django-two-factor-auth icon indicating copy to clipboard operation
django-two-factor-auth copied to clipboard

Published 20 hours ago verified publisher icon jazzband

feat: redirect admins to two_factor:setup if two_factors are required a two factor is not enabled for the account

Open dopry opened this issue 2 years ago • 10 comments

I'm picking up the work from #370 in this PR since it has seemingly gone stale.

Description

Currently, if OTP is set to required for the admin interface and a user does not have admin privileges. Logging in fails without any feedback. This PR modifies the login process to redirect admins to setup OTP instead.

Motivation and Context

This change is required because there is a dead end in the Login UX. It applies to #219.

How Has This Been Tested?

I am resubmitting the PR as a WIP at this juncture.

Screenshots (if appropriate):

Types of changes

  • [X] Bug fix (non-breaking change which fixes an issue)
  • [X] New feature (non-breaking change which adds functionality)
  • [x] Breaking change (fix or feature that would cause existing functionality to change)

Checklist:

  • [x] My code follows the code style of this project.
  • [x] My change requires a change to the documentation.
  • [x] I have updated the documentation accordingly.
  • [x] I have added tests to cover my changes.
  • [x] All new and existing tests passed.

dopry avatar May 05 '22 01:05 dopry

Codecov Report

Merging #491 (4bd592c) into master (4bd592c) will not change coverage. The diff coverage is n/a.

:exclamation: Current head 4bd592c differs from pull request most recent head 4c432a9. Consider uploading reports for the commit 4c432a9 to get more accurate results

@@           Coverage Diff           @@
##           master     #491   +/-   ##
=======================================
  Coverage   98.53%   98.53%           
=======================================
  Files          60       60           
  Lines        2659     2659           
  Branches      278      278           
=======================================
  Hits         2620     2620           
  Misses         24       24           
  Partials       15       15

:mega: We’re building smart automated test selection to slash your CI/CD build times. Learn more

codecov[bot] avatar May 05 '22 19:05 codecov[bot]

@claudep @moggers87, I'd appreciate a review and feedback. I'd really like to get this in along with https://github.com/jazzband/django-two-factor-auth/pull/493 and https://github.com/jazzband/django-two-factor-auth/pull/497 then cut a release.

dopry avatar May 09 '22 14:05 dopry

@claudep @moggers87 @Bouke, any chance I can get a review on this?

dopry avatar May 23 '22 13:05 dopry

Sorry, I don't feel familiar enough with this part of the code to be able to review it right now.

claudep avatar May 23 '22 19:05 claudep

@Bouke @moggers87, claude doesn't feel comfortable reviewing this. Do either of you? This is over two weeks out with no feedback.

dopry avatar May 26 '22 15:05 dopry

@Bouke @moggers87, I've rebased this PR. @claudep doesn't feel comfortable reviewing this. Do either of you? It has been over a month with no feedback on this issue.

dopry avatar Jun 08 '22 18:06 dopry

@Bouke @moggers87, @claudep doesn't feel comfortable reviewing this. Do either of you?

dopry avatar Jun 16 '22 15:06 dopry

@Bouke @moggers87, @claudep ping? Is there anyone out there?

dopry avatar Jun 23 '22 12:06 dopry

converted to draft while I review the impact of #500. I pulled monkey patching updates into its own PR that will need to be applied first.

dopry avatar Jun 23 '22 13:06 dopry

Any process on that?

Jenselme avatar Sep 09 '22 15:09 Jenselme