Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
def genOTPKey():
global OTPConfig
global OTPKey
global OTPKeySystemBackupPath
print('產生 OTP 金鑰')
OTPKey = pyotp.random_base32()
OTPConfig['OTPKey'] = OTPKey
with open(OTPKeySystemBackupPath + getFileTime() + '.txt', 'w') as BackupKeyFile:
BackupKeyFile.write(OTPKey)
OTPURL = pyotp.totp.TOTP(OTPKey).provisioning_uri(ID, issuer_name="PTT OTP")
with open('QRCode.html', 'w', encoding='utf-8') as QRCodeFile:
QRCodeHTML = QRCodeHTMLSample
QRCodeHTML = QRCodeHTML.replace('==ID==', ID)
QRCodeHTML = QRCodeHTML.replace('==Version==', Version.Ver)
QRCodeHTML = QRCodeHTML.replace('==Value==', OTPURL)
QRCodeFile.write(QRCodeHTML)
ExecutePath = os.path.dirname(os.path.abspath( __file__ ))
webbrowser.open(ExecutePath + '/QRCode.html')
def _totp(self):
"""Return the time-based one-time-password based on this secret"""
try:
import pyotp as _pyotp
return _pyotp.totp.TOTP(self._secret)
except:
from Acquire.Crypto import OTPError
raise OTPError("You cannot get a null OTP - create one first!")
async def provisioning_uri(self):
"""
Returns the provisioning URI for the OTP. This can then be encoded in a QR Code and used to
provision an OTP app like Google Authenticator.
"""
config = await self.middleware.call(f'{self._config.namespace}.config')
return pyotp.totp.TOTP(
config['secret'], interval=config['interval'], digits=config['otp_digits']
).provisioning_uri(
f'{(await self.middleware.call("system.info"))["hostname"]}@'
f'{await self.middleware.call("system.product_name")}',
'iXsystems'
)
# Generate or use the existing TOTP key
totp_key = initial.get('totp_key')
if not totp_key:
totp_key = pyotp.random_base32()
initial['totp_key_label'] = 'Zato web-admin'
else:
cm = CryptoManager(secret_key=zato_settings.zato_secret_key)
# TOTP key is always decrypted so we need to decrypt it here
totp_key = cm.decrypt(totp_key)
# .. same goes for its label
initial['totp_key_label'] = cm.decrypt(initial['totp_key_label'])
# Build the actual TOTP object for later use
totp = pyotp.totp.TOTP(totp_key)
# Update template data with TOTP information
initial['totp_key'] = totp.secret
initial['totp_key_provision_uri'] = totp.provisioning_uri(username, issuer_name=initial['totp_key_label'])
# -*- coding: utf-8 -*-
import pyotp
import os
secret = pyotp.random_base32()
with open('auth.py','r') as f:
lines = f.readlines()
lines[4] = 'OTP_SECRET = "%s"\n'%(secret)
with open('auth.py','w') as f:
f.writelines(lines)
url = pyotp.totp.TOTP(secret).provisioning_uri("test@test.com", issuer_name="jxotp")
cmd = 'echo "%s" | qrencode -o - -t UTF8'%(url)
print("请使用微信小程序 运维密码 扫描二维码")
print("友情提示,如果需要设置白名单IP或者双因素认证用户,可通过修改/lib64/security/auth.py文件进行设置,默认只对root用户开启双因素认证,")
print("详情请查看github文档说明")
#print cmd
os.system(cmd)
def totp():
if not TOTP_SEED:
return None
seed = base64.b64decode(TOTP_SEED.encode())
seed_b32 = base64.b32encode(seed)
otp = pyotp.totp.TOTP(seed_b32, digits=8, digest=hashlib.sha256)
return otp.now()
def set_hotp(self, counter):
if isinstance(self.otp, pyotp.totp.TOTP):
logger.info('Switching into HOTP mode')
self.otp = pyotp.HOTP(self.otp.secret)
self.counter = counter
def do_mfa_view():
if 'username' not in g.session:
return redirect('/user/login')
if libmfa.mfa_is_enabled(g.session['username']):
return render_template('mfa.disable.html')
else:
libmfa.mfa_reset_secret(g.session['username'])
secret = libmfa.mfa_get_secret(g.session['username'])
secret_url = pyotp.totp.TOTP(secret).provisioning_uri(g.session['username'], issuer_name="Vulpy")
img = qrcode.make(secret_url)
buffered = BytesIO()
img.save(buffered, format="PNG")
img_str = base64.b64encode(buffered.getvalue()).decode()
print(img)
print(dir(img))
print(img_str)
return render_template('mfa.enable.html', secret_url=secret_url, img_str=img_str)
def clean(self):
if self.user.is_remote:
raise forms.ValidationError("Cannot add a verification device to a remote user")
secret = self.cleaned_data["secret"]
verification_code = self.cleaned_data["verification_code"]
totp = pyotp.totp.TOTP(secret)
if not totp.verify(verification_code):
self.add_error("verification_code", "Wrong verification code")
return self.cleaned_data