ari/arimelody.me
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

terrible no good massive refactor commit (oh yeah and built generic sessions for admin panel)

Browse source
This commit is contained in:
ari melody 2025-01-23 00:37:19 +00:00
parent cee99a6932
commit 45f33b8b46
Signed by: ari
GPG key ID: CF99829C92678188
34 changed files with 740 additions and 654 deletions
Download patch file Download diff file Expand all files Collapse all files

20
controller/totp.go
View file

@ -17,7 +17,7 @@ import (
"github.com/jmoiron/sqlx"
)
const TOTP_SECRET_LENGTH = 32
const TOTP_SECRET_LENGTH = 64
const TIME_STEP int64 = 30
const CODE_LENGTH = 6
@ -89,6 +89,24 @@ func GetTOTPsForAccount(db *sqlx.DB, accountID string) ([]model.TOTP, error) {
return totps, nil
}
func CheckTOTPForAccount(db *sqlx.DB, accountID string, totp string) (*model.TOTP, error) {
totps, err := GetTOTPsForAccount(db, accountID)
if err != nil {
// user has no TOTP methods
return nil, err
}
for _, method := range totps {
check := GenerateTOTP(method.Secret, 0)
if check == totp {
// return the whole TOTP method as it may be useful for logging
return &method, nil
}
}
// user failed all TOTP checks
// note: this state will still occur even if the account has no TOTP methods.
return nil, nil
}
func GetTOTP(db *sqlx.DB, accountID string, name string) (*model.TOTP, error) {
totp := model.TOTP{}