wangwei
/
aiforge
Not watched
1
0
Fork 0
Code
Releases 128 Wiki Activity
Issues 0 Pull Requests 0 Datasets Model Cloudbrain
You can not select more than 25 topics Topics must start with a chinese character,a letter or number, can include dashes ('-') and can be up to 35 characters long.
5961 Commits
197 Branches
346 MB
788 Download
Tree: fabf3f2fc2
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'fabf3f2fc2'
${ noResults }
aiforge/models/twofactor.go

twofactor.go 3.0 kB
Raw Normal View History

Two factor authentication support (#630) * Initial commit for 2FA support Signed-off-by: Andrew <write@imaginarycode.com> * Add vendored files * Add missing depends * A few clean ups * Added improvements, proper encryption * Better encryption key * Simplify "key" generation * Make 2FA enrollment page more robust * Fix typo * Rename twofa/2FA to TwoFactor * UNIQUE INDEX -> UNIQUE
8 years ago
Refactor struct's time to remove unnecessary memory usage (#3142) * refactor struct's time to remove unnecessary memory usage * use AsTimePtr simple code * fix tests * fix time compare * fix template on gpg * use AddDuration instead of Add
8 years ago
Two factor authentication support (#630) * Initial commit for 2FA support Signed-off-by: Andrew <write@imaginarycode.com> * Add vendored files * Add missing depends * A few clean ups * Added improvements, proper encryption * Better encryption key * Simplify "key" generation * Make 2FA enrollment page more robust * Fix typo * Rename twofa/2FA to TwoFactor * UNIQUE INDEX -> UNIQUE
8 years ago
Refactor struct's time to remove unnecessary memory usage (#3142) * refactor struct's time to remove unnecessary memory usage * use AsTimePtr simple code * fix tests * fix time compare * fix template on gpg * use AddDuration instead of Add
8 years ago
Two factor authentication support (#630) * Initial commit for 2FA support Signed-off-by: Andrew <write@imaginarycode.com> * Add vendored files * Add missing depends * A few clean ups * Added improvements, proper encryption * Better encryption key * Simplify "key" generation * Make 2FA enrollment page more robust * Fix typo * Rename twofa/2FA to TwoFactor * UNIQUE INDEX -> UNIQUE
8 years ago
Various wiki bug fixes (#2996) * Update macaron * Various wiki bug fixes
8 years ago
Two factor authentication support (#630) * Initial commit for 2FA support Signed-off-by: Andrew <write@imaginarycode.com> * Add vendored files * Add missing depends * A few clean ups * Added improvements, proper encryption * Better encryption key * Simplify "key" generation * Make 2FA enrollment page more robust * Fix typo * Rename twofa/2FA to TwoFactor * UNIQUE INDEX -> UNIQUE
8 years ago
Various wiki bug fixes (#2996) * Update macaron * Various wiki bug fixes
8 years ago
Two factor authentication support (#630) * Initial commit for 2FA support Signed-off-by: Andrew <write@imaginarycode.com> * Add vendored files * Add missing depends * A few clean ups * Added improvements, proper encryption * Better encryption key * Simplify "key" generation * Make 2FA enrollment page more robust * Fix typo * Rename twofa/2FA to TwoFactor * UNIQUE INDEX -> UNIQUE
8 years ago
Replace deprecated Id method with ID (#2655)
8 years ago
Two factor authentication support (#630) * Initial commit for 2FA support Signed-off-by: Andrew <write@imaginarycode.com> * Add vendored files * Add missing depends * A few clean ups * Added improvements, proper encryption * Better encryption key * Simplify "key" generation * Make 2FA enrollment page more robust * Fix typo * Rename twofa/2FA to TwoFactor * UNIQUE INDEX -> UNIQUE
8 years ago
Replace deprecated Id method with ID (#2655)
8 years ago
Two factor authentication support (#630) * Initial commit for 2FA support Signed-off-by: Andrew <write@imaginarycode.com> * Add vendored files * Add missing depends * A few clean ups * Added improvements, proper encryption * Better encryption key * Simplify "key" generation * Make 2FA enrollment page more robust * Fix typo * Rename twofa/2FA to TwoFactor * UNIQUE INDEX -> UNIQUE
8 years ago
 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117 
  1. // Copyright 2017 The Gitea Authors. All rights reserved.

  2. // Use of this source code is governed by a MIT-style

  3. // license that can be found in the LICENSE file.

  4. 

  5. package models

  6. 

  7. import (

  8. 	"crypto/md5"

  9. 	"crypto/subtle"

  10. 	"encoding/base64"

  11. 

  12. 	"github.com/Unknwon/com"

  13. 	"github.com/pquerna/otp/totp"

  14. 

  15. 	"code.gitea.io/gitea/modules/base"

  16. 	"code.gitea.io/gitea/modules/setting"

  17. 	"code.gitea.io/gitea/modules/util"

  18. )

  19. 

  20. // TwoFactor represents a two-factor authentication token.

  21. type TwoFactor struct {

  22. 	ID           int64 `xorm:"pk autoincr"`

  23. 	UID          int64 `xorm:"UNIQUE"`

  24. 	Secret       string

  25. 	ScratchToken string

  26. 	CreatedUnix  util.TimeStamp `xorm:"INDEX created"`

  27. 	UpdatedUnix  util.TimeStamp `xorm:"INDEX updated"`

  28. }

  29. 

  30. // GenerateScratchToken recreates the scratch token the user is using.

  31. func (t *TwoFactor) GenerateScratchToken() error {

  32. 	token, err := base.GetRandomString(8)

  33. 	if err != nil {

  34. 		return err

  35. 	}

  36. 	t.ScratchToken = token

  37. 	return nil

  38. }

  39. 

  40. // VerifyScratchToken verifies if the specified scratch token is valid.

  41. func (t *TwoFactor) VerifyScratchToken(token string) bool {

  42. 	if len(token) == 0 {

  43. 		return false

  44. 	}

  45. 	return subtle.ConstantTimeCompare([]byte(token), []byte(t.ScratchToken)) == 1

  46. }

  47. 

  48. func (t *TwoFactor) getEncryptionKey() []byte {

  49. 	k := md5.Sum([]byte(setting.SecretKey))

  50. 	return k[:]

  51. }

  52. 

  53. // SetSecret sets the 2FA secret.

  54. func (t *TwoFactor) SetSecret(secret string) error {

  55. 	secretBytes, err := com.AESGCMEncrypt(t.getEncryptionKey(), []byte(secret))

  56. 	if err != nil {

  57. 		return err

  58. 	}

  59. 	t.Secret = base64.StdEncoding.EncodeToString(secretBytes)

  60. 	return nil

  61. }

  62. 

  63. // ValidateTOTP validates the provided passcode.

  64. func (t *TwoFactor) ValidateTOTP(passcode string) (bool, error) {

  65. 	decodedStoredSecret, err := base64.StdEncoding.DecodeString(t.Secret)

  66. 	if err != nil {

  67. 		return false, err

  68. 	}

  69. 	secret, err := com.AESGCMDecrypt(t.getEncryptionKey(), decodedStoredSecret)

  70. 	if err != nil {

  71. 		return false, err

  72. 	}

  73. 	secretStr := string(secret)

  74. 	return totp.Validate(passcode, secretStr), nil

  75. }

  76. 

  77. // NewTwoFactor creates a new two-factor authentication token.

  78. func NewTwoFactor(t *TwoFactor) error {

  79. 	err := t.GenerateScratchToken()

  80. 	if err != nil {

  81. 		return err

  82. 	}

  83. 	_, err = x.Insert(t)

  84. 	return err

  85. }

  86. 

  87. // UpdateTwoFactor updates a two-factor authentication token.

  88. func UpdateTwoFactor(t *TwoFactor) error {

  89. 	_, err := x.ID(t.ID).AllCols().Update(t)

  90. 	return err

  91. }

  92. 

  93. // GetTwoFactorByUID returns the two-factor authentication token associated with

  94. // the user, if any.

  95. func GetTwoFactorByUID(uid int64) (*TwoFactor, error) {

  96. 	twofa := &TwoFactor{UID: uid}

  97. 	has, err := x.Get(twofa)

  98. 	if err != nil {

  99. 		return nil, err

  100. 	} else if !has {

  101. 		return nil, ErrTwoFactorNotEnrolled{uid}

  102. 	}

  103. 	return twofa, nil

  104. }

  105. 

  106. // DeleteTwoFactorByID deletes two-factor authentication token by given ID.

  107. func DeleteTwoFactorByID(id, userID int64) error {

  108. 	cnt, err := x.ID(id).Delete(&TwoFactor{

  109. 		UID: userID,

  110. 	})

  111. 	if err != nil {

  112. 		return err

  113. 	} else if cnt != 1 {

  114. 		return ErrTwoFactorNotEnrolled{userID}

  115. 	}

  116. 	return nil

  117. }

No Description