2fa-0.7
This commit is contained in:
parent
da0114f2f8
commit
94563bfefc
5
app.py
5
app.py
@ -296,7 +296,7 @@ def post_enable_2fa():
|
||||
if(not newSession().get()['secureAuth']):
|
||||
try:
|
||||
username=newSession().get()['username']
|
||||
add_auth_attribute_step1(username, tools.generate_secret(), action='enable')
|
||||
add_auth_attribute_step1(username, tools.gen_secret(), action='enable')
|
||||
except Error as e:
|
||||
#add_auth_attribute_step1(newSession().get()['username'], None, None)
|
||||
reload(newSession().get()['username'], None, None)
|
||||
@ -479,6 +479,9 @@ def login_user_ldap(conf, username, password):
|
||||
newSession().set(get_user_data(user_dn, c))
|
||||
#update timestamp + ip address
|
||||
update_login_info(conf, user_dn)
|
||||
#check if exists 2fa qr image
|
||||
if(newSession().get()['secureAuth']):
|
||||
tools.gen_qr(newSession().get()['authCode'])
|
||||
LOG.debug("%s logged in to %s" % (username, conf['base']))
|
||||
|
||||
#LOGOUT
|
||||
|
@ -5,6 +5,7 @@ import re
|
||||
from onetimepass import valid_totp
|
||||
from secrets import choice
|
||||
import segno
|
||||
from os import path
|
||||
|
||||
class Tools():
|
||||
|
||||
@ -47,12 +48,26 @@ class Tools():
|
||||
return(bool(re.fullmatch(regex, e)))
|
||||
|
||||
# 2FA
|
||||
def generate_secret(self): # Function to return a random string with length 16.
|
||||
def gen_qr(self, secret):
|
||||
if(not path.isfile('static/tmp/'+secret+'.png')):
|
||||
qrcode = segno.make(secret, micro=False)
|
||||
qrcode.save('static/tmp/'+secret+'.png', scale=10)
|
||||
|
||||
def gen_secret(self): # Function to return a random string with length 16.
|
||||
secret = ''
|
||||
while len(secret) < 16:
|
||||
secret += choice('ABCDEFGHIJKLMNOPQRSTUVWXYZ234567')
|
||||
qrcode = segno.make(secret, micro=False)
|
||||
qrcode.save('static/tmp/'+secret+'.png', scale=10)
|
||||
self.gen_qr(secret)
|
||||
return secret
|
||||
|
||||
tools = Tools()
|
||||
def 2fa_validation(self, otp):
|
||||
authenticated = valid_totp(otp, secret)
|
||||
if authenticated:
|
||||
print('Correct otp, Authenticated!')
|
||||
return True
|
||||
elif not authenticated:
|
||||
print('Wrong otp, please try again.')
|
||||
return False
|
||||
|
||||
|
||||
Tools = Tools()
|
||||
|
Loading…
Reference in New Issue
Block a user