Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fix form.next for newer authentication mechanisms - including two-fac… #854

Merged
merged 1 commit into from
Oct 14, 2023

Conversation

jwag956
Copy link
Collaborator

@jwag956 jwag956 commented Oct 14, 2023

…tor.

Propagating 'next' when part of the request query string was working - but FS also supported 'next' as a hidden field in some endpoints such as /login and /register. form.next wasn't being propagated with 2FA. Also - newer authentication endpoints - /us-signin /wan-signin didn't have the 'next' hidden field.

Also - there were NO tests for form.next.

Fixed all that, added tests, combined all 'next' calculations in a single utility.

closes #853

…tor.

Propagating 'next' when part of the request query string was working - but FS also supported 'next' as a hidden field in some endpoints
such as /login and /register. form.next wasn't being propagated with 2FA. Also - newer authentication endpoints - /us-signin /wan-signin didn't have the
'next' hidden field.

Also - there were NO tests for form.next.

Fixed all that, added tests, combined all 'next' calculations in a single utility.

closes #853
@codecov
Copy link

codecov bot commented Oct 14, 2023

Codecov Report

Attention: 1 lines in your changes are missing coverage. Please review.

Files Coverage Δ
flask_security/oauth_glue.py 98.86% <ø> (ø)
flask_security/tf_plugin.py 99.16% <100.00%> (ø)
flask_security/unified_signin.py 98.75% <100.00%> (ø)
flask_security/views.py 98.76% <ø> (ø)
flask_security/webauthn.py 98.58% <100.00%> (+<0.01%) ⬆️
flask_security/utils.py 97.58% <96.66%> (+0.19%) ⬆️

📢 Thoughts on this report? Let us know!.

@jwag956 jwag956 merged commit 509aac7 into master Oct 14, 2023
14 of 15 checks passed
@jwag956 jwag956 deleted the pnext branch October 14, 2023 16:12
@github-actions github-actions bot locked as resolved and limited conversation to collaborators Nov 28, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
None yet
Development

Successfully merging this pull request may close these issues.

form.next not propagated through two-factor
1 participant