Newer
Older
@login_view.route( "/totp_help" )
def totp_help():
"""
Serve the help page for the TOTP.
"""
current_app.logger.info( "Serving the TOTP help page" )
return utils.template.my_render_template( "login/totp_help.html" )
1008
1009
1010
1011
1012
1013
1014
1015
1016
1017
1018
1019
1020
1021
1022
1023
1024
1025
1026
1027
1028
1029
1030
1031
1032
1033
1034
################################################################################
# QR Code generation
def renew_secret():
"""
Request a new TOTP secret.
"""
current_app.logger.info( "Generate new secret" )
secret = pyotp.random_base32( 40 )
session[ "secret" ] = secret
return secret
def get_secret():
"""
Retrieve the current secret.
"""
current_app.logger.info( "Request secret for user '{}'".format( session[ "username" ] ) )
secret = session.get( "secret", None )
if secret == None:
secret = renew_secret()
return secret
@login_view.route( "/set_secret" )
def set_secret():
"""
Set the new secret value for the TOTP in the database.
"""
current_app.logger.info( "Storing new secret for user '{}'".format( session[ "username" ] ) )
try:
config.db.query( "UPDATE users SET totp = %s WHERE username = %s", ( session[ "secret" ], session[ "username" ], ) )
config.db.commit()
return jsonify( {
"error": False
} )
except:
return jsonify( {
"error": True
} )
@login_view.route( "/secret" )
def request_secret():
"""
Serve the current secret as JSON.
"""
current_app.logger.info( "Request the secret for user '{}'".format( session[ "username" ] ) )
get_secret()
return jsonify( {
"error": False,
"secret": session[ "secret" ]
} )
@login_view.route( "/new_secret" )
def request_renew_secret():
"""
Serve current secret.
"""
current_app.logger.info( "Renew TOTP secret for user '{}'".format( session[ "username" ] ) )
renew_secret()
return jsonify( {
"error": False,
"secret": session[ "secret" ]
} )
@login_view.route( "/user/config/totp_qrcode.png" )
def user_totp_qrcode():
"""
Generate the TOTP PNG QRcode image ready to scan.
"""
current_app.logger.info( "Generate the TOTP QRcode" )
if "username" in session:
qrcode_value = "otpauth://totp/ICNML%20{}?secret={}&issuer=ICNML".format( session[ "username" ], get_secret() )
qrcode_value = "otpauth://totp/ICNML?secret={}&issuer=ICNML".format( get_secret() )
current_app.logger.debug( "Value: {}".format( qrcode_value ) )
img = qrcode.make( qrcode_value )
temp = StringIO()
img.save( temp, format = "png" )
temp.seek( 0 )
return send_file( temp, mimetype = "image/png" )
@login_view.route( "/user/config/example_totp_qrcode.png" )
def user_totp_qrcode_example():
qrcode_value = "otpauth://totp/ICNML%20{}?secret={}&issuer=ICNML".format( "user_name", "secretsecretsecretsecret" )
img = qrcode.make( qrcode_value )
temp = StringIO()
img.save( temp, format = "png" )
temp.seek( 0 )
return send_file( temp, mimetype = "image/png" )
@login_view.route( "/user/config/totp" )
def user_totp_config():
"""
Serve the TOTP configuration page.
"""
current_app.logger.info( "Serve the TOTP config page" )
return utils.template.my_render_template(
secret = get_secret()
)