def create(request):
"""
Verify the otp and send to the user its token
Parameters
----------
request : Request
the api request
Returns
----------
Response
confirm that the user is signup
"""
user, count_type = retrieve_user(request)
print(user, count_type)
print(request.data["otp"])
otp = OneTimePassword.objects.get(user=user)
key = base64.b32encode(return_value(user.name).encode())
code = HOTP(key)
if code.verify(request.data["otp"], otp.counter) and otp.isValid:
otp.isValid = False
otp.save()
user.is_active = True
user.save()
token, created = Token.objects.get_or_create(user=user)
return Response({"Token": token.key})
else:
raise WrongCode()
def OTP_verification(OTP_value):
# Lay sessionID cua user
session_id = 'abacavasdf'
data = None
counter, OTP_check, time_create = None, None, None
# Neu file ton tai va khac rong
if not path.isfile('./OTP.json') or read_file('./OTP.json') == b'':
print('OTP expires!!!')
else:
data = read_json_file('./OTP.json')
for i in reversed(range(len(data["OTP"]))):
dict = data["OTP"][i]
if session_id in dict:
counter = dict[session_id]
base32secret = dict['base32secret']
time_create = dict['time_create']
break
time_verify = datetime.now().strftime('%Y%m%d%H%M%S%f')
#2020 10 28 02 30 08 743182
#2020 10 28 02 35 08 743183
if time_create is not None and int(time_verify) - int(
time_create) <= 500000000:
hotp = HOTP(base32secret)
if hotp.verify(OTP_value, counter):
print('Correct')
else:
print("OTP is wrong!!")
else:
print("OTP expires!!!")
def OTP_verification(request, OTP_value):
# Lay sessionID cua user
a = request.session
session_id = a.session_key
data = None
counter, OTP_check, time_create = None, None, None
# Neu file ton tai va khac rong
if file_is_not_existed('./OTP.json'):
# print('OTP expires!!!')
return -1
else:
data = read_json_file('./OTP.json')
for i in reversed(range(len(data["OTP"]))):
dict = data["OTP"][i]
if session_id in dict:
counter = dict[session_id]
base32secret = dict['base32secret']
time_create = dict['time_create']
break
time_verify = datetime.now().strftime('%Y%m%d%H%M%S%f')
# 2020 10 28 02 30 08 743182
# 2020 10 28 02 35 08 743183
if time_create is not None and int(time_verify) - int(
time_create) <= 500000000:
hotp = HOTP(base32secret)
if hotp.verify(OTP_value, counter):
return 1
else:
return 0
else:
return -1
def post(request, pk):
user = User.objects.get(pk=pk)
keygen = generateKey()
key = base64.b32encode(keygen.returnValue(user.phone).encode())
OTP = HOTP(key)
otp_data = request.data['otp']
if OTP.verify(otp_data, user.verify_count):
user.verified = True
user.save()
return Response({'message': f'{user.email} verified', 'user': UserSerializer(user, context={'request': request}).data}, status.HTTP_200_OK)
return Response({'message': "OTP is wrong or has expired"}, status.HTTP_400_BAD_REQUEST)