def save_user_secret(username, totp_pass, title, size): """ Save the TOTP secret for a user. If we can generate a QRCode for them to scan off the screen, we will return that as well. :param username: The user to save the secret for. :type username: str :param totp_pass: The secret to save. :type totp_pass: str :param title: The title for the QRCode. :type title: str :param size: The size of the QRCode image. :type size: tuple. :returns: dict with keys: "success" (boolean), "secret" (str), "qr_img" (str or None) """ from crits.core.user import CRITsUser username = str(username) user = CRITsUser.objects(username=username).first() response = {} if user: (crypt_secret, totp_secret) = gen_user_secret(totp_pass, username) user.secret = crypt_secret user.totp = True user.save() response['success'] = True response['secret'] = totp_secret qr_img = generate_qrcode( "otpauth://totp/%s?secret=%s" % (title, totp_secret), size) if qr_img: response['qr_img'] = qr_img else: response['qr_img'] = None else: response['success'] = False return response
def save_user_secret(username, totp_pass, title, size): """ Save the TOTP secret for a user. If we can generate a QRCode for them to scan off the screen, we will return that as well. :param username: The user to save the secret for. :type username: str :param totp_pass: The secret to save. :type totp_pass: str :param title: The title for the QRCode. :type title: str :param size: The size of the QRCode image. :type size: tuple. :returns: dict with keys: "success" (boolean), "secret" (str), "qr_img" (str or None) """ from crits.core.user import CRITsUser username = str(username) user = CRITsUser.objects(username=username).first() response = {} if user: (crypt_secret, totp_secret) = gen_user_secret(totp_pass, username) user.secret = crypt_secret user.totp = True user.save() response['success'] = True response['secret'] = totp_secret qr_img = generate_qrcode("otpauth://totp/%s?secret=%s" % (title, totp_secret), size) if qr_img: response['qr_img'] = qr_img else: response['qr_img'] = None else: response['success'] = False return response