Documentation ¶
Overview ¶
Package totp2fa implements two factor auth using time-based one time passwords.
Index ¶
- Constants
- type TOTP
- func (t *TOTP) GetConfirm(w http.ResponseWriter, r *http.Request) error
- func (t *TOTP) GetQRCode(w http.ResponseWriter, r *http.Request) error
- func (t *TOTP) GetRemove(w http.ResponseWriter, r *http.Request) error
- func (t *TOTP) GetSetup(w http.ResponseWriter, r *http.Request) error
- func (t *TOTP) GetValidate(w http.ResponseWriter, r *http.Request) error
- func (t *TOTP) HijackAuth(w http.ResponseWriter, r *http.Request, handled bool) (bool, error)
- func (t *TOTP) PostConfirm(w http.ResponseWriter, r *http.Request) error
- func (t *TOTP) PostRemove(w http.ResponseWriter, r *http.Request) error
- func (t *TOTP) PostSetup(w http.ResponseWriter, r *http.Request) error
- func (t *TOTP) PostValidate(w http.ResponseWriter, r *http.Request) error
- func (t *TOTP) Setup() error
- type TOTPCodeValuer
- type User
- type UserOneTime
Constants ¶
const ( SessionTOTPSecret = "totp_secret" SessionTOTPPendingPID = "totp_pending" )
Session keys
const ( PageTOTPConfirm = "totp2fa_confirm" PageTOTPConfirmSuccess = "totp2fa_confirm_success" PageTOTPRemove = "totp2fa_remove" PageTOTPRemoveSuccess = "totp2fa_remove_success" PageTOTPSetup = "totp2fa_setup" PageTOTPValidate = "totp2fa_validate" )
Pages
const (
DataTOTPSecret = SessionTOTPSecret
)
Data constants
const (
FormValueCode = "code"
)
Form value constants
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type TOTP ¶
type TOTP struct {
*authboss.Authboss
}
TOTP implements time based one time passwords
func (*TOTP) GetConfirm ¶
GetConfirm requests a user to enter their totp code
func (*TOTP) GetValidate ¶
GetValidate shows a page to enter a code into
func (*TOTP) HijackAuth ¶
HijackAuth stores the user's pid in a special temporary session variable and redirects them to the validation endpoint.
func (*TOTP) PostConfirm ¶
PostConfirm finally activates totp if the code matches
func (*TOTP) PostRemove ¶
PostRemove removes totp
func (*TOTP) PostValidate ¶
PostValidate redirects on success
type TOTPCodeValuer ¶
TOTPCodeValuer returns a code from the body
func MustHaveTOTPCodeValues ¶
func MustHaveTOTPCodeValues(v authboss.Validator) TOTPCodeValuer
MustHaveTOTPCodeValues upgrades a validatable set of values to ones specific to a user that needs to be recovered.
type UserOneTime ¶
UserOneTime allows totp codes to be one-time use only