Skip to content
Commits on Source (2)
Hide whitespace changes
Inline Side-by-side
app/webauthn.js
View file @ 3bdf0ace
......@@ -50,6 +50,15 @@ var register_key = async function( e )
var login_key = async function()
{
var delay_reload = function( v )
{
return new Promise( function( resolve ){
setTimeout( resolve.bind( null, v ), 1000 );
} ).then( function(){
window.location.reload();
} );
}
try {
var credentialRequestOptionsFromServer = await $.ajax( {
url: baseurl + "/u2f/begin_assertion",
......@@ -60,7 +69,8 @@ var login_key = async function()
throw credentialRequestOptionsFromServer.message;
} catch( err ) {
return toastr.error( err, "Error when getting request options from server" );
toastr.error( err, "Error when getting request options from server" );
return delay_reload();
}
credentialRequestOptionsFromServer = credentialRequestOptionsFromServer.data;
......@@ -72,7 +82,8 @@ var login_key = async function()
} );
} catch ( err ) {
return toastr.error( err, "Error when creating credential" );
toastr.error( err, "Error when creating credential" );
return delay_reload();
}
var assertion = transformAssertionForServer( assertion );
......@@ -89,7 +100,8 @@ var login_key = async function()
throw response.message;
} catch ( err ) {
return toastr.error( err, "Error when validating assertion on server" );
toastr.error( err, "Error when validating assertion on server" );
return delay_reload();
}
toastr.success( "Logged in" );
......
module.py
View file @ 3bdf0ace
......@@ -292,7 +292,7 @@ def do_login():
q = config.db.query( 'SELECT username, totp FROM users WHERE username = %s', ( session[ 'username' ], ) )
user = q.fetchone()
if not pyotp.TOTP( user[ 'totp' ] ).verify( request.form[ "totp" ], valid_window = 1 ):
if not pyotp.TOTP( user[ 'totp' ] ).verify( request.form[ "totp" ], valid_window = 2 ):
session[ 'logged' ] = False
return jsonify( {
'error': False,
......