3446026555
The license.txt file has been replaced with LICENSE for quite a while now. INAL but it didn't seem accurate to say "hey, checkout license.txt although there's no such file". Apart from this, there were inconsistencies in the headers altogether...this change brings consistency.
36 lines
1.3 KiB
Python
36 lines
1.3 KiB
Python
# Copyright (c) 2015, Frappe Technologies Pvt. Ltd. and Contributors
|
|
# License: MIT. See LICENSE
|
|
|
|
import frappe
|
|
from frappe import _
|
|
from urllib.parse import parse_qsl
|
|
from frappe.twofactor import get_qr_svg_code
|
|
|
|
def get_context(context):
|
|
context.no_cache = 1
|
|
context.qr_code_user,context.qrcode_svg = get_user_svg_from_cache()
|
|
|
|
def get_query_key():
|
|
'''Return query string arg.'''
|
|
query_string = frappe.local.request.query_string
|
|
query = dict(parse_qsl(query_string))
|
|
query = {key.decode(): val.decode() for key, val in query.items()}
|
|
if not 'k' in list(query):
|
|
frappe.throw(_('Not Permitted'),frappe.PermissionError)
|
|
query = (query['k']).strip()
|
|
if False in [i.isalpha() or i.isdigit() for i in query]:
|
|
frappe.throw(_('Not Permitted'),frappe.PermissionError)
|
|
return query
|
|
|
|
def get_user_svg_from_cache():
|
|
'''Get User and SVG code from cache.'''
|
|
key = get_query_key()
|
|
totp_uri = frappe.cache().get_value("{}_uri".format(key))
|
|
user = frappe.cache().get_value("{}_user".format(key))
|
|
if not totp_uri or not user:
|
|
frappe.throw(_('Page has expired!'),frappe.PermissionError)
|
|
if not frappe.db.exists('User',user):
|
|
frappe.throw(_('Not Permitted'), frappe.PermissionError)
|
|
user = frappe.get_doc('User',user)
|
|
svg = get_qr_svg_code(totp_uri)
|
|
return (user,svg.decode())
|