feat: 添加两步验证功能,重构相关逻辑,移除冗余代码
This commit is contained in:
@@ -1,2 +1 @@
|
||||
from .login import Login
|
||||
from .totp import verify_totp
|
||||
from .login import Login
|
||||
@@ -5,7 +5,6 @@ from sqlmodel.ext.asyncio.session import AsyncSession
|
||||
|
||||
from models import LoginRequest, TokenResponse, User
|
||||
from pkg.JWT.JWT import create_access_token, create_refresh_token
|
||||
from .totp import verify_totp
|
||||
|
||||
|
||||
async def Login(
|
||||
@@ -61,7 +60,7 @@ async def Login(
|
||||
return "2fa_required"
|
||||
|
||||
# 验证 OTP 码
|
||||
if not verify_totp(current_user.two_factor, login_request.two_fa_code):
|
||||
if not Password.verify_totp(current_user.two_factor, login_request.two_fa_code):
|
||||
log.debug(f"Invalid 2FA code for user: {login_request.username}")
|
||||
return "2fa_invalid"
|
||||
|
||||
|
||||
@@ -1,13 +0,0 @@
|
||||
import pyotp
|
||||
|
||||
|
||||
def verify_totp(secret: str, code: str) -> bool:
|
||||
"""
|
||||
验证 TOTP 验证码。
|
||||
|
||||
:param secret: TOTP 密钥(Base32 编码)
|
||||
:param code: 用户输入的 6 位验证码
|
||||
:return: 验证是否成功
|
||||
"""
|
||||
totp = pyotp.TOTP(secret)
|
||||
return totp.verify(code)
|
||||
Reference in New Issue
Block a user