def otpvalidation(token): email = otp.retrieve_email_for_token(token) if not email: flash(gettext('Please sign in.'), 'error') return redirect_content_type(url_for('account.signin')) form = OTPForm(request.body) user_otp = form.otp.data if type(email) == bytes: email = email.decode('utf-8') user = user_repo.get_by(email_addr=email) current_app.logger.info('validating otp for user email: {}'.format(email)) if request.method == 'POST' and form.validate(): otp_code = otp.retrieve_user_otp_secret(email) if type(otp_code) == bytes: otp_code = otp_code.decode('utf-8') if otp_code is not None: print(otp_code, user_otp) if otp_code == user_otp: msg = gettext('OTP verified. You are logged in to the system') flash(msg, 'success') otp.expire_token(token) return _sign_in_user(user) else: msg = gettext('Invalid one time password, a newly generated ' 'one time password was sent to your email.') flash(msg, 'error') else: msg = gettext('Expired one time password, a newly generated one ' 'time password was sent to your email.') flash(msg, 'error') current_app.logger.info(('Invalid OTP. retrieved: {}, submitted: {}, ' 'email: {}').format(otp_code, user_otp, email)) _email_two_factor_auth(user, True) form.otp.data = '' response = dict(template='/account/otpvalidation.html', title='Verify OTP', form=form, user=user.to_public_json(), next=request.args.get('next'), token=token) return handle_content_type(response)
def otpvalidation(token): email = otp.retrieve_email_for_token(token) if not email: flash(gettext('Please sign in.'), 'error') return redirect_content_type(url_for('account.signin')) form = OTPForm(request.body) user_otp = form.otp.data user = user_repo.get_by(email_addr=email) current_app.logger.info('validating otp for user email: {}'.format(email)) if request.method == 'POST' and form.validate(): otp_code = otp.retrieve_user_otp_secret(email) if otp_code is not None: if otp_code == user_otp: msg = gettext('OTP verified. You are logged in to the system') flash(msg, 'success') otp.expire_token(token) return _sign_in_user(user) else: msg = gettext('Invalid one time password, a newly generated ' 'one time password was sent to your email.') flash(msg, 'error') else: msg = gettext('Expired one time password, a newly generated one ' 'time password was sent to your email.') flash(msg, 'error') current_app.logger.info(('Invalid OTP. retrieved: {}, submitted: {}, ' 'email: {}').format(otp_code, user_otp, email)) _email_two_factor_auth(user, True) form.otp.data = '' response = dict(template='/account/otpvalidation.html', title='Verify OTP', form=form, user=user.to_public_json(), next=request.args.get('next'), token=token) return handle_content_type(response)
def test_expire_token(): user_email = '*****@*****.**' token = otp.generate_url_token(user_email) otp.expire_token(token) assert otp.retrieve_email_for_token(token) is None