当前位置: 首页>>代码示例>>Python>>正文


Python twofactor.InvalidToken方法代码示例

本文整理汇总了Python中cryptography.hazmat.primitives.twofactor.InvalidToken方法的典型用法代码示例。如果您正苦于以下问题:Python twofactor.InvalidToken方法的具体用法?Python twofactor.InvalidToken怎么用?Python twofactor.InvalidToken使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在cryptography.hazmat.primitives.twofactor的用法示例。


在下文中一共展示了twofactor.InvalidToken方法的7个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。

示例1: test_verify_window

# 需要导入模块: from cryptography.hazmat.primitives import twofactor [as 别名]
# 或者: from cryptography.hazmat.primitives.twofactor import InvalidToken [as 别名]
def test_verify_window(self, time):
        time.return_value = self.sample_time
        srv = GenericTotpService()
        totp = srv.Totp(key=self.sample_key)
        srv.verify(totp, '283397', None)

        time.return_value = self.sample_time + 30
        srv.verify(totp, '283397', None)

        time.return_value = self.sample_time + 60
        with assert_raises(InvalidToken):
            srv.verify(totp, '283397', None)

        time.return_value = self.sample_time - 30
        with assert_raises(InvalidToken):
            srv.verify(totp, '283397', None) 
开发者ID:apache,项目名称:allura,代码行数:18,代码来源:test_multifactor.py

示例2: verify

# 需要导入模块: from cryptography.hazmat.primitives import twofactor [as 别名]
# 或者: from cryptography.hazmat.primitives.twofactor import InvalidToken [as 别名]
def verify(self, totp, code, user):
        code = code.replace(' ', '')  # Google authenticator puts a space in their codes
        code = six.ensure_binary(code)  # can't be text

        self.enforce_rate_limit(user)

        # TODO prohibit re-use of a successful code, although it seems unlikely with a 30s window
        # see https://tools.ietf.org/html/rfc6238#section-5.2 paragraph 5

        # try the 1 previous time-window and current
        # per https://tools.ietf.org/html/rfc6238#section-5.2 paragraph 1
        windows = asint(config.get('auth.multifactor.totp.windows', 2))
        for time_window in range(windows):
            try:
                return totp.verify(code, time() - time_window*30)
            except InvalidToken:
                last_window = (time_window == windows - 1)
                if last_window:
                    raise 
开发者ID:apache,项目名称:allura,代码行数:21,代码来源:multifactor.py

示例3: verify

# 需要导入模块: from cryptography.hazmat.primitives import twofactor [as 别名]
# 或者: from cryptography.hazmat.primitives.twofactor import InvalidToken [as 别名]
def verify(self, hotp, counter):
        if not constant_time.bytes_eq(self.generate(counter), hotp):
            raise InvalidToken("Supplied HOTP value does not match.") 
开发者ID:aliyun,项目名称:oss-ftp,代码行数:5,代码来源:hotp.py

示例4: verify

# 需要导入模块: from cryptography.hazmat.primitives import twofactor [as 别名]
# 或者: from cryptography.hazmat.primitives.twofactor import InvalidToken [as 别名]
def verify(self, totp, time):
        if not constant_time.bytes_eq(self.generate(time), totp):
            raise InvalidToken("Supplied TOTP value does not match.") 
开发者ID:aliyun,项目名称:oss-ftp,代码行数:5,代码来源:totp.py

示例5: do_multifactor

# 需要导入模块: from cryptography.hazmat.primitives import twofactor [as 别名]
# 或者: from cryptography.hazmat.primitives.twofactor import InvalidToken [as 别名]
def do_multifactor(self, code, mode, **kwargs):
        if not asbool(config.get('auth.multifactor.totp', False)):
            raise wexc.HTTPNotFound

        if 'multifactor-username' not in session:
            tg.flash('Your multifactor login was disrupted, please start over.', 'error')
            plugin.AuthenticationProvider.get(request).logout()  # clears all cookies that might be interfering
            redirect('/auth/', {'return_to': kwargs.get('return_to', '')})

        user = M.User.by_username(session['multifactor-username'])
        try:
            if mode == 'totp':
                totp_service = TotpService.get()
                totp = totp_service.get_totp(user)
                totp_service.verify(totp, code, user)
            elif mode == 'recovery':
                recovery = RecoveryCodeService.get()
                recovery.verify_and_remove_code(user, code)
                h.auditlog_user('Logged in using a multifactor recovery code', user=user)
        except (InvalidToken, InvalidRecoveryCode):
            c.form_errors['code'] = 'Invalid code, please try again.'
            h.auditlog_user('Multifactor login - invalid code', user=user)
            return self.multifactor(mode=mode, **kwargs)
        except MultifactorRateLimitError:
            c.form_errors['code'] = 'Multifactor rate limit exceeded, slow down and try again later.'
            h.auditlog_user('Multifactor login - rate limit', user=user)
            return self.multifactor(mode=mode, **kwargs)
        else:
            plugin.AuthenticationProvider.get(request).login(user=user, multifactor_success=True)
            return_to = self._verify_return_to(kwargs.get('return_to'))
            redirect(return_to) 
开发者ID:apache,项目名称:allura,代码行数:33,代码来源:auth.py

示例6: totp_set

# 需要导入模块: from cryptography.hazmat.primitives import twofactor [as 别名]
# 或者: from cryptography.hazmat.primitives.twofactor import InvalidToken [as 别名]
def totp_set(self, code, **kw):
        if not asbool(config.get('auth.multifactor.totp', False)):
            raise wexc.HTTPNotFound

        key = session['totp_new_key']
        totp_service = TotpService.get()
        totp = totp_service.Totp(key)
        try:
            totp_service.verify(totp, code, c.user)
        except InvalidToken:
            h.auditlog_user('Failed to set up multifactor TOTP (wrong code)')
            c.form_errors['code'] = 'Invalid code, please try again.'
            return self.totp_new(**kw)
        else:
            h.auditlog_user('Set up multifactor TOTP')
            totp_service.set_secret_key(c.user, key)
            c.user.set_pref('multifactor', True)
            c.user.set_tool_data('allura', multifactor_date=datetime.utcnow())
            c.user.set_tool_data('allura', pwd_reset_preserve_session=session.id)  # other sessions will have to re-auth; preserve this one
            del session['totp_new_key']
            session.save()
            tg.flash('Two factor authentication has now been set up.')
            email_body = g.jinja2_env.get_template('allura:templates/mail/twofactor_enabled.md').render(dict(
                user=c.user,
                config=config,
            ))
            send_system_mail_to_user(c.user, 'Two-Factor Authentication Enabled', email_body)
            redirect('/auth/preferences/multifactor_recovery') 
开发者ID:apache,项目名称:allura,代码行数:30,代码来源:auth.py

示例7: test_rate_limiting

# 需要导入模块: from cryptography.hazmat.primitives import twofactor [as 别名]
# 或者: from cryptography.hazmat.primitives.twofactor import InvalidToken [as 别名]
def test_rate_limiting(self, time):
        time.return_value = self.sample_time
        srv = self.Service()
        user = self.mock_user()
        totp = srv.Totp(key=self.sample_key)

        # 4th attempt (good or bad) will trip over the default limit of 3 in 30s
        with assert_raises(InvalidToken):
            srv.verify(totp, '34dfvdasf', user)
        with assert_raises(InvalidToken):
            srv.verify(totp, '234asdfsadf', user)
        srv.verify(totp, '283397', user)
        with assert_raises(MultifactorRateLimitError):
            srv.verify(totp, '283397', user) 
开发者ID:apache,项目名称:allura,代码行数:16,代码来源:test_multifactor.py


注:本文中的cryptography.hazmat.primitives.twofactor.InvalidToken方法示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。