def clean_response(self):
code = self.cleaned_data['response']
verifier = oath.TOTP(base64.b32decode(self.device.base32_secret), drift=self.device.drift)
# lock verifier to now
verifier.time = verifier.time
last_t = self.device.last_t or -1
ok = verifier.verify(code, tolerance=TOTP_TOLERANCE, min_t=last_t + 1)
if not ok:
raise forms.ValidationError(_('That code could not be verified.'))
# persist data
self.device.last_t = verifier.t()
self.device.drift = verifier.drift
self.device.last_used_at = timezone.now()
self.device.save()
return code
评论列表
文章目录
