Remove django-allauth-2fa

Fixes #6281
2025-06-19 21:45:39 +00:00 · 2024-01-19 18:07:07 +01:00
parent 4f8dddc597
commit 15c688074e
3 changed files with 45 additions and 8 deletions
--- a/InvenTree/users/migrations/0011_auto_20240119_1659.py
+++ b/InvenTree/users/migrations/0011_auto_20240119_1659.py
@ -0,0 +1,45 @@
+# Generated by Django 3.2.23 on 2024-01-19 16:59
+
+import base64
+
+from django.db import migrations
+
+from allauth.mfa.adapter import get_adapter
+from allauth.mfa.models import Authenticator
+from django_otp.plugins.otp_static.models import StaticDevice
+from django_otp.plugins.otp_totp.models import TOTPDevice
+
+
+def move_mfa(apps, schema_editor):
+    """Data migration to switch to django-allauth's new built-in MFA."""
+    adapter = get_adapter()
+    authenticators = []
+    for totp in TOTPDevice.objects.filter(confirmed=True).iterator():
+        recovery_codes = set()
+        for sdevice in StaticDevice.objects.filter(
+            confirmed=True, user_id=totp.user_id
+        ).iterator():
+            recovery_codes.update(sdevice.token_set.values_list('token', flat=True))
+        secret = base64.b32encode(bytes.fromhex(totp.key)).decode('ascii')
+        totp_authenticator = Authenticator(
+            user_id=totp.user_id,
+            type=Authenticator.Type.TOTP,
+            data={'secret': adapter.encrypt(secret)},
+        )
+        authenticators.append(totp_authenticator)
+        authenticators.append(
+            Authenticator(
+                user_id=totp.user_id,
+                type=Authenticator.Type.RECOVERY_CODES,
+                data={'migrated_codes': [adapter.encrypt(c) for c in recovery_codes]},
+            )
+        )
+    Authenticator.objects.bulk_create(authenticators)
+
+
+class Migration(migrations.Migration):
+    dependencies = [('users', '0010_alter_apitoken_key')]
+
+    operations = [
+        migrations.RunPython(move_mfa, reverse_code=migrations.RunPython.noop)
+    ]