def enable_2fa(): if 'cancel' in request.form: current_user.totp_secret = None current_user.totp_enabled = False db.session.commit() flash('2FA enable canceled', 'warning') return redirect(url_for('profile_page.index')) if not current_user.totp_secret: current_user.totp_secret = pyotp.random_base32() db.session.commit() qr_uri = current_user.get_totp_uri() form = TwoFAEnableForm(request.form, qr_uri=qr_uri) if form.validate_on_submit(): if current_user.verify_totp(form.token.data): current_user.totp_enabled = True db.session.commit() flash('2FA authentication enabled', 'success') return redirect(url_for('profile_page.index')) else: flash('Invalid 2FA token', 'error') form.token.errors = ['Invalid 2FA token'] return render_template('profile/enable_2fa.html', qr_uri=qr_uri, form=form), 200, { 'Cache-Control': 'no-cache, no-store, must-revalidate', 'Pragma': 'no-cache', 'Expires': '0' }
def qrcode(): # render qrcode for FreeTOTP url = pyqrcode.create(current_user.get_totp_uri()) stream = StringIO.StringIO() url.svg(stream, scale=5) return stream.getvalue().encode('utf-8'), 200, { 'Content-Type': 'image/svg+xml', 'Cache-Control': 'no-cache, no-store, must-revalidate', 'Pragma': 'no-cache', 'Expires': '0' }
def two_factor_qr(): url = pyqrcode.create(current_user.get_totp_uri()) stream = BytesIO() url.svg(stream, scale=6) return stream.getvalue(), 200, { "Content-Type": "image/svg+xml", "Cache-Control": "no-cache, no-store, must-revalidate", "Pragma": "no-cache", "Expires": 0, "Secret": current_user.otp_secret }
def qrcode(): if not current_user: return redirect(url_for('index')) # render qrcode for FreeTOTP url = pyqrcode.create(current_user.get_totp_uri()) stream = BytesIO() url.svg(stream, scale=3) return stream.getvalue(), 200, { 'Content-Type': 'image/svg+xml', 'Cache-Control': 'no-cache, no-store, must-revalidate', 'Pragma': 'no-cache', 'Expires': '0'}
def qrcode(): if not current_user: return redirect(url_for('index')) # render qrcode for FreeTOTP img = qrc.make(current_user.get_totp_uri(), image_factory=qrc_svg.SvgImage) stream = BytesIO() img.save(stream) return stream.getvalue(), 200, { 'Content-Type': 'image/svg+xml', 'Cache-Control': 'no-cache, no-store, must-revalidate', 'Pragma': 'no-cache', 'Expires': '0'}
def qrcode(): if not current_user: return redirect(url_for('index')) # render qrcode for FreeTOTP url = pyqrcode.create(current_user.get_totp_uri()) stream = BytesIO() url.svg(stream, scale=3) return stream.getvalue(), 200, { 'Content-Type': 'image/svg+xml', 'Cache-Control': 'no-cache, no-store, must-revalidate', 'Pragma': 'no-cache', 'Expires': '0' }
def qrcode(): if current_user.otp_type() is None: abort(404) if 'username' in session: del session['username'] url = pyqrcode.create(current_user.get_totp_uri()) stream = BytesIO() url.svg(stream, scale=5) return stream.getvalue(), 200, { 'Content-Type': 'image/svg+xml', 'Cache-Control': 'no-cache, no-store, must-revalidate', 'Pragma': 'no-cache', 'Expires': '0' }
def qrcode(): if not current_user: return redirect(url_for("index")) # render qrcode for FreeTOTP img = qrc.make(current_user.get_totp_uri(), image_factory=qrc_svg.SvgImage) stream = BytesIO() img.save(stream) return ( stream.getvalue(), 200, { "Content-Type": "image/svg+xml", "Cache-Control": "no-cache, no-store, must-revalidate", "Pragma": "no-cache", "Expires": "0", }, )