external
/
mailinabox
mirror of https://github.com/mail-in-a-box/mailinabox.git
1
0
Fork 0
Code Issues Releases Wiki Activity
mailinabox/management/totp.py

34 lines
736 B
Python
Raw Normal View History

add user interface for managing 2fa * update user schema with 2fa columns
2020-09-02 14:48:23 +00:00
import base64
import hmac
import io
import os
import struct
import time
Use pyotp for validating TOTP codes * also implements resynchronisation support via `pyotp`'s `valid_window option
2020-09-02 17:12:15 +00:00
import pyotp
add user interface for managing 2fa * update user schema with 2fa columns
2020-09-02 14:48:23 +00:00
import qrcode
def get_secret():
return base64.b32encode(os.urandom(20)).decode('utf-8')
def get_otp_uri(secret, email):
Use pyotp for validating TOTP codes * also implements resynchronisation support via `pyotp`'s `valid_window option
2020-09-02 17:12:15 +00:00
return pyotp.TOTP(secret).provisioning_uri(
name=email,
issuer_name='mailinabox'
add user interface for managing 2fa * update user schema with 2fa columns
2020-09-02 14:48:23 +00:00
)
def get_qr_code(data):
qr = qrcode.make(data)
byte_arr = io.BytesIO()
qr.save(byte_arr, format='PNG')
encoded = base64.b64encode(byte_arr.getvalue()).decode('utf-8')
return 'data:image/png;base64,{}'.format(encoded)
def validate(secret, token):
"""
@see https://tools.ietf.org/html/rfc6238#section-4
@see https://tools.ietf.org/html/rfc4226#section-5.4
"""
Use pyotp for validating TOTP codes * also implements resynchronisation support via `pyotp`'s `valid_window option
2020-09-02 17:12:15 +00:00
totp = pyotp.TOTP(secret)
return totp.verify(token, valid_window=2)