You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

70 lines
2.2 KiB

  1. /**
  2. * Copyright 2014 Paul Querna
  3. *
  4. * Licensed under the Apache License, Version 2.0 (the "License");
  5. * you may not use this file except in compliance with the License.
  6. * You may obtain a copy of the License at
  7. *
  8. * http://www.apache.org/licenses/LICENSE-2.0
  9. *
  10. * Unless required by applicable law or agreed to in writing, software
  11. * distributed under the License is distributed on an "AS IS" BASIS,
  12. * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  13. * See the License for the specific language governing permissions and
  14. * limitations under the License.
  15. *
  16. */
  17. // Package otp implements both HOTP and TOTP based
  18. // one time passcodes in a Google Authenticator compatible manner.
  19. //
  20. // When adding a TOTP for a user, you must store the "secret" value
  21. // persistently. It is recommend to store the secret in an encrypted field in your
  22. // datastore. Due to how TOTP works, it is not possible to store a hash
  23. // for the secret value like you would a password.
  24. //
  25. // To enroll a user, you must first generate an OTP for them. Google
  26. // Authenticator supports using a QR code as an enrollment method:
  27. //
  28. // import (
  29. // "github.com/pquerna/otp/totp"
  30. //
  31. // "bytes"
  32. // "image/png"
  33. // )
  34. //
  35. // key, err := totp.Generate(totp.GenerateOpts{
  36. // Issuer: "Example.com",
  37. // AccountName: "alice@example.com",
  38. // })
  39. //
  40. // // Convert TOTP key into a QR code encoded as a PNG image.
  41. // var buf bytes.Buffer
  42. // img, err := key.Image(200, 200)
  43. // png.Encode(&buf, img)
  44. //
  45. // // display the QR code to the user.
  46. // display(buf.Bytes())
  47. //
  48. // // Now Validate that the user's successfully added the passcode.
  49. // passcode := promptForPasscode()
  50. // valid := totp.Validate(passcode, key.Secret())
  51. //
  52. // if valid {
  53. // // User successfully used their TOTP, save it to your backend!
  54. // storeSecret("alice@example.com", key.Secret())
  55. // }
  56. //
  57. // Validating a TOTP passcode is very easy, just prompt the user for a passcode
  58. // and retrieve the associated user's previously stored secret.
  59. // import "github.com/pquerna/otp/totp"
  60. //
  61. // passcode := promptForPasscode()
  62. // secret := getSecret("alice@example.com")
  63. //
  64. // valid := totp.Validate(passcode, secret)
  65. //
  66. // if valid {
  67. // // Success! continue login process.
  68. // }
  69. package otp