def test_invalidates_token_for_60_seconds_ago(self): auth = TotpAuth(self.test_token) now = datetime.datetime.now() past_unixtime = int(now.strftime('%s')) - 60 past = datetime.datetime.fromtimestamp(past_unixtime) token = auth.totp.at(past) self.assertFalse(auth.valid(token))
def Authenticate(self, login, token): mycookie = cookie(login, token) if mycookie.verify(): return "true" try: logger.info("Login request from: " + login) pwd = ldap_get_password(login) if TotpAuth(base64.b32encode( ldap_get_password(login))).valid(token): mycookie.touch() return "true" else: self.set_status(401) except Exception as e: self.set_status(500) logger.error("Exception during logon " + login + ", error: " + str(e)) return "false"
def test_base_case(self): auth = TotpAuth() self.assertEquals(16, len(auth.secret)) token = auth.generate_token() self.assertEquals(6, len(str(token))) rv = auth.valid(token) self.assertTrue(rv)
def test_qrcode_generation(self): auth = TotpAuth(self.test_token) expected_image = Image.open('tests/assets/test_example_com.png') expected_stream = StringIO.StringIO() expected_image.save(expected_stream, format='PNG') expected = expected_stream.getvalue() actual_image = auth.qrcode('*****@*****.**') actual_stream = StringIO.StringIO() actual_image.save(actual_stream) actual = actual_stream.getvalue() self.assertEqual(expected, actual)
def create(self): auth = TotpAuth() self.db.insert({'uid': self.id, 'totp_secret': auth.secret}) self.account = self.db.find_one({'uid': self.id})
def __init__(self, user_id): self.id = user_id.lower() self.db = connection.tfa.users self.account = self.db.find_one({'uid': self.id}) if self.account and 'totp_secret' in self.account: self.totp = TotpAuth(self.account['totp_secret'])
def test_validates_token_for_right_now(self): auth = TotpAuth(self.test_token) token = auth.totp.now() self.assertTrue(auth.valid(token))
def make_token(self, username): user = self.db.find_one({'uid': username}) auth = TotpAuth(user['totp_secret']) return auth.generate_token()