Two factor authentication support (#630)

* Initial commit for 2FA support Signed-off-by: Andrew <write@imaginarycode.com> * Add vendored files * Add missing depends * A few clean ups * Added improvements, proper encryption * Better encryption key * Simplify "key" generation * Make 2FA enrollment page more robust * Fix typo * Rename twofa/2FA to TwoFactor * UNIQUE INDEX -> UNIQUE
2017-01-15 21:14:29 -05:00 · 2017-01-15 21:14:29 -05:00 · 6dd096b7f0
commit 6dd096b7f0
parent 64375d875b
40 changed files with 3395 additions and 8 deletions
--- a/vendor/github.com/pquerna/otp/doc.go
+++ b/vendor/github.com/pquerna/otp/doc.go
@ -0,0 +1,70 @@
+/**
+ *  Copyright 2014 Paul Querna
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License");
+ *  you may not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS,
+ *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ */
+
+// Package otp implements both HOTP and TOTP based
+// one time passcodes in a Google Authenticator compatible manner.
+//
+// When adding a TOTP for a user, you must store the "secret" value
+// persistently. It is recommend to store the secret in an encrypted field in your
+// datastore.  Due to how TOTP works, it is not possible to store a hash
+// for the secret value like you would a password.
+//
+// To enroll a user, you must first generate an OTP for them.  Google
+// Authenticator supports using a QR code as an enrollment method:
+//
+//	import (
+//		"github.com/pquerna/otp/totp"
+//
+//		"bytes"
+//		"image/png"
+//	)
+//
+//	key, err := totp.Generate(totp.GenerateOpts{
+//			Issuer: "Example.com",
+//			AccountName: "alice@example.com",
+//	})
+//
+//	// Convert TOTP key into a QR code encoded as a PNG image.
+//	var buf bytes.Buffer
+//	img, err := key.Image(200, 200)
+//	png.Encode(&buf, img)
+//
+//	// display the QR code to the user.
+//	display(buf.Bytes())
+//
+//	// Now Validate that the user's successfully added the passcode.
+//	passcode := promptForPasscode()
+//	valid := totp.Validate(passcode, key.Secret())
+//
+//	if valid {
+//		// User successfully used their TOTP, save it to your backend!
+//		storeSecret("alice@example.com", key.Secret())
+//	}
+//
+// Validating a TOTP passcode is very easy, just prompt the user for a passcode
+// and retrieve the associated user's previously stored secret.
+//	import "github.com/pquerna/otp/totp"
+//
+//	passcode := promptForPasscode()
+//	secret := getSecret("alice@example.com")
+//
+//	valid := totp.Validate(passcode, secret)
+//
+//	if valid {
+//		// Success! continue login process.
+//	}
+package otp