80 lines
1.4 KiB
Go
80 lines
1.4 KiB
Go
package controllers
|
|
|
|
import (
|
|
"bytes"
|
|
"encoding/base64"
|
|
"fmt"
|
|
"image/png"
|
|
|
|
"git.readonly.ch/bouzoure/popvaud-people/helpers"
|
|
"git.readonly.ch/bouzoure/popvaud-people/models"
|
|
"github.com/gofiber/fiber/v2"
|
|
"github.com/pquerna/otp/totp"
|
|
)
|
|
|
|
func TotpEnrollPage(c *fiber.Ctx) error {
|
|
db, err := helpers.GetDatabase()
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
userid, err := helpers.GetSessionUserId(c)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
var user models.User
|
|
result := db.First(&user, "id = ?", userid)
|
|
|
|
if result.Error != nil {
|
|
return err
|
|
}
|
|
|
|
if user.TotpSercet.Valid {
|
|
return fiber.NewError(fiber.StatusForbidden, "Forbidden")
|
|
}
|
|
|
|
sess, err := helpers.GetSessionStore(c)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
options := totp.GenerateOpts{
|
|
Issuer: "POP Vaud",
|
|
AccountName: user.Email,
|
|
}
|
|
|
|
key, err := totp.Generate(options)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
img, err := key.Image(200, 200)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
var buf bytes.Buffer
|
|
err = png.Encode(&buf, img)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
imgBase64 := fmt.Sprintf(
|
|
"data:image/png;base64,%s",
|
|
base64.StdEncoding.EncodeToString(buf.Bytes()),
|
|
)
|
|
fmt.Println(imgBase64)
|
|
|
|
sess.Set("totp-enroll-secret", key.Secret())
|
|
err = sess.Save()
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
return c.Render("totp_enroll", fiber.Map{
|
|
"PageTitle": "Enregistrement multifacteur",
|
|
"QrCode": imgBase64,
|
|
"Secret": key.Secret(),
|
|
}, "layouts/main")
|
|
}
|