def verify_credentials(self, authc_token, authc_info):
submitted = authc_token.credentials
stored = self.get_stored_credentials(authc_token, authc_info)
service = self.cc_token_resolver[authc_token.__class__]
try:
if isinstance(authc_token, UsernamePasswordToken):
result = service.verify(submitted, stored)
if not result:
raise IncorrectCredentialsException
else:
totp = TOTP(key=stored)
totp.verify(submitted)
except (ValueError, TokenError):
raise IncorrectCredentialsException
def auth_verify(self, token):
try:
int(token)
except ValueError:
return False
else:
token = int(token)
totp_factory = TOTP.using(secrets_path='totp_sec', issuer='sec.thelonelylands.com')
source = totp_factory.from_source(json.loads(self.totp))
try:
verify = TOTP.verify(token=token, source=source, last_counter=self.totp_counter, window=10)
except (passlib_errors.UsedTokenError,
passlib_errors.InvalidTokenError,
passlib_errors.MalformedTokenError):
return False
else:
self.totp_counter = verify.counter
return True