diff options
| author | Unknwon <u@gogs.io> | 2017-04-06 00:14:39 -0400 |
|---|---|---|
| committer | Unknwon <u@gogs.io> | 2017-04-06 00:14:39 -0400 |
| commit | c8c975c99b52ffc2fbb92c11de3c359293924cab (patch) | |
| tree | 32f7541c186f5c9a825ed2fc96f399fb03d10a36 /vendor/github.com/pquerna/otp/doc.go | |
| parent | a617d52374e937db0edacfba2a26bdd14a05538e (diff) | |
vendor: add packages for 2fa
Diffstat (limited to 'vendor/github.com/pquerna/otp/doc.go')
| -rw-r--r-- | vendor/github.com/pquerna/otp/doc.go | 70 |
1 files changed, 70 insertions, 0 deletions
diff --git a/vendor/github.com/pquerna/otp/doc.go b/vendor/github.com/pquerna/otp/doc.go new file mode 100644 index 00000000..b8b4c8cc --- /dev/null +++ b/vendor/github.com/pquerna/otp/doc.go @@ -0,0 +1,70 @@ +/** + * Copyright 2014 Paul Querna + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +// Package otp implements both HOTP and TOTP based +// one time passcodes in a Google Authenticator compatible manner. +// +// When adding a TOTP for a user, you must store the "secret" value +// persistently. It is recommend to store the secret in an encrypted field in your +// datastore. Due to how TOTP works, it is not possible to store a hash +// for the secret value like you would a password. +// +// To enroll a user, you must first generate an OTP for them. Google +// Authenticator supports using a QR code as an enrollment method: +// +// import ( +// "github.com/pquerna/otp/totp" +// +// "bytes" +// "image/png" +// ) +// +// key, err := totp.Generate(totp.GenerateOpts{ +// Issuer: "Example.com", +// AccountName: "alice@example.com", +// }) +// +// // Convert TOTP key into a QR code encoded as a PNG image. +// var buf bytes.Buffer +// img, err := key.Image(200, 200) +// png.Encode(&buf, img) +// +// // display the QR code to the user. +// display(buf.Bytes()) +// +// // Now Validate that the user's successfully added the passcode. +// passcode := promptForPasscode() +// valid := totp.Validate(passcode, key.Secret()) +// +// if valid { +// // User successfully used their TOTP, save it to your backend! +// storeSecret("alice@example.com", key.Secret()) +// } +// +// Validating a TOTP passcode is very easy, just prompt the user for a passcode +// and retrieve the associated user's previously stored secret. +// import "github.com/pquerna/otp/totp" +// +// passcode := promptForPasscode() +// secret := getSecret("alice@example.com") +// +// valid := totp.Validate(passcode, secret) +// +// if valid { +// // Success! continue login process. +// } +package otp |