Add notes about adding a second key, and removing the last key

2025-04-11 15:51:19 +00:00 · 2020-11-19 15:05:08 +02:00 · 2020-11-19 15:05:08 +02:00 · 8448f882cf
commit 8448f882cf
parent 568a287850
4 changed files with 22 additions and 6 deletions
--- a/hc/accounts/views.py
+++ b/hc/accounts/views.py
@ -223,7 +223,7 @@ def profile(request):
        "2fa_status": "default",
        "added_credential_name": request.session.pop("added_credential_name", ""),
        "removed_credential_name": request.session.pop("removed_credential_name", ""),
-        "credentials": request.user.credentials.order_by("id"),
+        "credentials": list(request.user.credentials.order_by("id")),
        "use_2fa": settings.RP_ID,
    }

@ -658,7 +658,7 @@ def remove_credential(request, code):
        credential.delete()
        return redirect("hc-profile")

-    ctx = {"credential": credential}
+    ctx = {"credential": credential, "is_last": request.user.credentials.count() == 1}
    return render(request, "accounts/remove_credential.html", ctx)


--- a/templates/accounts/add_credential.html
+++ b/templates/accounts/add_credential.html
@ -3,7 +3,6 @@

 {% block content %}

-{{ registration_dict|json_script:"registration" }}
 <div class="row">
 <form
    id="add-credential-form"
--- a/templates/accounts/profile.html
+++ b/templates/accounts/profile.html
@ -68,7 +68,7 @@
                <form method="post">
                    {% csrf_token %}
                    <h2>Two-factor Authentication</h2>
-                    {% if credentials.exists %}
+                    {% if credentials %}

                    <table id="my-keys" class="table">
                        <tr>
@ -87,10 +87,18 @@
                        {% endfor %}
                    </table>

+                    {% if credentials|length == 1 %}
+                    <p class="alert alert-info">
+                        <strong>Tip: add a second key!</strong>
+                        It is a good practice to register at least two security keys
+                        and store them separately.
+                    </p>
+                    {% endif %}
+
                    {% else %}
                    <p>
                        Your account has no registered security keys.<br />
-                        Two-factor authentication is disabled.
+                        Two-factor authentication is not active.
                    </p>
                    {% endif %}
                    <a
--- a/templates/accounts/remove_credential.html
+++ b/templates/accounts/remove_credential.html
@ -12,8 +12,17 @@
            <p></p>
            <p>You are about to remove
            the security key <strong>{{ credential.name|default:'unnamed' }}</strong>
-            from your two-factor authentication methods. Are you sure?
+            from your two-factor authentication methods.
            </p>
+
+            {% if is_last %}
+            <p>
+                After removing this key,
+                <strong>two-factor authentication will no longer be active</strong>
+                for your {% site_name%} account.
+            </p>
+            {% endif %}
+
            <div class="text-right">
                <a
                    href="{% url 'hc-profile' %}"