Beispiel #1
0
// Check two-factor
func (u *User) IsValidTwoFactor(token string) bool {
	// Do we have two factor enabled?
	if len(u.TwoFactorSeed) == 0 {
		// No, OK pass
		log.Println(fmt.Sprintf("WARN: User %s login without two-factor enabled", u.DisplayName()))
		return true
	}

	// Configure token
	var cotp *dgoogauth.OTPConfig = &dgoogauth.OTPConfig{
		Secret:     u.TwoFactorSeed,
		WindowSize: 3,
	}

	// Validate token
	authRes, authErr := cotp.Authenticate(token)
	if authErr != nil || authRes == false {
		log.Println(fmt.Sprintf("WARN: User %s failed two-factor challenge, invalid token", u.DisplayName()))
		return false
	} else {
		// OK
		return true
	}

	// By default error
	return false
}
Beispiel #2
0
// Validate totp token
func (u *User) ValidateTotp(t string) bool {
	// No token set / provided?
	if len(u.TotpSecret) < 1 || len(strings.TrimSpace(t)) < 1 {
		return false
	}

	// Validate
	cotp := dgoogauth.OTPConfig{
		Secret:     u.TotpSecret,
		WindowSize: TOTP_MAX_WINDOWS,
	}
	res, _ := cotp.Authenticate(t)
	return res
}