acepanel/panel
2
0
Fork 0
mirror of https://github.com/acepanel/panel.git synced 2026-02-04 07:57:21 +08:00
Code Issues Packages Releases Activity

fix: 两步验证算法错误

Browse Source
This commit is contained in:
耗子
2025-05-18 22:44:43 +08:00
parent 319b689d79
commit 919c37d1f9
1 changed files with 14 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
internal/data/user.go
View File

@@ -3,6 +3,7 @@ package data
import (
"errors"
"image"
"time"
"github.com/go-rat/utils/hash"
"github.com/leonelquinteros/gotext"
@@ -165,8 +166,14 @@ func (r *userRepo) UpdateTwoFA(id uint, code, secret string) error {
}
// 保存前先验证一次,防止错误开启
if secret != "" && !totp.Validate(code, secret) {
return errors.New(r.t.Get("invalid 2FA code"))
if secret != "" {
if valid, _ := totp.ValidateCustom(code, secret, time.Now().UTC(), totp.ValidateOpts{
Skew: 1,
Digits: otp.DigitsSix,
Algorithm: otp.AlgorithmSHA256,
}); !valid {
return errors.New(r.t.Get("invalid 2FA code"))
}
}
user.TwoFA = secret
@@ -183,7 +190,11 @@ func (r *userRepo) CheckTwoFA(id uint, code string) (bool, error) {
return true, nil // 未开启2FA无需验证
}
if !totp.Validate(code, user.TwoFA) {
if valid, _ := totp.ValidateCustom(code, user.TwoFA, time.Now().UTC(), totp.ValidateOpts{
Skew: 1,
Digits: otp.DigitsSix,
Algorithm: otp.AlgorithmSHA256,
}); !valid {
return false, errors.New(r.t.Get("invalid 2FA code"))
}