Already have account?
- Login here to associate
- SQRL identity with existing account.
+ Login here to associate
+ SQRL identity with an existing account.
diff --git a/sqrl/templates/sqrl/sqrl-dropin.html b/sqrl/templates/sqrl/sqrl-dropin.html
index 442d6f2..2d864dd 100644
--- a/sqrl/templates/sqrl/sqrl-dropin.html
+++ b/sqrl/templates/sqrl/sqrl-dropin.html
@@ -28,13 +28,8 @@
- {% if session_sqrl.method == "manage" %}
- {# redirect to manage page after successful SQRL transaction #}
-
-
- {% else %}
-
- {% endif %}
+
+
diff --git a/sqrl/templatetags/sqrl.py b/sqrl/templatetags/sqrl.py
index 7d4620e..2d596db 100644
--- a/sqrl/templatetags/sqrl.py
+++ b/sqrl/templatetags/sqrl.py
@@ -7,7 +7,6 @@ from ..sqrl import SQRLInitialization
register = template.Library()
-print(register)
@register.simple_tag(takes_context=True)
@@ -16,7 +15,7 @@ def sqrl(context):
@register.inclusion_tag('sqrl/sqrl-dropin.html')
-def sqrl_login_dropin(session_sqrl, method="login"):
+def sqrl_login_dropin(session_sqrl, redir):
"""
Creates a drop-in SQRL element in your template pages.
Add it to your login template to make it SQRL-aware.
@@ -24,19 +23,17 @@ def sqrl_login_dropin(session_sqrl, method="login"):
Usage:
{% load sqrl %}
{% sqrl as session_sqrl %}
- {% sqrl_login_dropin session_sqrl [method=METHOD] %}
+ {% sqrl_login_dropin session_sqrl REDIR %}
- METHOD is an optional argument that changes the way the form
- behaves. Possible arguments are:
- - login: The default method. No special redirections occur
- - manage: Will redirect the user to sqrl/manage
+ REDIR is the registered name of the page to move to once the login
+ is completed.
Notes:
The drop-in is defaulted to a max-width of 300px. Set the width
property of the parent if you want or need it smaller. You will
likely want to change the font-size as well in this case.
"""
- return {'session_sqrl':session_sqrl, 'method': method}
+ return {'session_sqrl':session_sqrl, 'redir': reverse(redir)}
@register.simple_tag
diff --git a/sqrl/urls.py b/sqrl/urls.py
index 86d9c4d..e032870 100644
--- a/sqrl/urls.py
+++ b/sqrl/urls.py
@@ -7,6 +7,7 @@ from .views import (
SQRLIdentityManagementView,
SQRLLoginView,
SQRLStatusView,
+ AdminSiteSQRLIdentityManagementView
)
app_name = "sqrl"
@@ -17,4 +18,5 @@ urlpatterns = [
path("manage/", SQRLIdentityManagementView.as_view(), name='manage'),
path("register/",SQRLCompleteRegistrationView.as_view(), name='complete-registration'),
re_path(r"^status/(?P[A-Za-z0-9_-]{43})/$", SQRLStatusView.as_view(), name='status'),
+ path('admin/sqrl_manage/', AdminSiteSQRLIdentityManagementView.as_view(), name='admin-sqrl_manage'),
]
diff --git a/sqrl/views.py b/sqrl/views.py
index 016f185..d73039e 100644
--- a/sqrl/views.py
+++ b/sqrl/views.py
@@ -17,6 +17,8 @@ from django.urls import reverse
from django.http import Http404, HttpResponse, JsonResponse, QueryDict
from django.shortcuts import get_object_or_404, redirect
from django.views.generic import FormView, TemplateView, View
+from django.utils.decorators import method_decorator
+from django.views.decorators.csrf import csrf_exempt
from .backends import SQRL_MODEL_BACKEND
from .exceptions import TIF, TIFException
@@ -51,7 +53,7 @@ class SQRLLoginView(TemplateView):
"""
template_name = 'sqrl/login.html'
-
+@method_decorator(csrf_exempt,"dispatch")
class SQRLStatusView(View):
"""
Ajax view which returns the status of the SQRL transaction back to the user.
@@ -96,7 +98,7 @@ class SQRLStatusView(View):
else:
url = self.success_url
- if all([not self.request.user.is_authenticated(),
+ if all([not self.request.user.is_authenticated,
SQRL_IDENTITY_SESSION_KEY in self.request.session]):
return reverse('sqrl:complete-registration') + '?next={}'.format(url)
else:
@@ -140,6 +142,7 @@ class SQRLStatusView(View):
return JsonResponse(data)
+@method_decorator(csrf_exempt,"dispatch")
class SQRLAuthView(View):
"""
This is the main view responsible for all interactions with SQRL client.