def test_totp():
auth = OtpAuth('python')
code = auth.totp()
assert auth.valid_totp(code)
# false
assert auth.valid_totp(1234567) is False
assert auth.valid_totp(123456) is False
def controle_otp():
auth = OtpAuth(db_auth)
print(auth)
controle = auth.valid_totp(int(input('Voer code in')))
if controle == True:
print('Code geaccepteerd')
else:
print('Helaas de code is onjuist')
def otpauth_totp(f_key): print "\n1.b test totp" auth = OtpAuth(f_key) # default step=30 code = auth.totp() assert auth.valid_totp(code) print "secret <%s> code <%s>" % (auth.secret, code) #print dir(auth) print "completed successfully"
def test_totp():
print "\n1.b test totp"
auth = OtpAuth('python')
code = auth.totp()
assert auth.valid_totp(code)
print "secret <%s> code <%s>" % (auth.secret, code)
#print dir(auth)
print "completed successfully"
def controle_otp(response, pincode):
auth = OtpAuth(response)
controle = auth.valid_totp(int(pincode))
if controle == True:
print('Code geaccepteerd')
return True
else:
print('Helaas de code is onjuist')
return False
def test_totp(): print "\n1.b test totp" secret= 'dev_annie_04' auth = OtpAuth(secret) code = auth.totp() assert auth.valid_totp(code) print "secret <%s> code <%s>" % (auth.secret, code) #print dir(auth) print "completed successfully"
def set_password(orm, email, code):
user = get_user(orm, email)
if not user or (user.inv_setpw and user.inv_setpw>time.time()):
logger.debug("interval error")
return False
user.inv_setpw = time.time()+30
secret = user.resetpw if user.resetpw else user.secret
auth = OtpAuth(secret)
logger.debug(auth.valid_totp(code))
if user.expires and user.expires>time.time() and auth.valid_totp(code):
user.inv_setpw = None
if user.resetpw:
user.secret = user.resetpw
user.resetpw = None
user.expires = None
orm.commit()
return True
orm.commit()
return False
def post(self, client_id, user_id):
args = self.parser.parse_args()
if args.secret_key != db.hget("apps:" + client_id, "secret_key"):
abort(401)
auth = OtpAuth(args.secret_key)
return dict(
valid=auth.valid_totp(args.code),
)
def qrCoderValid(inputStr):
auth = OtpAuth(inputStr)
hotp_code = auth.hotp(6)
valid = auth.valid_hotp(hotp_code)
# hotp_code = auth.hotp(6)
# valid = auth.valid_hotp(hotp_code)
totp_code = auth.totp(period=30, )
print(totp_code)
if auth.valid_totp(totp_code):
return totp_code
return totp_code
def check_password(orm, user, code):
if not user or (user.inv_login and user.inv_login>time.time()):
logger.debug("interval error")
return False
user.inv_login = time.time()+30
auth = OtpAuth(user.secret)
result = False
if auth.valid_totp(code):
user.inv_login = None
result = True
orm.commit()
return result
def put(self, user_id):
"""
This is the endpoint that creates the user 2fa
---
tags:
- users 2fa
parameters:
- in: body
name: body
schema:
id: 2fa_in
properties:
twoFACode:
type: string
description: code for 2fa
twoFASecret:
type: integer
description: secret key for user
responses:
201:
description: user 2fa secret
schema:
id: success
properties:
success:
type: boolean
value: true
400:
description: invalid 2fa secret or code
schema:
id: error
404:
description: invalid user
schema:
id: error
"""
if user_id is None:
return jsonify(error="invalid user id"), 404
user = User.query.filter_by(id=user_id).first()
if user is None:
return jsonify(error="invalid user"), 404
user2fa_secret = request.json.get('twoFASecret', None)
if not user2fa_secret:
return jsonify(error="invalid 2fa secret"), 400
user2fa_code = request.json.get('twoFACode', None)
if user2fa_code is None:
return jsonify(error="invalid 2fa code"), 400
auth = OtpAuth(user2fa_secret)
if auth.valid_totp(user2fa_code):
user.secure_id = user2fa_secret
db.session.commit()
return jsonify(success=True), 201
return jsonify(error="wrong code"), 400
def put(self, user_id):
"""
This is the endpoint that creates the user 2fa
---
tags:
- users 2fa
parameters:
- in: body
name: body
schema:
id: 2fa_in
properties:
twoFACode:
type: string
description: code for 2fa
twoFASecret:
type: integer
description: secret key for user
responses:
201:
description: user 2fa secret
schema:
id: success
properties:
success:
type: boolean
value: true
400:
description: invalid 2fa secret or code
schema:
id: error
404:
description: invalid user
schema:
id: error
"""
if user_id is None:
return jsonify(error="invalid user id"), 404
user = User.query.filter_by(id=user_id).first()
if user is None:
return jsonify(error="invalid user"), 404
user2fa_secret = request.json.get('twoFASecret', None)
if not user2fa_secret:
return jsonify(error="invalid 2fa secret"), 400
user2fa_code = request.json.get('twoFACode', None)
if user2fa_code is None:
return jsonify(error="invalid 2fa code"), 400
auth = OtpAuth(user2fa_secret)
if auth.valid_totp(user2fa_code):
user.secure_id = user2fa_secret
db.session.commit()
return jsonify(success=True), 201
return jsonify(error="wrong code"), 400
def valid_TOTP(ref_OTP):
token = True
check = True
auth = OtpAuth(ref_OTP)
print("Ref chack main is : " + ref_OTP)
while (check):
ANS_OTP = input("ENTER YOUR OTP : ")
ANS_OTP = int(ANS_OTP)
if ((auth.valid_totp(ANS_OTP) == True) and (token == True)):
print("OTP pass")
break
elif ((auth.valid_totp(ANS_OTP) == True) and (token == False)):
print("No")
break
elif ((auth.valid_totp(ANS_OTP) == False) and (token == True)):
token = False
print("No ")
elif ((auth.valid_totp(ANS_OTP) == False) and (token == False)):
print("Exit valid OTP ... ")
break
return 0
def POST_TSA(username, **k):
message = None # Error message
form = config.web.input() # get form data
result = config.model.get_users(username) # search for username data
user_hash = str(result.user_hash)
auth = OtpAuth(user_hash)
if auth.valid_totp(form.authenticator):
app.session.loggedin = True
raise config.web.seeother('/')
else:
message = "Two Step Authenticator not valid" # Error message
result = config.model.get_users(
username) # search for username data
result.username = config.make_secure_val(str(
result.username)) # apply HMAC for username
return config.render.tsa(result, message) # render tsa.html
def login():
if request.method == 'POST':
print 'Username: '******'Username']
print 'Password: '******'Password']
print 'Google Auth Code: ', request.form['GoogleAuth']
# Connect to database and query for user&password
db = sqlite3.connect('google_authenticator.db')
cursor = db.cursor()
cursor.execute('SELECT GOOGLEAUTH FROM USERS WHERE USER=\'' + request.form['Username'] + '\' AND PASSWORD=\'' + request.form['Password'] + '\';')
secret = cursor.fetchone()
db.close()
# Query returns None if user&password don't exist
if secret is None:
return "Unsuccesful login attempt."
# Verify google authentication code with secret from database
else:
# Generate the otpauth protocal string.
secret = secret[0]
print 'Secret: ', secret
auth = OtpAuth(secret)
secret_uri = auth.to_uri('totp', GALabel, GAIssuer) # algorithm type, label, issuer
# Generate TOTP code given code uri
code = auth.totp() # Generate time based code
print 'Code Uri: ', secret_uri
print 'Valid Google Auth Code: ', code
# Compare code provided by user with valid code
if auth.valid_totp(int(request.form['GoogleAuth'])):
return "Successfully logged in!"
else:
print "Invalid Google Authenticator."
return "Unsuccessful login attempt."
return "Unsuccessful login attempt."
return "Nothing to see here."
c = connect.cursor()
def create_table():
c.execute(
'CREATE TABLE IF NOT EXISTS Fietsenstalling (ID INTEGER PRIMARY KEY AUTOINCREMENT NOT NULL, Name TEXT, Adress TEXT, FietsNr INTEGER, PIN INTEGER, otpKEY TEXT)'
)
#auth = OtpAuth('JBSWY3DPEHPK3PXP') # a secret string
#auth.hotp() # generate a count based code, default count is 4
#auth.valid_hotp(330810)
#auth.hotp(2) # generate a count based code, count is 2
#auth.valid_hotp(720111)
#print(auth.totp()) # generate a time based code
#print(auth.valid_totp(157930))
auth = OtpAuth('JBSWY3DPEHPK3PXP') # Moet 16 lang zijn
s = auth.to_uri('totp', 'Jelle Huisman', 'NS Fietsenstalling')
import qrcode
img = qrcode.make(s)
#img.show()
controle = auth.valid_totp(int(input('Voer code in')))
print(controle)
if controle == True:
print('Code geaccepteerd')
else:
print('Helaas de code is onjuist')
def check_otp(self, otp): otpa = OtpAuth(self.secret) return otpa.valid_totp(otp)
def otpauth_totp(f_key): print "\ntotp per raw secret" auth = OtpAuth(f_key) # default step=30 code = auth.totp() assert auth.valid_totp(code) print "secret <%s> code <%s>" % (auth.secret, code)
import sys
import math
from otpauth import OtpAuth
count=5
val="kaow"
auth = OtpAuth(val)
res= auth.hotp(count)
print(auth)
print (("Hashed OTP is: "+str(res)))
print ("Authenication is: ",str(auth.valid_hotp(res)))
res=auth.totp()
print ("Time based OTP: ",str(res))
print ("Valid TOTP: ",str(auth.valid_totp(res)))
print ("Begin of Python Script\n")
print ("The passed arguments are ", sys.argv)
print ("Show all argument")
for i in range(len(sys.argv)):
print ("sys.argv["+str(i)+"] => "+str(sys.argv[i]))
