Enable django-otp-agents, for preserving OTP trust over time

2017-10-25 01:46:18 +11:00 · 2017-10-25 01:46:18 +11:00 · 7f17d50486
commit 7f17d50486
parent 187412d966
6 changed files with 33 additions and 4 deletions
--- a/lemoncurry/settings/base.py
+++ b/lemoncurry/settings/base.py
@ -66,6 +66,7 @@ INSTALLED_APPS = [

    'compressor',
    'django_activeurl',
+    'django_agent_trust',
    'django_otp',
    'django_otp.plugins.otp_totp',
    'favicon',
@ -85,6 +86,7 @@ MIDDLEWARE = [
    'django.middleware.csrf.CsrfViewMiddleware',
    'django.contrib.auth.middleware.AuthenticationMiddleware',
    'django_otp.middleware.OTPMiddleware',
+    'django_agent_trust.middleware.AgentMiddleware',
    'django.contrib.messages.middleware.MessageMiddleware',
    'django.middleware.clickjacking.XFrameOptionsMiddleware',
 ]
@ -193,6 +195,10 @@ MEDIA_ROOT = os.path.join(STATIC_ROOT, 'media')
 # Settings specific to lemoncurry
 LEMONCURRY_SITE_NAME = '00dani.me'

+# django-agent-trust
+# https://pythonhosted.org/django-agent-trust/
+AGENT_COOKIE_SECURE = True
+
 # django-otp
 # https://django-otp-official.readthedocs.io/en/latest/overview.html
 OTP_TOTP_ISSUER = LEMONCURRY_SITE_NAME
--- a/lemoncurry/urls.py
+++ b/lemoncurry/urls.py
@ -15,12 +15,12 @@ Including another URLconf
 """
 from django.conf.urls import include, url
 from django.contrib import admin
-from django_otp.admin import OTPAdminSite
+from otp_agents.admin import TrustedAgentAdminSite

 import django.contrib.sitemaps.views as sitemap
 from home.sitemaps import HomeSitemap

-otp_admin_site = OTPAdminSite()
+otp_admin_site = TrustedAgentAdminSite()
 for model_cls, model_admin in admin.site._registry.items():
    otp_admin_site.register(model_cls, model_admin.__class__)