WebAuthn: Avoid submitting the wrong form

[jkcgs]

Description

If the template is modified/overridden, there could be other forms before the two-factor one. This selects the form based on the tokenField input. This uses the Element.closest method that "traverses the element and its parents", which should be available to 95.2% of users according to Can I Use?.

Motivation and Context

I'm working on an internal project to integrate two-factor login to the Django admin (as others have tried: #169), and so far so good, but if the passkey setup is done inside the admin panel, the logout form (link) is triggered instead the two-factor form, since the Javascript selects the form based on the document.forms[0] line. This instead searches the closest form to the two-factor token input.

No, this small merge request does not integrate the project into the django-admin. But I could eventually work in a PR to do this, if everything goes as expected.

How Has This Been Tested?

I'm running this modification and testing it live in my django-admin environment. I haven't tested further since it's not a profound change.

Screenshots (if appropriate):

In the screenshot, you can see the WebAuthn setup integrated to the admin. Once the token is activated, it was triggering the logout action and I didn't understand why, until I saw how the form was being selected.

(congratulations screen)

With this small fix, I can successfully store the key on my account.

Types of changes

• Bug fix (non-breaking change which fixes an issue)
• New feature (non-breaking change which adds functionality)
• Breaking change (fix or feature that would cause existing functionality to change)

Checklist:

• My code follows the code style of this project.
• My change requires a change to the documentation.
• I have updated the documentation accordingly.
• I have added tests to cover my changes.
• All new and existing tests passed.

[claudep]

Thanks, it looks totally reasonable.