Finished tweaking 2FA

2025-06-28 09:16:55 +00:00 · 2025-06-03 23:37:43 +08:00 · 2025-06-03 23:37:43 +08:00 · 3525cd1083
commit 3525cd1083
parent e9730f24a0
3 changed files with 23 additions and 7 deletions
--- a/src/client.py
+++ b/src/client.py
@ -81,7 +81,7 @@ def createClientBlueprint(wireguardConfigurations: dict[WireguardConfiguration],
            if session.get('username') is None:
                return ResponseObject(False, "Sign in status is invalid", status_code=401)
            session['totpVerified'] = True
-        
+            # return ResponseObject(True, data=)
        return ResponseObject(status, msg)
    
    @client.get(prefix)
--- a/src/modules/DashboardClients.py
+++ b/src/modules/DashboardClients.py
@ -58,6 +58,7 @@ class DashboardClients:
                    self.dashboardClientsTable.c.DeletedDate is None)
                ).mappings().fetchall()
        
+
    def SignIn(self, Email, Password) -> tuple[bool, str]:
        if not all([Email, Password]):
            return False, "Please fill in all fields"
@ -85,6 +86,8 @@ class DashboardClients:
            totpMatched = pyotp.TOTP(data.get('TotpKey')).verify(UserProvidedTotp)
            if not totpMatched:
                return False, "TOTP is does not match"
+            else:
+                self.DashboardClientsTOTP.RevokeToken(Token)
        if data.get('TotpKeyVerified') is None:
            with self.engine.begin() as conn:
                conn.execute(
@ -94,12 +97,9 @@ class DashboardClients:
                        self.dashboardClientsTable.c.ClientID == data.get('ClientID')
                    )
                )
+              
        return True, None
        
-                  
-                
-        
-    
    def SignUp(self, Email, Password, ConfirmPassword) -> tuple[bool, str] or tuple[bool, None]:
        try:
            if not all([Email, Password, ConfirmPassword]):
@ -142,3 +142,6 @@ class DashboardClients:
            return False, "Signed up failed."
            
        return True, None
+    
+    def UpdatePassword(self, CurrentPassword, NewPassword, ConfirmNewPassword):
+        pass
--- a/src/modules/DashboardClientsTOTP.py
+++ b/src/modules/DashboardClientsTOTP.py
@ -39,9 +39,22 @@ class DashboardClientsTOTP:
                    "ExpireTime": datetime.datetime.now() + datetime.timedelta(minutes=10)
                })
            )
-        
        return token
    
+    def RevokeToken(self, Token) -> bool:
+        try:
+            with self.engine.begin() as conn:
+                conn.execute(
+                    self.dashboardClientsTOTPTable.update().values({
+                        "ExpireTime": datetime.datetime.now()
+                    }).where(
+                        self.dashboardClientsTOTPTable.c.Token == Token
+                    )
+                )
+        except Exception as e:
+            return False
+        return True
+    
    def GetTotp(self, token: str) -> tuple[bool, dict] or tuple[bool, None]:
        with self.engine.connect() as conn:
            totp = conn.execute(