// Check two-factor
func (u *User) IsValidTwoFactor(token string) bool {
// Do we have two factor enabled?
if len(u.TwoFactorSeed) == 0 {
// No, OK pass
log.Println(fmt.Sprintf("WARN: User %s login without two-factor enabled", u.DisplayName()))
return true
}
// Configure token
var cotp *dgoogauth.OTPConfig = &dgoogauth.OTPConfig{
Secret: u.TwoFactorSeed,
WindowSize: 3,
}
// Validate token
authRes, authErr := cotp.Authenticate(token)
if authErr != nil || authRes == false {
log.Println(fmt.Sprintf("WARN: User %s failed two-factor challenge, invalid token", u.DisplayName()))
return false
} else {
// OK
return true
}
// By default error
return false
}
// Validate totp token
func (u *User) ValidateTotp(t string) bool {
// No token set / provided?
if len(u.TotpSecret) < 1 || len(strings.TrimSpace(t)) < 1 {
return false
}
// Validate
cotp := dgoogauth.OTPConfig{
Secret: u.TotpSecret,
WindowSize: TOTP_MAX_WINDOWS,
}
res, _ := cotp.Authenticate(t)
return res
}