home to your local SPACEGIRL 💫
arimelody.space
working TOTP codes YIPPEE
+23
-2
+22
-1
controller/totp.go
+22
-1
controller/totp.go
···
3
3
import (
4
4
"arimelody-web/model"
5
5
"crypto/hmac"
6
+
"crypto/rand"
6
7
"crypto/sha1"
8
+
"encoding/base32"
7
9
"encoding/binary"
8
10
"fmt"
9
11
"math"
10
12
"net/url"
13
+
"os"
11
14
"strings"
12
15
"time"
13
16
14
17
"github.com/jmoiron/sqlx"
15
18
)
16
19
20
+
const TOTP_SECRET_LENGTH = 32
17
21
const TIME_STEP int64 = 30
18
22
const CODE_LENGTH = 6
19
23
20
24
func GenerateTOTP(secret string, timeStepOffset int) string {
25
+
decodedSecret, err := base32.StdEncoding.WithPadding(base32.NoPadding).DecodeString(secret)
26
+
if err != nil {
27
+
fmt.Fprintf(os.Stderr, "WARN: Invalid Base32 secret\n")
28
+
}
29
+
21
30
counter := time.Now().Unix() / TIME_STEP - int64(timeStepOffset)
22
31
counterBytes := make([]byte, 8)
23
32
binary.BigEndian.PutUint64(counterBytes, uint64(counter))
24
33
25
-
mac := hmac.New(sha1.New, []byte(secret))
34
+
mac := hmac.New(sha1.New, []byte(decodedSecret))
26
35
mac.Write(counterBytes)
27
36
hash := mac.Sum(nil)
28
37
···
31
40
code := binaryCode % int32(math.Pow10(CODE_LENGTH))
32
41
33
42
return fmt.Sprintf(fmt.Sprintf("%%0%dd", CODE_LENGTH), code)
43
+
}
44
+
45
+
func GenerateTOTPSecret(length int) string {
46
+
bytes := make([]byte, length)
47
+
_, err := rand.Read(bytes)
48
+
if err != nil {
49
+
panic("FATAL: Failed to generate random TOTP bytes")
50
+
}
51
+
52
+
secret := base32.StdEncoding.WithPadding(base32.NoPadding).EncodeToString(bytes)
53
+
54
+
return strings.ToUpper(secret)
34
55
}
35
56
36
57
func GenerateTOTPURI(username string, secret string) string {
+1
-1
main.go
+1
-1
main.go