Linux-Help/openvpn-user
1
0
Fork 0
mirror of synced 2024-11-22 09:05:34 -05:00
Code Issues Projects Releases Packages Wiki Activity

fixes for totp auth

Browse source
This commit is contained in:
Ilya Sosnovsky 2022-11-14 19:26:34 +03:00
parent e00a826faa
commit 8ca2faa468
2 changed files with 26 additions and 12 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

23
README.md
View file

@ -30,6 +30,8 @@ usage: openvpn-user [<flags>] <command> [<args> ...]
Flags: Flags:
--help Show context-sensitive help (also try --help-long and --help-man). --help Show context-sensitive help (also try --help-long and --help-man).
--db.path="./openvpn-user.db" path do openvpn-user db --db.path="./openvpn-user.db" path do openvpn-user db
--debug Enable debug mode.
--version Show application version.
Commands: Commands:
help [<command>...] help [<command>...]
@ -47,9 +49,6 @@ Commands:
delete --user=USER [<flags>] delete --user=USER [<flags>]
Delete user. Delete user.
flags:
--force Delete from db
revoke --user=USER revoke --user=USER
Revoke user. Revoke user.
@ -59,12 +58,22 @@ Commands:
list [<flags>] list [<flags>]
List active users. List active users.
flags: check --user=USER
--all Show all users include revoked and delete check user existent.
auth --user=USER --password=PASSWORD auth --user=USER [<flags>]
Auth user. Auth user.
change-password --user=USER --password=PASSWORD change-password --user=USER --password=PASSWORD
Change password. Change password
update-secret --user=USER [<flags>]
update OTP secret
register-app --user=USER
register 2FA application
get-secret --user=USER
get OTP secret
``` ```

13
openvpn-user.go
View file

@ -59,10 +59,10 @@ var (
updateSecretCommandUserFlag = updateSecretCommand.Flag("user", "Username.").Required().String() updateSecretCommandUserFlag = updateSecretCommand.Flag("user", "Username.").Required().String()
updateSecretCommandSecretFlag = updateSecretCommand.Flag("secret", "Secret.").Default("generate").String() updateSecretCommandSecretFlag = updateSecretCommand.Flag("secret", "Secret.").Default("generate").String()
registerAppCommand = kingpin.Command("register-app", "update OTP secret") registerAppCommand = kingpin.Command("register-app", "register 2FA application")
registerAppCommandUserFlag = registerAppCommand.Flag("user", "Username.").Required().String() registerAppCommandUserFlag = registerAppCommand.Flag("user", "Username.").Required().String()
getSecretCommand = kingpin.Command("get-secret", "gwt OTP secret") getSecretCommand = kingpin.Command("get-secret", "get OTP secret")
getSecretCommandUserFlag = getSecretCommand.Flag("user", "Username.").Required().String() getSecretCommandUserFlag = getSecretCommand.Flag("user", "Username.").Required().String()
debug = kingpin.Flag("debug", "Enable debug mode.").Default("false").Bool() debug = kingpin.Flag("debug", "Enable debug mode.").Default("false").Bool()
@ -391,15 +391,20 @@ func authUser(username, password, totp string) {
trimmedToken := strings.TrimSpace(totp) trimmedToken := strings.TrimSpace(totp)
// Validate token // Validate token
_, err := otpConfig.Authenticate(trimmedToken) ok, err := otpConfig.Authenticate(trimmedToken)
if err != nil { if err != nil {
fmt.Println(err) fmt.Println(err)
os.Exit(1) os.Exit(1)
} else { }
if ok {
fmt.Println("Authorization successful") fmt.Println("Authorization successful")
os.Exit(0) os.Exit(0)
} else {
fmt.Println("Token mismatched")
os.Exit(1)
} }
} else if len(password) > 0 && totp == "" { } else if len(password) > 0 && totp == "" {
err = bcrypt.CompareHashAndPassword([]byte(u.password), []byte(password)) err = bcrypt.CompareHashAndPassword([]byte(u.password), []byte(password))