diff options
Diffstat (limited to 'pkg/app/handler/authentication/totp/totp.go')
-rw-r--r-- | pkg/app/handler/authentication/totp/totp.go | 60 |
1 files changed, 60 insertions, 0 deletions
diff --git a/pkg/app/handler/authentication/totp/totp.go b/pkg/app/handler/authentication/totp/totp.go new file mode 100644 index 0000000..00e6b83 --- /dev/null +++ b/pkg/app/handler/authentication/totp/totp.go @@ -0,0 +1,60 @@ +package totp + +import ( + "glsamaker/pkg/app/handler/authentication/auth_session" + "glsamaker/pkg/app/handler/authentication/utils" + "glsamaker/pkg/models/users" + "bytes" + "encoding/base64" + "github.com/pquerna/otp/totp" + "image/png" + "net/http" + "time" +) + +func Login(w http.ResponseWriter, r *http.Request) { + + user := utils.GetAuthenticatedUser(r) + token, err := getParam(r) + + if user == nil || err != nil || !IsValidTOTPToken(user, token) { + http.Redirect(w, r, "/login/2fa", 301) + } else { + auth_session.Create(w, r, user, true, false) + http.Redirect(w, r, "/", 301) + } + +} + +func IsValidTOTPToken(user *users.User, token string) bool { + return totp.Validate(token, user.TOTPSecret) +} + +func GetToken(user *users.User) string { + token, _ := totp.GenerateCode(user.TOTPSecret, time.Now()) + return token +} + +func Generate(email string) (string, string) { + + key, _ := totp.Generate(totp.GenerateOpts{ + Issuer: "glsamakertest.gentoo.org", + AccountName: email, + }) + + var buf bytes.Buffer + img, _ := key.Image(250, 250) + + png.Encode(&buf, img) + + return key.Secret(), base64.StdEncoding.EncodeToString(buf.Bytes()) +} + +func getParam(r *http.Request) (string, error) { + err := r.ParseForm() + if err != nil { + return "", err + } + token := r.Form.Get("token") + return token, err +} |