Merge branch 'gh_1698' into 'passkey'

vegu · vegu · commit 8d6d08eb11e8 · 2025-03-11T12:26:39.000Z
Integrate 2FA methods into a single web UI #1698 Open

See merge request gh/20c/django-security-keys!4
diff --git a/src/django_security_keys/urls.py b/src/django_security_keys/urls.py
@@ -19,4 +19,5 @@
     path(
         "decommission-form/", views.remove_security_key_form, name="decommission-form"
     ),
+    path("update-security-key/", views.update_security_key, name="update-security-key"),
 ]
diff --git a/src/django_security_keys/views.py b/src/django_security_keys/views.py
@@ -295,3 +295,34 @@ def remove_security_key_form(
     remove_security_key(request, **kwargs)
 
     return redirect(reverse("security-keys:manage-keys"))
+
+
+@login_required
+@transaction.atomic
+def update_security_key(request: WSGIRequest, **kwargs: Any) -> JsonResponse:
+    """
+    Update a security key's passkey login status.
+
+    This requires the following POST data:
+    - id (`int`): key id
+    - passkey_login (`bool`): whether to enable passkey login
+
+    Returns a JSON response with the updated key's details
+    """
+    id = request.POST.get("id")
+    passkey_login = convert_to_bool(request.POST.get("passkey_login", False))
+
+    try:
+        sec_key = request.user.webauthn_security_keys.get(pk=id)
+    except SecurityKey.DoesNotExist:
+        return JsonResponse({"non_field_errors": [_("Key not found")]}, status=404)
+
+    sec_key.passkey_login = passkey_login
+    sec_key.save()
+
+    return JsonResponse({
+        "status": "ok", 
+        "id": sec_key.id, 
+        "name": sec_key.name, 
+        "passkey_login": sec_key.passkey_login
+    })

Original file line number	Diff line number	Diff line change
`@@ -19,4 +19,5 @@`
`19`	`19`	`path(`
`20`	`20`	`"decommission-form/", views.remove_security_key_form, name="decommission-form"`
`21`	`21`	`),`
	`22`	`+ path("update-security-key/", views.update_security_key, name="update-security-key"),`
`22`	`23`	`]`