调用原因(起因)
为了给一个Python程序加一个双因素认证功能,提高安全性,后来我就想如何在不使用短信(没钱)和邮件发送(容易进垃圾邮件)的情况下去生成验证码,后面想想Google Authenticator不就符合我的要求吗?后面去Google一下,原来用的是TOTP标准。
Example Code
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
|
import sys, pyotp, datetime
if sys.argv.count == 2 :
OTPSecret = sys.argv[1]
ShowSecret = 0
else:
OTPSecret = pyotp.random_base32()
ShowSecret = 1
TOTPObject = pyotp.TOTP(OTPSecret)
if ShowSecret == 1 :
print("You are in test mode.")
print("The Test Secret is " + OTPSecret)
print("Test Add Url: " + pyotp.totp.TOTP(OTPSecret).provisioning_uri(issuer_name='Test App', name='test@example.com'))
PassStatus = False
while PassStatus == False:
print("Now is " + datetime.datetime.now().strftime('%Y-%m-%d %H:%M:%S'))
UserInput = input("Give me a code. It's 6 digitals.")
PassStatus = TOTPObject.verify(UserInput)
if PassStatus == False:
print("It's wrong. Please try it again.")
print("Passed.")
|
目前bug
输入超过6位的话,程序会蹦,记得加位数验证。
执行结果
1
2
3
4
5
6
7
8
9
|
You are in test mode.
The Test Secret is 5ADHPNSTNDFWMMYR
Test Add Url: otpauth://totp/Test%20App:test%40example.com?secret=5ADHPNSTNDFWMMYR&issuer=Test%20App
Now is 2020-06-06 18:30:17
Give me a code. It's 6 digitals.123456
It's wrong. Please try it again.
Now is 2020-06-06 18:30:21
Give me a code. It's 6 digitals.535186
Passed.
|
注意事项
TOTP是每30秒更新一次的,要保证服务器时间与用户时间相差不能太大。