Create: MVP 2fa account app

logs_collector/templates/two_factor/_base.html

@@ -0,0 +1,42 @@
+{% load static %}
+<!DOCTYPE html>
+<html lang="en" data-bs-theme="auto">
+  <head>
+    {% include 'collector/includes/metalinks.html' %}
+    <title>Collector - {% block title %}{% endblock %}</title>
+    {% block extra_media %}{% endblock %}
+  </head>
+  <body>
+    <!-- Two factor auth-->
+    <section>
+      <header>
+        {% block 'navigation' %}{% endblock 'navigation' %}
+      </header>
+    </section>
+    <section>
+      <main>
+        <div
+          class="d-flex min-vh-100 align-items-center py-4 bg-body-tertiary"
+          cz-shortcut-listen="true" >
+          {% block content_wrapper %}
+            <div class="container">
+              <div class="row">{% block content %}{% endblock %}</div>
+            </div>
+          {% endblock %}
+        </div>
+      </main>
+    </section>
+    <!-- Theme switcher-->
+    <section>
+      <footer>
+        <div
+          class="dropdown position-fixed bottom-0 end-0 mb-3 me-3 bd-mode-toggle"
+        >
+        {% include 'collector/includes/theme_swither.html' %}
+        </div>
+      </footer>
+    </section>
+    <script src="{% static 'collector/js/bootstrap.bundle.min.js' %}"></script>
+    <script src="{% static 'collector/js/bs.theme.mode.js' %}"></script>
+  </body>
+</html>

logs_collector/templates/two_factor/_base_focus.html

@@ -0,0 +1,11 @@
+{% extends "two_factor/_base.html" %}
+
+{% block content_wrapper %}
+  <div class="container">
+    <div class="row">
+      <div class="col-md-4 offset-md-4">
+        {% block content %}{% endblock %}
+      </div>
+    </div>
+  </div>
+{% endblock %}

logs_collector/templates/two_factor/_wizard_actions.html

@@ -0,0 +1,14 @@
+{% load i18n %}
+
+{% if cancel_url %}
+  <a href="{{ cancel_url }}"
+     class="float-right btn btn-link">{% trans "Cancel" %}</a>
+{% endif %}
+{% if wizard.steps.prev %}
+  <button name="wizard_goto_step" type="submit"
+          value="{{ wizard.steps.prev }}"
+          class="btn btn-secondary">{% trans "Back" %}</button>
+{% else %}
+  <button disabled name="" type="button" class="btn">{% trans "Back" %}</button>
+{% endif %}
+<button type="submit" class="btn btn-primary">{% trans "Next" %}</button>

logs_collector/templates/two_factor/_wizard_forms.html

@@ -0,0 +1,5 @@
+{% load crispy_forms_tags %}
+<div class="mb-3">
+  {{ wizard.management_form }}
+  {{ wizard.form|crispy }}
+</div>

logs_collector/templates/two_factor/core/backup_tokens.html

@@ -0,0 +1,28 @@
+{% extends "two_factor/_base_focus.html" %}
+{% load i18n %}
+
+{% block content %}
+  <h1>{% block title %}{% trans "Backup Tokens" %}{% endblock %}</h1>
+  <p>{% blocktrans trimmed %}Backup tokens can be used when your primary and backup
+      phone numbers aren't available. The backup tokens below can be used
+      for login verification. If you've used up all your backup tokens, you
+      can generate a new set of backup tokens. Only the backup tokens shown
+      below will be valid.{% endblocktrans %}</p>
+
+  {% if device.token_set.count %}
+    <ul>
+      {% for token in device.token_set.all %}
+        <li>{{ token.token }}</li>
+      {% endfor %}
+    </ul>
+    <p>{% blocktrans %}Print these tokens and keep them somewhere safe.{% endblocktrans %}</p>
+  {% else %}
+    <p>{% trans "You don't have any backup codes yet." %}</p>
+  {% endif %}
+
+  <form method="post">{% csrf_token %}{{ form.as_p }}
+    <a href="{% url 'two_factor:profile'%}"
+       class="float-right btn btn-link">{% trans "Back to Account Security" %}</a>
+    <button class="btn btn-primary" type="submit">{% trans "Generate Tokens" %}</button>
+  </form>
+{% endblock %}

logs_collector/templates/two_factor/core/login.html

@@ -0,0 +1,57 @@
+{% extends "two_factor/_base_focus.html" %}
+{% load i18n %}
+{% load two_factor_tags %}
+
+{% block extra_media %}
+  {{ form.media }}
+{% endblock %}
+
+{% block content %}
+  <h1>{% block title %}{% trans "Login" %}{% endblock %}</h1>
+
+  {% if wizard.steps.current == 'auth' %}
+    <p>{% blocktrans %}Enter your credentials.{% endblocktrans %}</p>
+  {% elif wizard.steps.current == 'token' %}
+    <p>{{ device|as_verbose_action }}</p>
+  {% elif wizard.steps.current == 'backup' %}
+    <p>{% blocktrans trimmed %}Use this form for entering backup tokens for logging in.
+      These tokens have been generated for you to print and keep safe. Please
+      enter one of these backup tokens to login to your account.{% endblocktrans %}</p>
+  {% endif %}
+
+  <form action="" method="post">{% csrf_token %}
+    {% include "two_factor/_wizard_forms.html" %}
+
+    {# hidden submit button to enable [enter] key #}
+    <input type="submit" value="" hidden />
+
+    {% if other_devices %}
+      <p>{% trans "Or, alternatively, use one of your other authentication methods:" %}</p>
+      <p>
+        {% for other in other_devices %}
+        <button name="challenge_device" value="{{ other.persistent_id }}"
+                class="btn btn-secondary btn-block" type="submit">
+          {{ other|as_action }}
+        </button>
+      {% endfor %}</p>
+    {% endif %}
+
+    {% include "two_factor/_wizard_actions.html" %}
+  </form>
+
+  {% block 'backup_tokens' %}
+    {% if backup_tokens %}
+       <hr>
+       <div class="backup_tokens_form">
+       <form action="" method="post">
+           {% csrf_token %}
+            <p>{% trans "As a last resort, you can use a backup token:" %}</p>
+            <p>
+                <button name="wizard_goto_step" type="submit" value="backup"
+                    class="btn btn-sm btn-secondary btn-block">{% trans "Use Backup Token" %}</button>
+            </p>
+       </form>
+       </div>
+    {% endif %}
+  {% endblock %}
+{% endblock %}

logs_collector/templates/two_factor/core/otp_required.html

@@ -0,0 +1,20 @@
+{% extends "two_factor/_base_focus.html" %}
+{% load i18n %}
+
+{% block content %}
+  <h1>{% block title %}{% trans "Permission Denied" %}{% endblock %}</h1>
+
+  <p>{% blocktrans trimmed %}The page you requested, enforces users to verify using
+    two-factor authentication for security reasons. You need to enable these
+    security features in order to access this page.{% endblocktrans %}</p>
+
+  <p>{% blocktrans trimmed %}Two-factor authentication is not enabled for your
+    account. Enable two-factor authentication for enhanced account
+    security.{% endblocktrans %}</p>
+  <p>
+    <a href="javascript:history.go(-1)"
+       class="float-right btn btn-link">{% trans "Go back" %}</a>
+    <a href="{% url 'two_factor:setup' %}" class="btn btn-primary">
+    {% trans "Enable Two-Factor Authentication" %}</a>
+  </p>
+{% endblock %}

logs_collector/templates/two_factor/core/phone_register.html

@@ -0,0 +1,24 @@
+{% extends "two_factor/_base_focus.html" %}
+{% load i18n %}
+
+{% block content %}
+  <h1>{% block title %}{% trans "Add Backup Phone" %}{% endblock %}</h1>
+
+  {% if wizard.steps.current == 'setup' %}
+      <p>{% blocktrans trimmed %}You'll be adding a backup phone number to your
+        account. This number will be used if your primary method of
+        registration is not available.{% endblocktrans %}</p>
+  {% elif wizard.steps.current == 'validation' %}
+      <p>{% blocktrans trimmed %}We've sent a token to your phone number. Please
+        enter the token you've received.{% endblocktrans %}</p>
+  {% endif %}
+
+  <form action="" method="post">{% csrf_token %}
+    {% include "two_factor/_wizard_forms.html" %}
+
+    {# hidden submit button to enable [enter] key #}
+    <input type="submit" value="" hidden />
+
+    {% include "two_factor/_wizard_actions.html" %}
+  </form>
+{% endblock %}

logs_collector/templates/two_factor/core/setup.html

@@ -0,0 +1,64 @@
+{% extends "two_factor/_base_focus.html" %}
+{% load i18n %}
+
+{% block extra_media %}
+  {{ form.media }}
+{% endblock %}
+
+{% block content %}
+  <h1>{% block title %}{% trans "Enable Two-Factor Authentication" %}{% endblock %}</h1>
+  {% if wizard.steps.current == 'welcome' %}
+    <p>{% blocktrans trimmed %}You are about to take your account security to the
+        next level. Follow the steps in this wizard to enable two-factor
+        authentication.{% endblocktrans %}</p>
+  {% elif wizard.steps.current == 'method' %}
+    <p>{% blocktrans trimmed %}Please select which authentication method you would
+        like to use.{% endblocktrans %}</p>
+  {% elif wizard.steps.current == 'generator' %}
+    <p>{% blocktrans trimmed %}To start using a token generator, please use your
+        smartphone to scan the QR code below. For example, use Google
+        Authenticator.{% endblocktrans %}</p>
+    <p><img src="{{ QR_URL }}" alt="QR Code" class="bg-white"/></p>
+    <p>{% blocktrans trimmed %}Alternatively you can use the following secret to
+        setup TOTP in your authenticator or password manager manually.{% endblocktrans %}</p>
+    <p>{% translate "TOTP Secret:" %} <a href="{{ otpauth_url }}">{{ secret_key }}</a></p>
+    <p>{% blocktrans %}Then, enter the token generated by the app.{% endblocktrans %}</p>
+
+  {% elif wizard.steps.current == 'sms' %}
+    <p>{% blocktrans trimmed %}Please enter the phone number you wish to receive the
+      text messages on. This number will be validated in the next step.
+      {% endblocktrans %}</p>
+  {% elif wizard.steps.current == 'call' %}
+    <p>{% blocktrans trimmed %}Please enter the phone number you wish to be called on.
+      This number will be validated in the next step. {% endblocktrans %}</p>
+  {% elif wizard.steps.current == 'validation' %}
+    {% if challenge_succeeded %}
+      {% if device.method == 'call' %}
+        <p>{% blocktrans trimmed %}We are calling your phone right now, please enter the
+          digits you hear.{% endblocktrans %}</p>
+      {% elif device.method == 'sms' %}
+        <p>{% blocktrans trimmed %}We sent you a text message, please enter the tokens we
+          sent.{% endblocktrans %}</p>
+      {% endif %}
+    {% else %}
+      <p class="alert alert-warning" role="alert">{% blocktrans trimmed %}We've
+        encountered an issue with the selected authentication method. Please
+        go back and verify that you entered your information correctly, try
+        again, or use a different authentication method instead. If the issue
+        persists, contact the site administrator.{% endblocktrans %}</p>
+    {% endif %}
+  {% elif wizard.steps.current == 'yubikey' %}
+    <p>{% blocktrans trimmed %}To identify and verify your YubiKey, please insert a
+      token in the field below. Your YubiKey will be linked to your
+      account.{% endblocktrans %}</p>
+  {% endif %}
+
+  <form action="" method="post">{% csrf_token %}
+    {% include "two_factor/_wizard_forms.html" %}
+
+    {# hidden submit button to enable [enter] key #}
+    <input type="submit" value="" hidden />
+
+    {% include "two_factor/_wizard_actions.html" %}
+  </form>
+{% endblock %}

logs_collector/templates/two_factor/core/setup_complete.html

@@ -0,0 +1,24 @@
+{% extends "two_factor/_base_focus.html" %}
+{% load i18n %}
+
+{% block content %}
+  <h1>{% block title %}{% trans "Enable Two-Factor Authentication" %}{% endblock %}</h1>
+
+  <p>{% blocktrans trimmed %}Congratulations, you've successfully enabled two-factor
+      authentication.{% endblocktrans %}</p>
+
+  {% if not phone_methods %}
+    <p><a href="{% url 'two_factor:profile' %}"
+        class="btn btn-block btn-secondary">{% trans "Back to Account Security" %}</a></p>
+  {% else %}
+    <p>{% blocktrans trimmed %}However, it might happen that you don't have access to
+      your primary token device. To enable account recovery, add a phone
+      number.{% endblocktrans %}</p>
+
+    <a href="{% url 'two_factor:profile' %}"
+        class="float-right btn btn-link">{% trans "Back to Account Security" %}</a>
+    <p><a href="{% url 'two_factor:phone_create' %}"
+        class="btn btn-success">{% trans "Add Phone Number" %}</a></p>
+  {% endif %}
+
+{% endblock %}

logs_collector/templates/two_factor/profile/disable.html

@@ -0,0 +1,14 @@
+{% extends "two_factor/_base_focus.html" %}
+{% load i18n %}
+
+{% block content %}
+  <h1>{% block title %}{% trans "Disable Two-factor Authentication" %}{% endblock %}</h1>
+  <p>{% blocktrans trimmed %}You are about to disable two-factor authentication. This
+    weakens your account security, are you sure?{% endblocktrans %}</p>
+  <form method="post">
+    {% csrf_token %}
+    <table>{{ form.as_table }}</table>
+    <button class="btn btn-danger"
+            type="submit">{% trans "Disable" %}</button>
+  </form>
+{% endblock %}

logs_collector/templates/two_factor/profile/profile.html

@@ -0,0 +1,62 @@
+{% extends "two_factor/_base.html" %}
+{% load i18n %}
+{% load two_factor_tags %}
+
+{% block 'navigation' %}
+  {% include 'collector/includes/navigation.html' %}
+{% endblock 'navigation' %}
+
+{% block content %}
+  <h1>{% block title %}{% trans "Account Security" %}{% endblock %}</h1>
+
+  {% if default_device %}
+    <p>{% blocktrans with primary=default_device|as_action %}Primary method: {{ primary }}{% endblocktrans %}</p>
+
+    {% if available_phone_methods %}
+      <h2>{% trans "Backup Phone Numbers" %}</h2>
+      <p>{% blocktrans trimmed %}If your primary method is not available, we are able to
+        send backup tokens to the phone numbers listed below.{% endblocktrans %}</p>
+      <ul>
+        {% for phone in backup_phones %}
+          <li>
+            {{ phone|as_action }}
+            <form method="post" action="{% url 'two_factor:phone_delete' phone.id %}"
+                  onsubmit="return confirm({% trans 'Are you sure?' %})">
+              {% csrf_token %}
+              <button class="btn btn-sm btn-warning"
+                      type="submit">{% trans "Unregister" %}</button>
+            </form>
+          </li>
+        {% endfor %}
+      </ul>
+      <p><a href="{% url 'two_factor:phone_create' %}"
+        class="btn btn-info">{% trans "Add Phone Number" %}</a></p>
+    {% endif %}
+
+    <h2>{% trans "Backup Tokens" %}</h2>
+    <p>
+      {% blocktrans trimmed %}If you don't have any device with you, you can access
+        your account using backup tokens.{% endblocktrans %}
+      {% blocktrans trimmed count counter=backup_tokens %}
+        You have only one backup token remaining.
+      {% plural %}
+        You have {{ counter }} backup tokens remaining.
+      {% endblocktrans %}
+    </p>
+    <p><a href="{% url 'two_factor:backup_tokens' %}"
+          class="btn btn-info">{% trans "Show Codes" %}</a></p>
+
+    <h3>{% trans "Disable Two-Factor Authentication" %}</h3>
+    <p>{% blocktrans trimmed %}However we strongly discourage you to do so, you can
+      also disable two-factor authentication for your account.{% endblocktrans %}</p>
+    <p><a class="btn btn-secondary" href="{% url 'two_factor:disable' %}">
+      {% trans "Disable Two-Factor Authentication" %}</a></p>
+  {% else %}
+    <p>{% blocktrans trimmed %}Two-factor authentication is not enabled for your
+      account. Enable two-factor authentication for enhanced account
+      security.{% endblocktrans %}</p>
+    <p><a href="{% url 'two_factor:setup' %}" class="btn btn-primary">
+      {% trans "Enable Two-Factor Authentication" %}</a>
+    </p>
+  {% endif %}
+{% endblock %}

logs_collector/templates/two_factor/twilio/press_a_key.xml

@@ -0,0 +1,7 @@
+{% load i18n %}<?xml version="1.0" encoding="UTF-8" ?>
+<Response>
+  <Gather timeout="15" numDigits="1" finishOnKey="">
+    <Say language="{{ locale }}">{% blocktrans %}Hi, this is {{ site_name }} calling. Press any key to continue.{% endblocktrans %}</Say>
+  </Gather>
+  <Say language="{{ locale }}">{% trans "You didn’t press any keys. Good bye." %}</Say>
+</Response>

logs_collector/templates/two_factor/twilio/sms_message.html

@@ -0,0 +1,5 @@
+{% load i18n %}
+{% blocktrans trimmed %}
+    Your OTP token is {{ token }}
+{% endblocktrans %}
+

logs_collector/templates/two_factor/twilio/token.xml

@@ -0,0 +1,12 @@
+{% load i18n %}<?xml version="1.0" encoding="UTF-8" ?>
+<Response>
+  <Say language="{{ locale }}">{% trans "Your token is:" %}</Say>
+  <Pause>
+{% for digit in token %}  <Say language="{{ locale }}">{{ digit }}</Say>
+  <Pause>
+{% endfor %}  <Say language="{{ locale }}">{% trans "Repeat:" %}</Say>
+  <Pause>
+{% for digit in token %}  <Say language="{{ locale }}">{{ digit }}</Say>
+  <Pause>
+{% endfor %}  <Say language="{{ locale }}">{% trans "Good bye." %}</Say>
+</Response>