def get(self, request, *args, **kwargs): # pylint: disable=unused-argument # Get the data from the session if not config.ENABLE_TWO_FACTOR_AUTH: raise Http404() try: key = self.request.session[QR_SESSION_KEY] del self.request.session[QR_SESSION_KEY] except KeyError: raise Http404() # Get data for qrcode image_factory_string = getattr(settings, 'TWO_FACTOR_QR_FACTORY', self.default_qr_factory) image_factory = import_string(image_factory_string) content_type = self.image_content_types[image_factory.kind] otpauth_url = get_otpauth_url(accountname=self.request.user.username, issuer=config.SITE_NAME, secret=key, digits=totp_digits()) # Make and return QR code img = qrcode.make(otpauth_url, image_factory=image_factory) resp = HttpResponse(content_type=content_type) img.save(resp) return resp
def get(self, request, *args, **kwargs): # pylint: disable=unused-argument # Get the data from the session if not config.ENABLE_TWO_FACTOR_AUTH: raise Http404() try: key = self.request.session[QR_SESSION_KEY] del self.request.session[QR_SESSION_KEY] except KeyError: raise Http404() # Get data for qrcode image_factory_string = getattr(settings, 'TWO_FACTOR_QR_FACTORY', self.default_qr_factory) image_factory = import_string(image_factory_string) content_type = self.image_content_types[image_factory.kind] otpauth_url = get_otpauth_url( accountname=self.request.user.username, issuer=get_current_site(self.request).name, secret=key, digits=totp_digits()) # Make and return QR code img = qrcode.make(otpauth_url, image_factory=image_factory) resp = HttpResponse(content_type=content_type) img.save(resp) return resp
def generate_challenge(self): # local import to avoid circular import from seahub.two_factor.oath import totp from seahub.two_factor.utils import totp_digits """ Sends the current TOTP token to `self.number` using `self.method`. """ no_digits = totp_digits() token = str(totp(self.bin_key, digits=no_digits)).zfill(no_digits) if self.method == 'call': make_call(device=self, token=token) else: send_sms(device=self, token=token)
def verify_token(self, token): # local import to avoid circular import from seahub.two_factor.oath import totp from seahub.two_factor.utils import totp_digits try: token = int(token) except ValueError: return False for drift in range(-5, 1): if totp(self.bin_key, drift=drift, digits=totp_digits()) == token: return True return False