kyfx
/
Plotly-DashGo
mirror of https://github.com/luojiaaoo/Plotly-DashGo.git
3
0
Fork 1
Code Issues Packages Projects Releases Wiki Activity

Basic认证支持OTP动态码

This commit is contained in:
luojiaaoo 2025-03-25 21:16:59 +08:00
parent dd74bbc4a6
commit 6cc1e1004d
1 changed files with 9 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
src/common/utilities/util_authorization.py
View File

@ -32,7 +32,14 @@ def auth_validate(verify_exp=True) -> tuple[AuthType, Union[Dict, AccessFailType
def validate_basic(auth_token):
import base64
from database.sql_db.dao import dao_user
from otpauth import TOTP
import re
decoded_token = base64.b64decode(auth_token).decode('utf-8')
username, password = decoded_token.split(':', 1)
return {'user_name': username} if dao_user.user_password_verify(username, password) else AccessFailType.INVALID
user_name, password = decoded_token.split(':', 1)
if dao_user.user_password_verify(user_name, password) or (
(otp_secret := dao_user.get_otp_secret(user_name)) and re.match(r'^\d+$', password) and TOTP(otp_secret.encode()).verify(int(password))
):
return {'user_name': user_name}
else:
return AccessFailType.INVALID