Merge branch 'passkey' of git.20c.com:gh/20c/django-security-keys into passkey

Author: vegu

src/django_security_keys/backends.py

@@ -18,7 +18,6 @@
 
 
 class PasskeyAuthenticationBackend(ModelBackend):
-
     """
     Passkey authentication through webauthn
     """

src/django_security_keys/models.py

@@ -33,7 +33,6 @@
 
 
 class UserHandle(models.Model):
-
     """
     Unique identifier used to map users to their webauthn security keys
 
@@ -100,7 +99,6 @@ def require_for_user(cls, user: User | SimpleLazyObject) -> UserHandle:
 
 
 class SecurityKey(models.Model):
-
     """
     Describes a Webauthn (U2F) SecurityKey be used for passkey
     login or 2FA

src/django_security_keys/templatetags/two_factor_ext.py

@@ -1,6 +1,7 @@
 """
 Template filters / tags to help with two-factor auth
 """
+
 from django import template
 from django.utils.translation import gettext_lazy as _
 from django_otp import devices_for_user

src/django_security_keys/urls.py

@@ -19,4 +19,5 @@
     path(
         "decommission-form/", views.remove_security_key_form, name="decommission-form"
     ),
+    path("update-security-key/", views.update_security_key, name="update-security-key"),
 ]

src/django_security_keys/views.py

@@ -295,3 +295,34 @@ def remove_security_key_form(
     remove_security_key(request, **kwargs)
 
     return redirect(reverse("security-keys:manage-keys"))
+
+
+@login_required
+@transaction.atomic
+def update_security_key(request: WSGIRequest, **kwargs: Any) -> JsonResponse:
+    """
+    Update a security key's passkey login status.
+
+    This requires the following POST data:
+    - id (`int`): key id
+    - passkey_login (`bool`): whether to enable passkey login
+
+    Returns a JSON response with the updated key's details
+    """
+    id = request.POST.get("id")
+    passkey_login = convert_to_bool(request.POST.get("passkey_login", False))
+
+    try:
+        sec_key = request.user.webauthn_security_keys.get(pk=id)
+    except SecurityKey.DoesNotExist:
+        return JsonResponse({"non_field_errors": [_("Key not found")]}, status=404)
+
+    sec_key.passkey_login = passkey_login
+    sec_key.save()
+
+    return JsonResponse({
+        "status": "ok", 
+        "id": sec_key.id, 
+        "name": sec_key.name, 
+        "passkey_login": sec_key.passkey_login
+    })

tests/project/urls.py

@@ -13,6 +13,7 @@
     1. Import the include() function: from django.urls import include, path
     2. Add a URL to urlpatterns:  path('blog/', include('blog.urls'))
 """
+
 from django.contrib import admin
 from django.urls import include, path, re_path
 from two_factor.urls import urlpatterns as tf_urls