Navigation

forms Package

request_mobile_number_reset Module

Request the mobile number reset. What actually happens here, is that user provides his username and a mobile number. After that an confirmation email is sent to users’ email address (taken from the profile). Also, an SMS message with code to reset the mobile number is immediately sent to the phone number given. No other information is specified in the SMS. Once user checks his email and follows the link given, he lands on the page on which he is supposed to fill in the verification code received by SMS. Upon successful validation, the mobile number is reset.

class collective.smsauthenticator.browser.forms.request_mobile_number_reset.RequestMobileNumberResetForm(context, request)[source]

Bases: plone.directives.form.form.SchemaForm

Form for request to reset to the SMS Authenticator mobile number form.

buttons = <z3c.form.button.Buttons object at 0x68bb810>
css_class = 'enableAutoFocus'
description = u'Use the form below to (re)set your mobile phone number.'
fields = <z3c.form.field.Fields object at 0x5580fd0>
handleSubmit = <Handler for <Button 'submit' u'Submit'>>[source]
handlers = <Handlers [<Handler for <Button 'submit' u'Submit'>>]>
ignoreContext = True
label = u'Request to (re)set the mobile number'
schema = <SchemaClass collective.smsauthenticator.browser.forms.request_mobile_number_reset.IRequestMobileNumberResetForm>
updateFields(*args, **kwargs)[source]

reset_mobile_number Module

Reset bar-code. This is the place where the new number is actually set (upon confirmation). First of all upon landing on the page (GET request) the validity of the URL is checked, since it’s signed and has an expiration limit of 10 minutes. The phone number to be added to users’ profile is taken from the GET request as well, but no worries - it’s signed too, thus, in case of data tumpering, the entire signature would become invalid. Note, that signature used for resetting the mobile number is written to the users’ profile on the moment request is sent. No unauthorised reproduction is possible, since we match it to the one in users’ profile.

If all things mentioned above are in good order, user would see a form where he can fill in the verification code received by SMS. That code had been stored in users’ profile too and is simply matched the one filled in.

If all checks pass well, the mobile number is definitely set in users’ profile.

class collective.smsauthenticator.browser.forms.reset_mobile_number.ResetMobileNumberForm(context, request)[source]

Bases: plone.directives.form.form.SchemaForm

Form for the resetting the mobile number.

What happens here is:

  • Signed user data is validated. If valid, the user is fetched.
  • Token (signature param) is matched to the one obtained from user records. If matched, the mobile number saved in the users’ profile.
action()[source]
buttons = <z3c.form.button.Buttons object at 0x6137150>
css_class = 'enableAutoFocus'
description = u'You have received (or will shortly receive) an SMS with an verification code. <br/>After successfully submitting this form, you will be automatically logged in.'
fields = <z3c.form.field.Fields object at 0x6143790>
handleSubmit = <Handler for <Button 'verify' u'Verify'>>[source]
handlers = <Handlers [<Handler for <Button 'verify' u'Verify'>>]>
ignoreContext = True
label = u'(Re)set your two-step verification mobile number'
schema = <SchemaClass collective.smsauthenticator.browser.forms.reset_mobile_number.IResetMobileNumberForm>
updateFields(*args, **kwargs)[source]

Here happens the following:

  • Signed user data is validated. If valid, the user is fetched.
  • Token (signature param) is matched to the one obtained from user records. If matched, the mobile number is reset (and saved in the users’ profile).

token Module

Token validation. Here user is supposed to fill in the token received by SMS.

class collective.smsauthenticator.browser.forms.token.TokenForm(context, request)[source]

Bases: plone.directives.form.form.SchemaForm

Form for the SMS Authenticator Token validation. Any user that has two-step verification enabled, uses this form upon logging in.

action()[source]
buttons = <z3c.form.button.Buttons object at 0x623cc50>
css_class = 'enableAutoFocus'
description = u'Confirm your login by entering the login code sent to your mobile number by SMS.'
fields = <z3c.form.field.Fields object at 0x623c590>
handleResendSMS = <Handler for <Button '526573656e6420534d53' u'Resend SMS'>>[source]
handleSubmit = <Handler for <Button 'verify' u'Verify'>>[source]
handlers = <Handlers [<Handler for <Button 'verify' u'Verify'>>, <Handler for <Button '526573656e6420534d53' u'Resend SMS'>>]>
ignoreContext = True
label = u'Two-step verification'
schema = <SchemaClass collective.smsauthenticator.browser.forms.token.ITokenForm>
updateFields(*args, **kwargs)[source]

Here the following happens. Cookie set is cleared. Thus, user is no longer logged in, but only after his SMS Authenticator token has been validated.

user_setup_mobile_number Module

User mobile number setup. Here user himself sets the two-step verification.

class collective.smsauthenticator.browser.forms.user_setup_mobile_number.SetupMobileNumberForm(context, request)[source]

Bases: plone.directives.form.form.SchemaForm

Form for the SMS Authenticator setup.

buttons = <z3c.form.button.Buttons object at 0x6ae1c10>
css_class = 'enableAutoFocus'
description = u'To setup two-step verification you need to enter your mobile phone numberto which you will be receiving SMS messages with login codes.'
fields = <z3c.form.field.Fields object at 0x6ae19d0>
handleSubmit = <Handler for <Button 'verify' u'Verify'>>[source]
handlers = <Handlers [<Handler for <Button 'verify' u'Verify'>>]>
ignoreContext = True
label = u'Setup mobile number for two-step verification'
schema = <SchemaClass collective.smsauthenticator.browser.forms.user_setup_mobile_number.ISetupMobileNumberForm>
updateFields(*args, **kwargs)[source]

Bar code image is applied here.

user_setup_two_step_verification Module

User setup. Here user himself sets the two-step verification.

class collective.smsauthenticator.browser.forms.user_setup_two_step_verification.SetupTwoStepVerificationForm(context, request)[source]

Bases: plone.directives.form.form.SchemaForm

Form for the SMS Authenticator setup.

buttons = <z3c.form.button.Buttons object at 0x6a3c110>
css_class = 'enableAutoFocus'
description = u'Complete the two-step verification setup by confirming your mobile number'
fields = <z3c.form.field.Fields object at 0x6a33b50>
handleSubmit = <Handler for <Button 'verify' u'Verify'>>[source]
handlers = <Handlers [<Handler for <Button 'verify' u'Verify'>>]>
ignoreContext = True
label = u'Setup two-step verification'
schema = <SchemaClass collective.smsauthenticator.browser.forms.user_setup_two_step_verification.ISetupTwoStepVerificationForm>
updateFields(*args, **kwargs)[source]

Check if user has a mobile number. If not, redirect him to the page to set it up.

Table Of Contents

Previous topic

browser Package

Next topic

tests Package

This Page

Navigation

© Copyright Goldmund, Wyldebeast & Wunderliebe. Created using Sphinx 1.1.3.