1
0
Fork 0
mirror of synced 2024-12-21 22:21:07 -05:00

fixes for totp auth

This commit is contained in:
Ilya Sosnovsky 2022-11-14 19:26:34 +03:00
parent e00a826faa
commit 8ca2faa468
2 changed files with 26 additions and 12 deletions

View file

@ -30,6 +30,8 @@ usage: openvpn-user [<flags>] <command> [<args> ...]
Flags:
--help Show context-sensitive help (also try --help-long and --help-man).
--db.path="./openvpn-user.db" path do openvpn-user db
--debug Enable debug mode.
--version Show application version.
Commands:
help [<command>...]
@ -46,9 +48,6 @@ Commands:
delete --user=USER [<flags>]
Delete user.
flags:
--force Delete from db
revoke --user=USER
Revoke user.
@ -58,13 +57,23 @@ Commands:
list [<flags>]
List active users.
flags:
--all Show all users include revoked and delete
auth --user=USER --password=PASSWORD
check --user=USER
check user existent.
auth --user=USER [<flags>]
Auth user.
change-password --user=USER --password=PASSWORD
Change password.
Change password
update-secret --user=USER [<flags>]
update OTP secret
register-app --user=USER
register 2FA application
get-secret --user=USER
get OTP secret
```

View file

@ -59,10 +59,10 @@ var (
updateSecretCommandUserFlag = updateSecretCommand.Flag("user", "Username.").Required().String()
updateSecretCommandSecretFlag = updateSecretCommand.Flag("secret", "Secret.").Default("generate").String()
registerAppCommand = kingpin.Command("register-app", "update OTP secret")
registerAppCommand = kingpin.Command("register-app", "register 2FA application")
registerAppCommandUserFlag = registerAppCommand.Flag("user", "Username.").Required().String()
getSecretCommand = kingpin.Command("get-secret", "gwt OTP secret")
getSecretCommand = kingpin.Command("get-secret", "get OTP secret")
getSecretCommandUserFlag = getSecretCommand.Flag("user", "Username.").Required().String()
debug = kingpin.Flag("debug", "Enable debug mode.").Default("false").Bool()
@ -391,15 +391,20 @@ func authUser(username, password, totp string) {
trimmedToken := strings.TrimSpace(totp)
// Validate token
_, err := otpConfig.Authenticate(trimmedToken)
ok, err := otpConfig.Authenticate(trimmedToken)
if err != nil {
fmt.Println(err)
os.Exit(1)
} else {
}
if ok {
fmt.Println("Authorization successful")
os.Exit(0)
} else {
fmt.Println("Token mismatched")
os.Exit(1)
}
} else if len(password) > 0 && totp == "" {
err = bcrypt.CompareHashAndPassword([]byte(u.password), []byte(password))