1
0
Fork 0
mirror of synced 2024-11-24 01:45:35 -05:00

fixes; reset 2fa

This commit is contained in:
Ilya Sosnovsky 2022-11-29 18:22:39 +03:00
parent 9e5553eff6
commit 5cabdcb686
4 changed files with 33 additions and 13 deletions

View file

@ -1,3 +1,3 @@
#!/usr/bin/env bash
env CGO_ENABLED=1 GOOS=linux GOARCH=amd64 go build -ldflags='-linkmode external -extldflags "-static" -s -w' -o openvpn-user
env CGO_ENABLED=1 GOOS=linux GOARCH=amd64 go build -ldflags "-linkmode external -extldflags -static -s -w" -o openvpn-user

View file

@ -10,7 +10,7 @@ import (
)
const (
version = "1.0.6"
version = "1.0.7"
)
var (
@ -56,6 +56,9 @@ var (
registerAppCommandUserFlag = registerAppCommand.Flag("user", "Username.").Short('u').Required().String()
registerAppCommandTotpFlag = registerAppCommand.Flag("totp", "TOTP.").Short('t').Required().String()
resetAppCommand = kingpin.Command("reset-app", "register 2FA application")
resetAppCommandUserFlag = resetAppCommand.Flag("user", "Username.").Short('u').Required().String()
checkAppCommand = kingpin.Command("check-app", "check 2FA application")
checkAppCommandUserFlag = checkAppCommand.Flag("user", "Username.").Short('u').Required().String()
@ -120,6 +123,8 @@ func main() {
wrap(openvpnUser.RegisterOtpSecret(*updateSecretCommandUserFlag, *updateSecretCommandSecretFlag))
case registerAppCommand.FullCommand():
wrap(openvpnUser.RegisterOtpApplication(*registerAppCommandUserFlag, *registerAppCommandTotpFlag))
case resetAppCommand.FullCommand():
wrap(openvpnUser.ResetOtpApplication(*resetAppCommandUserFlag))
case checkAppCommand.FullCommand():
appConfigured, appErr := openvpnUser.IsSecondFactorEnabled(*checkAppCommandUserFlag)
if appErr != nil {

View file

@ -186,7 +186,7 @@ func (oUser *OpenvpnUser) ChangeUserPassword(username, password string) (string,
func (oUser *OpenvpnUser) RegisterOtpSecret(username, secret string) (string, error) {
if oUser.userIsActive(username) {
if secret == "generate" {
randomStr := randStr(6, "alphanum")
randomStr := RandStr(6, "alphanum")
secret = base32.StdEncoding.EncodeToString([]byte(randomStr))
log.Debug("new generated secret for user %s: %s", username, secret)
@ -227,6 +227,24 @@ func (oUser *OpenvpnUser) RegisterOtpApplication(username, totp string) (string,
}
return "", userIsNotActiveError
}
func (oUser *OpenvpnUser) ResetOtpApplication(username string) (string, error) {
if oUser.userIsActive(username) {
appConfigured, appErr := oUser.IsSecondFactorEnabled(username)
if appErr != nil {
return "", appErr
}
if appConfigured {
_, err := oUser.Database.Exec("UPDATE users SET app_configured = 0 WHERE username = $2")
if err != nil {
return "", err
}
return "OTP application reset successful", nil
}
return "OTP application not configured", nil
}
return "", userIsNotActiveError
}
func (oUser *OpenvpnUser) GetUserOtpSecret(username string) (string, error) {
if oUser.userIsActive(username) {

View file

@ -2,20 +2,17 @@ package src
import "crypto/rand"
func randStr(strSize int, randType string) string {
func RandStr(strSize int, randType string) string {
var dictionary string
if randType == "alphanum" {
dictionary = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz"
}
if randType == "alpha" {
dictionary = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz"
}
if randType == "number" {
switch randType {
case "number":
dictionary = "0123456789"
case "alpha":
dictionary = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz"
default:
dictionary = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz"
}
var bytes = make([]byte, strSize)