def enable_two_factor():
"""
Switch two factor auth on for the currently logged in user.
"""
secret = pyotp.random_base32()
provisioning_url = pyotp.totp.TOTP(secret).provisioning_uri(
current_user.username, issuer_name="FlowAuth")
signed_secret = TimestampSigner(
current_app.config["SECRET_KEY"]).sign(secret)
backup_codes = generate_backup_codes()
serialised_codes = TimedSerializer(
current_app.config["SECRET_KEY"]).dumps(backup_codes)
return (
jsonify({
"provisioning_url": provisioning_url,
"secret": signed_secret.decode(),
"issuer": "FlowAuth",
"backup_codes": backup_codes,
"backup_codes_signature": serialised_codes,
}),
200,
)
