MCPcopy
hub / github.com/diffgram/diffgram / verify_otp_from_web

Function verify_otp_from_web

default/methods/user/one_time_pass.py:114–158  ·  view source on GitHub ↗
()

Source from the content-addressed store, hash-verified

112
113@routes.route('/api/user/otp/verify', methods=['POST'])
114def verify_otp_from_web():
115
116 with sessionMaker.session_scope() as session:
117
118 data = request.get_json(force=True)
119
120 proposed_otp_code = data.get('otp', None)
121 otp_current_session = data.get('otp_current_session', None)
122 email = data.get('email', None)
123
124 user = User.get_by_email(session, email)
125 if user is None:
126 return jsonify(error="No user"), 200, {'ContentType':'application/json'}
127
128 if user.otp_current_session_expiry <= time.time():
129 User.new_login_history( session=session,
130 success=False,
131 otp_success=False,
132 remote_address=request.remote_addr,
133 user_id=user.id)
134 return jsonify(error="Please login again, session expired"), 200, {'ContentType':'application/json'}
135
136 if user.otp_current_session != otp_current_session:
137 User.new_login_history( session=session,
138 success=False,
139 otp_success=False,
140 remote_address=request.remote_addr,
141 user_id=user.id)
142 return jsonify(error="Please login again, session invalid"), 200, {'ContentType':'application/json'}
143
144
145 if OneTimePass.verify_otp(user, proposed_otp_code) is True:
146
147 User.new_login_history( session=session,
148 success=True,
149 otp_success=True,
150 remote_address=request.remote_addr,
151 user_id=user.id)
152
153 setSecureCookie(user)
154
155 return jsonify(user=user.serialize(), success = True), 200, {'ContentType':'application/json'}
156
157
158 return jsonify(error="Invalid code"), 200, {'ContentType':'application/json'}

Callers

nothing calls this directly

Calls 5

setSecureCookieFunction · 0.90
get_by_emailMethod · 0.80
verify_otpMethod · 0.80
getMethod · 0.45
serializeMethod · 0.45

Tested by

no test coverage detected