Documentation ¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
var ErrInvalidCode = errors.New("invalid code")
ErrInvalidCode indicate the supplied one-time code was not valid
Functions ¶
func ComputeCode ¶
ComputeCode computes the response code for a 64-bit challenge 'value' using the secret 'secret'. To avoid breaking compatibility with the previous API, it returns an invalid code (-1) when an error occurs, but does not silently ignore them (it forces a mismatch so the code will be rejected).
Types ¶
type OTPConfig ¶
type OTPConfig struct { Secret string // 80-bit base32 encoded string of the user's secret WindowSize int // valid range: technically 0..100 or so, but beyond 3-5 is probably bad security HotpCounter int // the current otp counter. 0 if the user uses time-based codes instead. DisallowReuse []int // timestamps in the current window unavailable for re-use ScratchCodes []int // an array of 8-digit numeric codes that can be used to log in UTC bool // use UTC for the timestamp instead of local time }
OTPConfig is a one-time-password configuration. This object will be modified by calls to Authenticate and should be saved to ensure the codes are in fact only used once.
func (*OTPConfig) Authenticate ¶
Authenticate a one-time-password against the given OTPConfig Returns true/false if the authentication was successful. Returns error if the password is incorrectly formatted (not a zero-padded 6 or non-zero-padded 8 digit number).
func (*OTPConfig) ProvisionURI ¶
ProvisionURI generates a URI that can be turned into a QR code to configure a Google Authenticator mobile app.
func (*OTPConfig) ProvisionURIWithIssuer ¶
ProvisionURIWithIssuer generates a URI that can be turned into a QR code to configure a Google Authenticator mobile app. It respects the recommendations on how to avoid conflicting accounts.
See https://github.com/google/google-authenticator/wiki/Conflicting-Accounts