def test_base_case(self): auth = TotpAuth() self.assertEquals(16, len(auth.secret)) token = auth.generate_token() self.assertEquals(6, len(str(token))) rv = auth.valid(token) self.assertTrue(rv)
def test_base_case(self): auth = TotpAuth() self.assertEquals(16, len(auth.secret)) token = auth.generate_token() self.assertEquals(6, len(str(token))) rv = auth.valid(token) self.assertTrue(rv)
class User: def __init__(self, user_id): self.id = user_id.lower() self.db = connection.tfa.users self.account = self.db.find_one({'uid': self.id}) if self.account and 'totp_secret' in self.account: self.totp = TotpAuth(self.account['totp_secret']) def create(self): auth = TotpAuth() self.db.insert({'uid': self.id, 'totp_secret': auth.secret}) self.account = self.db.find_one({'uid': self.id}) def save(self): self.db.save(self.account) def password_valid(self, pwd): pwd_hash = self.account['password_hash'] return bcrypt.hashpw(pwd, pwd_hash) == pwd_hash def send_sms(self, ok_to_send=False): if 'totp_enabled_via_sms' in self.account: ok_to_send = True if ok_to_send: token = self.totp.generate_token() msg = "Use this code to log in: %s" % token try: phone_number = self.account['phone_number'] rv = twilio.sms.messages.create(to=phone_number, from_=konf.twilio_from_number, body=msg) except: return False if rv: return rv.status != 'failed' return False # The methods below are required by flask-login def is_authenticated(self): """Always return true - we don't do any account verification""" return True def is_active(self): return True def is_anonymous(self): return False def get_id(self): return self.id
def make_token(self, username): user = self.db.find_one({'uid': username}) auth = TotpAuth(user['totp_secret']) return auth.generate_token()
def make_token(self, username): user = self.db.find_one({'uid': username}) auth = TotpAuth(user['totp_secret']) return auth.generate_token()