Add 2FA support

views/loginlogout.py

@@ -4,7 +4,7 @@ from markupsafe import escape
 from flask_bcrypt import Bcrypt
 from socket import gethostname
 from os import remove, system 
-from tools.utils import email_disp, valid_token_register, valid_passwd, valid_username, gen_token
+from tools.utils import email_disp, valid_token_register, valid_passwd, valid_username, gen_token, totp_is_valid
 from tools.mailer import Mailer
 
 app = Flask( 'pywallter' )
@@ -19,8 +19,7 @@ DATAS_USER = app.config['DOSSIER_APP']
 extensionimg = app.config['EXT_IMG']
 
 DATABASE = app.config['DATABASE']
-
-BASE_URL = app.config['BASE_URL']
+BASE_URL = "http://"+app.config['HOST']+app.config['PORT']
 SETUID = app.config['SETUID']
 MAIL_SERVER = app.config['MAIL_SERVER']
 XMPP_SERVER = app.config['XMPP_SERVER']
@@ -39,17 +38,19 @@ def login() :
         if request.method == 'POST' :
             user = request.form['user']
             password = request.form['passwd']
+            totp = request.form['code_totp']
+            
             conn = sqlite3.connect(DATABASE) # Connexion à la base de donnée
             cursor = conn.cursor() # Création de l'objet "curseur"
-            cursor.execute("""SELECT name, passwd FROM users WHERE name=?""", (user,))
+            cursor.execute("""SELECT name, passwd, totp FROM users WHERE name=?""", (user,))
             user_exist = cursor.fetchone()
             conn.close()
             
             if user_exist:
                 user = user_exist[0]
                 passwd_bcrypt = user_exist[1]
-             
-                if user == request.form['user'] and bcrypt.check_password_hash(passwd_bcrypt, password) is True:
+                totp_key = user_exist[2]
+                if totp_is_valid(totp_key, totp) and user == request.form['user'] and bcrypt.check_password_hash(passwd_bcrypt, password) is True:
                     session['username'] = request.form['user']
                     resp =  redirect(url_for('profil.profile', _external=True))
                 else: