-        {% endblocktrans %}</p>
-    {% elif wizard.steps.current == 'call' %}
-        <p>{% blocktrans trimmed %}Please enter the phone number you wish to be called on.
-            This number will be validated in the next step. {% endblocktrans %}</p>
-    {% elif wizard.steps.current == 'validation' %}
-        {% if challenge_succeeded %}
-            {% if device.method == 'call' %}
-                <p>{% blocktrans trimmed %}We are calling your phone right now, please enter the
-                    digits you hear.{% endblocktrans %}</p>
-            {% elif device.method == 'sms' %}
-                <p>{% blocktrans trimmed %}We sent you a text message, please enter the tokens we
-                    sent.{% endblocktrans %}</p>
-            {% endif %}
-        {% else %}
-            <p class="alert alert-warning" role="alert">{% blocktrans trimmed %}We've
-                encountered an issue with the selected authentication method. Please
-                go back and verify that you entered your information correctly, try
-                again, or use a different authentication method instead. If the issue
-                persists, contact the site administrator.{% endblocktrans %}</p>
-        {% endif %}
-    {% elif wizard.steps.current == 'yubikey' %}
-        <p>{% blocktrans trimmed %}To identify and verify your YubiKey, please insert a
-            token in the field below. Your YubiKey will be linked to your
-            account.{% endblocktrans %}</p>
-    {% endif %}
+<h4>{% block title %}{% trans "Enable Two-Factor Authentication" %}{% endblock %}</h4>
+{% if wizard.steps.current == 'welcome' %}
+<p>{% blocktrans trimmed %}You are about to take your account security to the
+    next level. Follow the steps in this wizard to enable two-factor
+    authentication.{% endblocktrans %}</p>
+{% elif wizard.steps.current == 'method' %}
+<p>{% blocktrans trimmed %}Please select which authentication method you would
+    like to use.{% endblocktrans %}</p>
+{% elif wizard.steps.current == 'generator' %}
+<p>{% blocktrans trimmed %}To start using a token generator, please use your
+    smartphone to scan the QR code below. For example, use Google
+    Authenticator.{% endblocktrans %}</p>
+<p><img src="{{ QR_URL }}" alt="QR Code" class="bg-white"/></p>
+<p>{% blocktrans trimmed %}Alternatively you can use the following secret to
+    set up TOTP in your authenticator or password manager manually.{% endblocktrans %}</p>
+<p>{% translate "TOTP Secret:" %} <a href="{{ otpauth_url }}">{{ secret_key }}</a></p>
+<p>{% blocktrans %}Then, enter the token generated by the app.{% endblocktrans %}</p>
+
+{% elif wizard.steps.current == 'sms' %}
+<p>{% blocktrans trimmed %}Please enter the phone number you wish to receive the
+    text messages on. This number will be validated in the next step.
+    {% endblocktrans %}</p>
+{% elif wizard.steps.current == 'call' %}
+<p>{% blocktrans trimmed %}Please enter the phone number you wish to be called on.
+    This number will be validated in the next step. {% endblocktrans %}</p>
+{% elif wizard.steps.current == 'validation' %}
+{% if challenge_succeeded %}
+{% if device.method == 'call' %}
+<p>{% blocktrans trimmed %}We are calling your phone right now, please enter the
+    digits you hear.{% endblocktrans %}</p>
+{% elif device.method == 'sms' %}
+<p>{% blocktrans trimmed %}We sent you a text message, please enter the tokens we
+    sent.{% endblocktrans %}</p>
+{% endif %}
+{% else %}
+<p class="alert alert-warning" role="alert">{% blocktrans trimmed %}We've
+    encountered an issue with the selected authentication method. Please
+    go back and verify that you entered your information correctly, try
+    again, or use a different authentication method instead. If the issue
+    persists, contact the site administrator.{% endblocktrans %}</p>
+{% endif %}
+{% elif wizard.steps.current == 'yubikey' %}
+<p>{% blocktrans trimmed %}To identify and verify your YubiKey, please insert a
+    token in the field below. Your YubiKey will be linked to your
+    account.{% endblocktrans %}</p>
+{% endif %}
+
+<form action="" method="post">{% csrf_token %}
+    {% include "two_factor/_wizard_forms.html" %}
+
+    {# hidden submit button to enable [enter] key #}
+    <input type="submit" value="" hidden />
 
-    <form action="" method="post">{% csrf_token %}
-        {% include "two_factor/setup_wizard_token.html" %}
-        {% include "two_factor/_wizard_actions_enable_2fa.html" %}
-    </form>
+    {% include "two_factor/_wizard_actions.html" %}
+</form>
 {% endblock %}

portal/templates/two_factor/profile/profile.html

@@ -1,41 +1,59 @@
 {% extends "two_factor/_base.html" %}
-{% load future i18n two_factor %}
+{% load i18n %}
+{% load two_factor_tags %}
 
 {% block content %}
-<h4>{% block title %}{% trans "Account Security" %}{% endblock %}</h4>
+<h1>{% block title %}{% trans "Account Security" %}{% endblock %}</h1>
 
 {% if default_device %}
-{% if default_device_type == 'TOTPDevice' %}
-<p>{% trans "Tokens will be generated by your token generator." %}</p>
-{% elif default_device_type == 'PhoneDevice' %}
-<p>{% blocktrans with primary=default_device|device_action %}Primary method: {{ primary }}{% endblocktrans %}</p>
-{% elif default_device_type == 'RemoteYubikeyDevice' %}
-<p>{% blocktrans %}Tokens will be generated by your YubiKey.{% endblocktrans %}</p>
+<p>{% blocktrans with primary=default_device|as_action %}Primary method: {{ primary }}{% endblocktrans %}</p>
+
+{% if available_phone_methods %}
+<h2>{% trans "Backup Phone Numbers" %}</h2>
+<p>{% blocktrans trimmed %}If your primary method is not available, we are able to
+    send backup tokens to the phone numbers listed below.{% endblocktrans %}</p>
+{% if backup_phones %}
+<ul>
+    {% for phone in backup_phones %}
+    <li>
+        {{ phone|as_action }}
+        <form method="post" action="{% url 'two_factor:phone_delete' phone.id %}"
+              onsubmit="return confirm({% trans 'Are you sure?' %})">
+            {% csrf_token %}
+            <button class="btn btn-sm btn-warning"
+                    type="submit">{% trans "Unregister" %}</button>
+        </form>
+    </li>
+    {% endfor %}
+</ul>
+{% endif %}
+<p><a href="{% url 'two_factor:phone_create' %}"
+      class="btn btn-info">{% trans "Add Phone Number" %}</a></p>
 {% endif %}
 
-<h4>{% trans "Backup Tokens" %}</h4>
+<h2>{% trans "Backup Tokens" %}</h2>
 <p>
-    {% blocktrans %}If you don't have any device with you, you can access
+    {% blocktrans trimmed %}If you don't have any device with you, you can access
     your account using backup tokens.{% endblocktrans %}
-    {% blocktrans count counter=backup_tokens %}
+    {% blocktrans trimmed count counter=backup_tokens %}
     You have only one backup token remaining.
     {% plural %}
     You have {{ counter }} backup tokens remaining.
     {% endblocktrans %}
 </p>
 <p><a href="{% url 'two_factor:backup_tokens' %}"
-      class="button button--primary">{% trans "Show Codes" %}</a></p>
+      class="btn btn-info">{% trans "Show Codes" %}</a></p>
 
-<h4>{% trans "Disable Two-Factor Authentication" %}</h4>
-<p>{% blocktrans %}However we strongly discourage you to do so, you can
+<h3>{% trans "Disable Two-Factor Authentication" %}</h3>
+<p>{% blocktrans trimmed %}However we strongly discourage you to do so, you can
     also disable two-factor authentication for your account.{% endblocktrans %}</p>
-<p><a class="button button--primary" href="{% url 'two_factor:disable' %}">
+<p><a class="btn btn-secondary" href="{% url 'two_factor:disable' %}">
     {% trans "Disable Two-Factor Authentication" %}</a></p>
 {% else %}
-<p>{% blocktrans %}Two-factor authentication is not enabled for your
+<p>{% blocktrans trimmed %}Two-factor authentication is not enabled for your
     account. Enable two-factor authentication for enhanced account
     security.{% endblocktrans %}</p>
-<p><a href="{% url 'two_factor:setup' %}" class="button button--primary">
+<p><a href="{% url 'two_factor:setup' %}" class="btn btn-primary">
     {% trans "Enable Two-Factor Authentication" %}</a>
 </p>
 {% endif %}

portal/tests/test_captcha_forms.py

@@ -1,7 +1,7 @@
-from captcha.fields import ReCaptchaField
-from captcha.widgets import ReCaptchaV2Invisible
 from django import forms
 from django.test import TestCase
+from django_recaptcha.fields import ReCaptchaField
+from django_recaptcha.widgets import ReCaptchaV2Invisible
 
 from portal.helpers.captcha import is_captcha_in_form, remove_captcha_from_forms
 

portal/tests/test_middleware.py

@@ -32,7 +32,9 @@ class TestAdminAccessMiddleware(TestCase):
         self.email, self.password = self._setup_user()
 
         self.monkeypatch = MonkeyPatch()
-        self.monkeypatch.setattr("deploy.middleware.admin_access.MODULE_NAME", "test")
+        self.monkeypatch.setattr(
+            "deploy.middleware.admin_access.MODULE_NAME", "test"
+        )
 
     def _setup_user(self) -> Tuple[str, str]:
         email, password = signup_teacher_directly()
@@ -79,7 +81,11 @@ class TestAdminAccessMiddleware(TestCase):
         assert type(response) == HttpResponseRedirect
         assert response.url == "/teach/dashboard/"
 
-    @mock.patch("deploy.middleware.admin_access.using_two_factor", return_value=True, autospec=True)
+    @mock.patch(
+        "deploy.middleware.admin_access.using_two_factor",
+        return_value=True,
+        autospec=True,
+    )
     def test_non_superuser_with_2FA_is_redirected(self, mock_using_two_factor):
         self.client.login(username=self.email, password=self.password)
 
@@ -91,8 +97,14 @@ class TestAdminAccessMiddleware(TestCase):
         assert type(response) == HttpResponseRedirect
         assert response.url == "/teach/dashboard/"
 
-    @mock.patch("deploy.middleware.admin_access.using_two_factor", return_value=True, autospec=True)
-    def test_superuser_with_2FA_can_access_admin_site(self, mock_using_two_factor):
+    @mock.patch(
+        "deploy.middleware.admin_access.using_two_factor",
+        return_value=True,
+        autospec=True,
+    )
+    def test_superuser_with_2FA_can_access_admin_site(
+        self, mock_using_two_factor
+    ):
         self._make_user_superuser()
 
         self.client.login(username=self.email, password=self.password)
@@ -118,7 +130,7 @@ class TestSecurityMiddleware(TestCase):
         assert response.headers["cache-control"] == "private"
         assert response.headers["x-content-type-options"] == "nosniff"
         assert response.headers["x-frame-options"] == "DENY"
-        assert response.headers["x-xss-protection"] == "1"
+        assert response.headers["x-xss-protection"] == "1; mode=block"
 
 
 class TestSessionTimeoutMiddleware(TestCase):
@@ -132,7 +144,9 @@ class TestSessionTimeoutMiddleware(TestCase):
         self.email, self.password = self._setup_user()
 
         self.monkeypatch = MonkeyPatch()
-        self.monkeypatch.setattr("deploy.middleware.session_timeout.SESSION_EXPIRY_TIME", 5)
+        self.monkeypatch.setattr(
+            "deploy.middleware.session_timeout.SESSION_EXPIRY_TIME", 5
+        )
 
     def _setup_user(self) -> Tuple[str, str]:
         email, password = signup_teacher_directly()
@@ -211,14 +225,18 @@ class TestScreentimeWarningMiddleware(TestCase):
         self.client.get("/")
         session = self.client.session
         assert "screentime_warning_timeout" in session
-        previous_screentime_warning_timeout = session["screentime_warning_timeout"]
+        previous_screentime_warning_timeout = session[
+            "screentime_warning_timeout"
+        ]
 
         self.client.get("/")
         session = self.client.session
         assert "screentime_warning_timeout" in session
         new_screentime_warning_timeout = session["screentime_warning_timeout"]
 
-        assert new_screentime_warning_timeout < previous_screentime_warning_timeout
+        assert (
+            new_screentime_warning_timeout < previous_screentime_warning_timeout
+        )
 
         # Check the reset_screentime_warning API resets the timeout
         url = reverse("reset_screentime_warning")
@@ -226,5 +244,9 @@ class TestScreentimeWarningMiddleware(TestCase):
         self.client.get("/")
         session = self.client.session
         assert "screentime_warning_timeout" in session
-        renewed_screentime_warning_timeout = session["screentime_warning_timeout"]
-        assert renewed_screentime_warning_timeout > new_screentime_warning_timeout
+        renewed_screentime_warning_timeout = session[
+            "screentime_warning_timeout"
+        ]
+        assert (
+            renewed_screentime_warning_timeout > new_screentime_warning_timeout
+        )