o Lf@sddlZddlZddlZddlZddlZddlZddlmZddlm Z ddl m Z ddl m Z ddlZddlmZddlmZddlmZdd lmZdd lmZmZd Zd d dZd!ddZddZddZddZddZ ddZ!ddZ"GdddZ#dS)"N)BytesIO)quote)cache) urlencode) SvgPathImage)context) app_settings) Authenticator)decryptencryptzmfa.totp.secretcCst|}t|dS)Nzutf-8)secrets token_bytesbase64 b32encodedecode)length random_bytesrQ/var/www/html/humari/django-venv/lib/python3.10/site-packages/allauth/mfa/totp.pygenerate_totp_secrets rFcCs0d}|s tjjt}|st}tjjt<|SN)rrequestsessiongetSECRET_SESSION_KEYr) regeneratesecretrrrget_totp_secrets rcCstt}|tjSr)inttimer TOTP_PERIOD) current_timerrrhotp_counter_from_time's  r#cCstd|}tj|ddd}t||tj }|dd@}t |||d}|dd @|d<t d |d}|d t j ;}|S) Nz>QasciiT)casefoldrz>I )structpackr b32decodeencodehmacnewhashlibsha1digest bytearrayunpackr TOTP_DIGITS)rcounter counter_bytes secret_enc hmac_resultoffsettruncated_hashvaluerrr hotp_value,s  r>cCsJ||d}tjdkrtj|d<tjdkrtj|d<dt|dt|S)N)rissuerdigitsperiodzotpauth://totp/?)rr6r!rr)labelr?rparamsrrrbuild_totp_url>s    rGcCs,tj|td}t}|||dS)N) image_factoryutf8)qrcodemakerrsavegetvaluer)urlimgbufrrrbuild_totp_svgLs rQcCs|dtjS)N0)rr6)r=rrrformat_hotp_valueSsrScCst|t}|t|kSr)r>r#rS)rcoder=rrrvalidate_totp_codeWs  rUc@sHeZdZddZeddZddZddZd d Zd d Z d dZ dS)TOTPcCs ||_dSr)instance)selfrWrrr__init__]s z TOTP.__init__cCs*t|tjjdt|id}|||S)Nr)usertypedata)r TyperVr rL)clsrZrrWrrractivate`s z TOTP.activatecCs|jdSr)rWdelete)rXrrr deactivatehszTOTP.deactivatecCs:||rdSt|jjd}t||}|r|||S)NFr) _is_code_usedr rWr\rU_mark_code_used)rXrTrvalidrrr validate_codeks   zTOTP.validate_codecCsd|jjd|S)Nzallauth.mfa.totp.used?user=z&code=)rWuser_idrXrTrrr_get_used_cache_keyuzTOTP._get_used_cache_keycCst||dkS)Ny)rrrhrgrrrrbxrizTOTP._is_code_usedcCstj||dtjddS)Nrj)timeout)rsetrhrr!rgrrrrc{szTOTP._mark_code_usedN) __name__ __module__ __qualname__rY classmethodr_rarerhrbrcrrrrrV\s   rV)r )F)$rr1r/r r+r ior urllib.parserdjango.core.cacherdjango.utils.httprrJqrcode.image.svgr allauth.corer allauth.mfarallauth.mfa.modelsr allauth.mfa.utilsr r rrrr#r>rGrQrSrUrVrrrrs4