mirrors
/
redmine
peilaus alkaen https://github.com/redmine/redmine.git
Tarkkaile 1
Äänestä 0
Fork 0
Koodi Ongelmat 0 Julkaisut 199 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
15972 Commitit
33 Branchit
Puu: 560bca344a
Branchit Tagit
${ item.name }
Create branch ${ searchTerm }
from '560bca344a'
${ noResults }
redmine/lib/redmine/twofa/totp.rb

totp.rb 2.1KB
Raaka Blame Historia

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768 
  1. # frozen_string_literal: true

  2. 

  3. # Redmine - project management software

  4. # Copyright (C) 2006-2020  Jean-Philippe Lang

  5. #

  6. # This program is free software; you can redistribute it and/or

  7. # modify it under the terms of the GNU General Public License

  8. # as published by the Free Software Foundation; either version 2

  9. # of the License, or (at your option) any later version.

  10. #

  11. # This program is distributed in the hope that it will be useful,

  12. # but WITHOUT ANY WARRANTY; without even the implied warranty of

  13. # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

  14. # GNU General Public License for more details.

  15. #

  16. # You should have received a copy of the GNU General Public License

  17. # along with this program; if not, write to the Free Software

  18. # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.

  19. 

  20. module Redmine

  21.   module Twofa

  22.     class Totp < Base

  23.       def init_pairing!

  24.         @user.update!(twofa_totp_key: ROTP::Base32.random)

  25.         # reset the cached totp as the key might have changed

  26.         @totp = nil

  27.         super

  28.       end

  29. 

  30.       def destroy_pairing_without_verify!

  31.         @user.update!(twofa_totp_key: nil, twofa_totp_last_used_at: nil)

  32.         # reset the cached totp as the key might have changed

  33.         @totp = nil

  34.         super

  35.       end

  36. 

  37.       def verify_otp!(code)

  38.         # topt codes are white-space-insensitive

  39.         code = code.to_s.remove(/[[:space:]]/)

  40.         last_verified_at = @user.twofa_totp_last_used_at

  41.         verified_at = totp.verify(code.to_s, drift_behind: allowed_drift, after: last_verified_at)

  42.         if verified_at

  43.           @user.update!(twofa_totp_last_used_at: verified_at)

  44.           return true

  45.         else

  46.           return false

  47.         end

  48.       end

  49. 

  50.       def provisioning_uri

  51.         totp.provisioning_uri(@user.mail)

  52.       end

  53. 

  54.       def init_pairing_view_variables

  55.         super.merge({

  56.           provisioning_uri: provisioning_uri,

  57.           totp_key: @user.twofa_totp_key

  58.         })

  59.       end

  60. 

  61.       private

  62. 

  63.       def totp

  64.         @totp ||= ROTP::TOTP.new(@user.twofa_totp_key, issuer: Setting.app_title)

  65.       end

  66.     end

  67.   end

  68. end