diff --git a/app/models.py b/app/models.py index d2ad101..7f14d40 100644 --- a/app/models.py +++ b/app/models.py @@ -6,7 +6,7 @@ import bcrypt import urlparse import itertools import traceback -import onetimepass +import pyotp from datetime import datetime from distutils.version import StrictVersion @@ -111,17 +111,18 @@ class User(db.Model): return 'otpauth://totp/PowerDNS-Admin:%s?secret=%s&issuer=PowerDNS-Admin' % (self.username, self.otp_secret) def verify_totp(self, token): - return onetimepass.valid_totp(token, self.otp_secret) + totp = pyotp.TOTP(self.otp_secret) + return totp.verify(int(token)) def get_hashed_password(self, plain_text_password=None): # Hash a password for the first time # (Using bcrypt, the salt is saved into the hash itself) pw = plain_text_password if plain_text_password else self.plain_text_password - return bcrypt.hashpw(pw, bcrypt.gensalt()) + return bcrypt.hashpw(pw.encode('utf-8'), bcrypt.gensalt()) def check_password(self, hashed_password): # Check hased password. Useing bcrypt, the salt is saved into the hash itself - return bcrypt.checkpw(self.plain_text_password, hashed_password) + return bcrypt.checkpw(self.plain_text_password.encode('utf-8'), hashed_password.encode('utf-8')) def get_user_info_by_id(self): user_info = User.query.get(int(self.id)) diff --git a/app/views.py b/app/views.py index 01fa4ec..1a37d53 100644 --- a/app/views.py +++ b/app/views.py @@ -8,7 +8,8 @@ from functools import wraps from io import BytesIO import jinja2 -import pyqrcode +import qrcode as qrc +import qrcode.image.svg as qrc_svg from flask import g, request, make_response, jsonify, render_template, session, redirect, url_for, send_from_directory, abort from flask_login import login_user, logout_user, current_user, login_required from werkzeug import secure_filename @@ -712,9 +713,9 @@ def qrcode(): return redirect(url_for('index')) # render qrcode for FreeTOTP - url = pyqrcode.create(current_user.get_totp_uri()) + img = qrc.make(current_user.get_totp_uri(), image_factory=qrc_svg.SvgImage) stream = BytesIO() - url.svg(stream, scale=3) + img.save(stream) return stream.getvalue(), 200, { 'Content-Type': 'image/svg+xml', 'Cache-Control': 'no-cache, no-store, must-revalidate', diff --git a/create_db.py b/create_db.py index ec8eb60..8768ab7 100755 --- a/create_db.py +++ b/create_db.py @@ -1,4 +1,4 @@ -#!flask/bin/python +#!/usr/bin/env python from migrate.versioning import api from config import SQLALCHEMY_DATABASE_URI diff --git a/db_downgrade.py b/db_downgrade.py index 59200a9..c001e6c 100755 --- a/db_downgrade.py +++ b/db_downgrade.py @@ -1,4 +1,4 @@ -#!flask/bin/python +#!/usr/bin/env python from migrate.versioning import api from config import SQLALCHEMY_DATABASE_URI from config import SQLALCHEMY_MIGRATE_REPO diff --git a/db_migrate.py b/db_migrate.py index f5fce56..6823469 100755 --- a/db_migrate.py +++ b/db_migrate.py @@ -1,4 +1,4 @@ -#!flask/bin/python +#!/usr/bin/env python import imp from migrate.versioning import api from app import db diff --git a/db_upgrade.py b/db_upgrade.py index d17f322..f5ae27b 100755 --- a/db_upgrade.py +++ b/db_upgrade.py @@ -1,4 +1,4 @@ -#!flask/bin/python +#!/usr/bin/env python from migrate.versioning import api from config import SQLALCHEMY_DATABASE_URI from config import SQLALCHEMY_MIGRATE_REPO diff --git a/requirements.txt b/requirements.txt index 0d00756..46ab6ba 100644 --- a/requirements.txt +++ b/requirements.txt @@ -2,13 +2,13 @@ Flask>=0.10 Flask-WTF>=0.11 Flask-Login>=0.2.11 configobj==5.0.5 -py-bcrypt==0.4 +bcrypt==3.1.0 requests==2.7.0 python-ldap==2.4.21 Flask-SQLAlchemy==2.1 SQLAlchemy==1.0.9 sqlalchemy-migrate==0.10.0 -onetimepass==1.0.1 -PyQRCode==1.2 +pyotp==2.2.1 +qrcode==5.3 Flask-OAuthlib==0.9.3 -dnspython>=1.12.0 \ No newline at end of file +dnspython>=1.12.0 diff --git a/run.py b/run.py index 3803d88..e159643 100755 --- a/run.py +++ b/run.py @@ -1,4 +1,4 @@ -#!flask/bin/python +#!/usr/bin/env python from app import app from config import PORT