"Fossies" - the Fresh Open Source Software Archive  

Source code changes of the file "linotpd/src/linotp/controllers/userservice.py" between
LinOTP-release-2.12.tar.gz and LinOTP-release-2.12.1.tar.gz

About: LinOTP is a flexible and versatile OTP-platform for strong user authentication (two-factor authentication with one time passwords).

userservice.py  (LinOTP-release-2.12):userservice.py  (LinOTP-release-2.12.1)
skipping to change at line 644 skipping to change at line 644
""" """
user, _client, _auth_state, state_data = get_cookie_authinfo(cookie) user, _client, _auth_state, state_data = get_cookie_authinfo(cookie)
if not state_data: if not state_data:
raise Exception('invalid state data') raise Exception('invalid state data')
# if there has been a challenge triggerd before, we can extract # if there has been a challenge triggerd before, we can extract
# the the transaction info from the cookie cached data # the the transaction info from the cookie cached data
transid = state_data.get('transactionid') transid = state_data.get('transactionid')
_exp, challenges = Challenges.get_challenges(
transid=transid, filter_open=True) _exp, challenges = Challenges.get_challenges(transid=transid)
if not challenges: if not challenges:
log.info("cannot login with challenge as challenges are expired!") log.info("cannot login with challenge as challenges are expired!")
abort(401, _('challenge expired!')) abort(401, _('challenge expired!'))
if 'otp' in params: if 'otp' in params:
params['transactionid'] = transid params['transactionid'] = transid
otp_value = params['otp'] otp_value = params['otp']
skipping to change at line 681 skipping to change at line 681
c.audit['info'] = "%r logged in " % user c.audit['info'] = "%r logged in " % user
Session.commit() Session.commit()
return sendResult(response, res, 0) return sendResult(response, res, 0)
# -------------------------------------------------------------- -- # -------------------------------------------------------------- --
# if there is no otp in the request, we assume that we # if there is no otp in the request, we assume that we
# have to poll for the transaction state # have to poll for the transaction state
if not state_data:
raise Exception('invalid state data')
verified = False verified = False
transid = state_data.get('transactionid') transid = state_data.get('transactionid')
va = ValidationHandler() va = ValidationHandler()
ok, opt = va.check_status(transid=transid, user=user, ok, opt = va.check_status(transid=transid, user=user,
serial=None, password='passw', serial=None, password='passw',
) )
if ok and opt and opt.get('transactions', {}).get(transid): if ok and opt and opt.get('transactions', {}).get(transid):
verified = opt.get( verified = opt.get(
'transactions', {}).get( 'transactions', {}).get(
 End of changes. 2 change blocks. 
5 lines changed or deleted 2 lines changed or added

Home  |  About  |  Features  |  All  |  Newest  |  Dox  |  Diffs  |  RSS Feeds  |  Screenshots  |  Comments  |  Imprint  |  Privacy  |  HTTP(S)