def signin_2fa_auth_get_(request):
sess = define.get_weasyl_session()
# Only render page if the password has been authenticated (we have a UserID stored in the session)
if '2fa_pwd_auth_userid' not in sess.additional_data:
return Response(define.errorpage(request.userid, errorcode.permission))
tfa_userid = sess.additional_data['2fa_pwd_auth_userid']
# Maximum secondary authentication time: 5 minutes
session_life = arrow.now().timestamp - sess.additional_data['2fa_pwd_auth_timestamp']
if session_life > 300:
_cleanup_2fa_session()
return Response(define.errorpage(
request.userid,
errorcode.error_messages['TwoFactorAuthenticationAuthenticationTimeout'],
[["Sign In", "/signin"], ["Return to the Home Page", "/"]]))
else:
ref = request.params["referer"] if "referer" in request.params else "/"
return Response(define.webpage(
request.userid,
"etc/signin_2fa_auth.html",
[define.get_display_name(tfa_userid), ref, two_factor_auth.get_number_of_recovery_codes(tfa_userid),
None], title="Sign In - 2FA"))
评论列表
文章目录
