GenSecret generates a new code.
(rec *auth.Rec)
| 140 | |
| 141 | // GenSecret generates a new code. |
| 142 | func (ca *authenticator) GenSecret(rec *auth.Rec) ([]byte, time.Time, error) { |
| 143 | // Run garbage collection. |
| 144 | store.PCache.Expire(realName+"_", time.Now().UTC().Add(-ca.lifetime)) |
| 145 | |
| 146 | // Generate random code. |
| 147 | code, err := rand.Int(rand.Reader, ca.maxCodeValue) |
| 148 | if err != nil { |
| 149 | return nil, time.Time{}, types.ErrInternal |
| 150 | } |
| 151 | |
| 152 | // Convert the code to fixed length string. |
| 153 | resp := strconv.FormatInt(code.Int64(), 10) |
| 154 | resp = strings.Repeat("0", ca.codeLength-len(resp)) + resp |
| 155 | |
| 156 | if rec.Lifetime == 0 { |
| 157 | rec.Lifetime = auth.Duration(ca.lifetime) |
| 158 | } else if rec.Lifetime < 0 { |
| 159 | return nil, time.Time{}, types.ErrExpired |
| 160 | } |
| 161 | |
| 162 | // Save "code:counter:uid" to the database. The key is code_<credential>. |
| 163 | if err = store.PCache.Upsert(sanitizeKey(realName+"_"+rec.Credential), resp+":0:"+rec.Uid.String(), true); err != nil { |
| 164 | return nil, time.Time{}, err |
| 165 | } |
| 166 | |
| 167 | expires := time.Now().Add(time.Duration(rec.Lifetime)).UTC().Round(time.Millisecond) |
| 168 | |
| 169 | return []byte(resp), expires, nil |
| 170 | } |
| 171 | |
| 172 | // AsTag is not supported, will produce an empty string. |
| 173 | func (authenticator) AsTag(token string) string { |