This commit is contained in:
aitzol 2023-11-18 23:03:40 +01:00
parent da0114f2f8
commit 94563bfefc
2 changed files with 24 additions and 6 deletions

5
app.py
View File

@ -296,7 +296,7 @@ def post_enable_2fa():
if(not newSession().get()['secureAuth']):
try:
username=newSession().get()['username']
add_auth_attribute_step1(username, tools.generate_secret(), action='enable')
add_auth_attribute_step1(username, tools.gen_secret(), action='enable')
except Error as e:
#add_auth_attribute_step1(newSession().get()['username'], None, None)
reload(newSession().get()['username'], None, None)
@ -479,6 +479,9 @@ def login_user_ldap(conf, username, password):
newSession().set(get_user_data(user_dn, c))
#update timestamp + ip address
update_login_info(conf, user_dn)
#check if exists 2fa qr image
if(newSession().get()['secureAuth']):
tools.gen_qr(newSession().get()['authCode'])
LOG.debug("%s logged in to %s" % (username, conf['base']))
#LOGOUT

View File

@ -5,6 +5,7 @@ import re
from onetimepass import valid_totp
from secrets import choice
import segno
from os import path
class Tools():
@ -47,12 +48,26 @@ class Tools():
return(bool(re.fullmatch(regex, e)))
# 2FA
def generate_secret(self): # Function to return a random string with length 16.
def gen_qr(self, secret):
if(not path.isfile('static/tmp/'+secret+'.png')):
qrcode = segno.make(secret, micro=False)
qrcode.save('static/tmp/'+secret+'.png', scale=10)
def gen_secret(self): # Function to return a random string with length 16.
secret = ''
while len(secret) < 16:
secret += choice('ABCDEFGHIJKLMNOPQRSTUVWXYZ234567')
qrcode = segno.make(secret, micro=False)
qrcode.save('static/tmp/'+secret+'.png', scale=10)
self.gen_qr(secret)
return secret
tools = Tools()
def 2fa_validation(self, otp):
authenticated = valid_totp(otp, secret)
if authenticated:
print('Correct otp, Authenticated!')
return True
elif not authenticated:
print('Wrong otp, please try again.')
return False
Tools = Tools()