localhost_frssoft/fediauth
1
0
Fork 0
mirror of https://git.phreedom.club/localhost_frssoft/fediauth.git synced 2024-11-25 17:31:29 +00:00
Code Issues Packages Projects Releases Wiki Activity

+/-30 seconds otp validity

Browse source
This commit is contained in:
BuckarooBanzay 2023-02-08 21:40:47 +01:00
parent 7a1827b5f7
commit 376d163d08
4 changed files with 30 additions and 6 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

11
functions.lua
View file

@ -199,4 +199,15 @@ function otp.is_player_enabled(name)
local has_priv = minetest.check_player_privs(name, "otp_enabled") local has_priv = minetest.check_player_privs(name, "otp_enabled")
return has_secret and has_priv return has_secret and has_priv
end
function otp.check_code(secret_b32, code, time)
time = time or os.time()
for _, t_offset in ipairs({0, -30, 30}) do
local expected_code = otp.generate_totp(secret_b32, time + t_offset)
if expected_code == code then
return true
end
end
return false
end end

19
functions.spec.lua
View file

@ -28,12 +28,12 @@ mtt.register("otp.hmac", function(callback)
end) end)
mtt.register("otp.generate_totp", function(callback) mtt.register("otp.generate_totp", function(callback)
local expected_code = 699847 local expected_code = "699847"
local secret_b32 = "N6JGKMEKU2E6HQMLLNMJKBRRGVQ2ZKV7" local secret_b32 = "N6JGKMEKU2E6HQMLLNMJKBRRGVQ2ZKV7"
local unix_time = 1640995200 local unix_time = 1640995200
local code, valid_seconds = otp.generate_totp(secret_b32, unix_time) local code, valid_seconds = otp.generate_totp(secret_b32, unix_time)
assert(code == ""..expected_code) assert(code == expected_code)
assert(valid_seconds > 0) assert(valid_seconds > 0)
code, valid_seconds = otp.generate_totp(secret_b32) code, valid_seconds = otp.generate_totp(secret_b32)
@ -41,6 +41,21 @@ mtt.register("otp.generate_totp", function(callback)
callback() callback()
end) end)
mtt.register("otp.check_code", function(callback)
local expected_code = "699847"
local secret_b32 = "N6JGKMEKU2E6HQMLLNMJKBRRGVQ2ZKV7"
local unix_time = 1640995200
assert(otp.check_code(secret_b32, expected_code, unix_time))
assert(otp.check_code(secret_b32, expected_code, unix_time+30))
assert(otp.check_code(secret_b32, expected_code, unix_time-30))
assert(not otp.check_code(secret_b32, expected_code, unix_time-60))
assert(not otp.check_code(secret_b32, expected_code, unix_time+60))
assert(not otp.check_code(secret_b32, expected_code))
callback()
end)
mtt.register("otp.create_qr_png", function(callback) mtt.register("otp.create_qr_png", function(callback)
local url = "otpauth://totp/abc:myaccount?algorithm=SHA1&digits=6&issuer=abc&period=30&" local url = "otpauth://totp/abc:myaccount?algorithm=SHA1&digits=6&issuer=abc&period=30&"
.. "secret=N6JGKMEKU2E6HQMLLNMJKBRRGVQ2ZKV7" .. "secret=N6JGKMEKU2E6HQMLLNMJKBRRGVQ2ZKV7"

3
join.lua
View file

@ -55,8 +55,7 @@ minetest.register_on_player_receive_fields(function(player, formname, fields)
local playername = player:get_player_name() local playername = player:get_player_name()
local secret_b32 = otp.get_player_secret_b32(playername) local secret_b32 = otp.get_player_secret_b32(playername)
local expected_code = otp.generate_totp(secret_b32) if otp.check_code(secret_b32, fields.code) then
if expected_code == fields.code then
minetest.chat_send_player(playername, "OTP Code validation succeeded") minetest.chat_send_player(playername, "OTP Code validation succeeded")
otp_sessions[playername] = nil otp_sessions[playername] = nil
otp.regrant_privs(playername) otp.regrant_privs(playername)

3
onboard.lua
View file

@ -63,8 +63,7 @@ minetest.register_on_player_receive_fields(function(player, formname, fields)
if fields.code then if fields.code then
local playername = player:get_player_name() local playername = player:get_player_name()
local secret_b32 = otp.get_player_secret_b32(playername) local secret_b32 = otp.get_player_secret_b32(playername)
local expected_code = otp.generate_totp(secret_b32) if otp.check_code(secret_b32, fields.code) then
if expected_code == fields.code then
-- set priv -- set priv
local privs = minetest.get_player_privs(playername) local privs = minetest.get_player_privs(playername)
privs.otp_enabled = true privs.otp_enabled = true