Sign In and TOTP is done

src/modules/DashboardClients.py

@@ -70,9 +70,34 @@ class DashboardClients:
                 checkPwd = bcrypt.checkpw(Password.encode("utf-8"), existingClient.get("Password").encode("utf-8"))
                 if checkPwd:
                     return True, self.DashboardClientsTOTP.GenerateToken(existingClient.get("ClientID"))
+        return False, "Email or Password is incorrect"
+    
+    def SignIn_GetTotp(self, Token: str, UserProvidedTotp: str = None) -> tuple[bool, str] or tuple[bool, None, str]:
+        status, data = self.DashboardClientsTOTP.GetTotp(Token)
+        if not status:
+            return False, "TOTP Token is invalid"    
+        if UserProvidedTotp is None:
+            if data.get('TotpKeyVerified') is None:
+                return True, pyotp.totp.TOTP(data.get('TotpKey')).provisioning_uri(name=data.get('Email'),
+                                                                                   issuer_name="WGDashboard Client")
+        else:
+            totpMatched = pyotp.TOTP(data.get('TotpKey')).verify(UserProvidedTotp)
+            if not totpMatched:
+                return False, "TOTP is does not match"
+        if data.get('TotpKeyVerified') is None:
+            with self.engine.begin() as conn:
+                conn.execute(
+                    self.dashboardClientsTable.update().values({
+                        'TotpKeyVerified': 1
+                    }).where(
+                        self.dashboardClientsTable.c.ClientID == data.get('ClientID')
+                    )
+                )
+        return True, None
+    
                   
                 
-        return False, "Email or Password is incorrect"
+        
     
     def SignUp(self, Email, Password, ConfirmPassword) -> tuple[bool, str] or tuple[bool, None]:
         try:

src/modules/DashboardClientsTOTP.py

@@ -19,6 +19,8 @@ class DashboardClientsTOTP:
                 )
         )
         self.metadata.create_all(self.engine)
+        self.metadata.reflect(self.engine)
+        self.dashboardClientsTable = self.metadata.tables['DashboardClients']
         
     def GenerateToken(self, ClientID) -> str:
         token = hashlib.sha512(f"{ClientID}_{datetime.datetime.now()}_{uuid.uuid4()}".encode()).hexdigest()
@@ -30,8 +32,6 @@ class DashboardClientsTOTP:
                    db.and_(self.dashboardClientsTOTPTable.c.ClientID == ClientID,  self.dashboardClientsTOTPTable.c.ExpireTime > datetime.datetime.now())
                 )
             )
-            
-            
             conn.execute(
                 self.dashboardClientsTOTPTable.insert().values({
                     "Token": token,
@@ -41,4 +41,29 @@ class DashboardClientsTOTP:
             )
         
         return token
+    
+    def GetTotp(self, token: str) -> tuple[bool, dict] or tuple[bool, None]:
+        with self.engine.connect() as conn:
+            totp = conn.execute(
+                db.select(
+                    self.dashboardClientsTable.c.ClientID,
+                    self.dashboardClientsTable.c.Email,
+                    self.dashboardClientsTable.c.TotpKey,
+                    self.dashboardClientsTable.c.TotpKeyVerified,
+                ).select_from(
+                    self.dashboardClientsTOTPTable
+                ).where(
+                    db.and_(
+                        self.dashboardClientsTOTPTable.c.Token == token,
+                        self.dashboardClientsTOTPTable.c.ExpireTime > datetime.datetime.now()
+                    )
+                ).join(
+                    self.dashboardClientsTable,
+                    self.dashboardClientsTOTPTable.c.ClientID == self.dashboardClientsTable.c.ClientID
+                )            
+            ).mappings().fetchone()
+            if totp:
+                return True, dict(totp)
+        return False, None
+