from base64 import b32encode\r
from datetime import datetime, timedelta\r
\r
-import pyotp\r
from fastapi import Depends, HTTPException, Request\r
from fastapi.security import OAuth2PasswordBearer\r
from jose import JWTError, jwt\r
+from pyotp import TOTP\r
+from pyotp.utils import build_uri\r
from qrcode import QRCode\r
\r
from global_config import AuthType, GlobalConfig\r
self.is_totp_enabled = True\r
self.totp_key = get_env("FLATNOTES_TOTP_KEY", mandatory=True)\r
self.totp_key = b32encode(self.totp_key.encode("utf-8"))\r
- self.totp = pyotp.TOTP(self.totp_key)\r
+ self.totp = TOTP(self.totp_key)\r
self.last_used_totp = None\r
self._display_totp_enrolment()\r
\r
return encoded_jwt\r
\r
def _display_totp_enrolment(self):\r
- uri = self.totp.provisioning_uri(\r
- issuer_name="flatnotes", name=self.username\r
- )\r
+ # Fix for #237. Remove padding as per spec:\r
+ # https://github.com/google/google-authenticator/wiki/Key-Uri-Format#secret\r
+ unpadded_secret = self.totp_key.rstrip(b"=")\r
+ uri = build_uri(unpadded_secret, self.username, issuer="flatnotes")\r
qr = QRCode()\r
qr.add_data(uri)\r
print(\r
git.99rst.org / flatnotes.git / commitdiff