Encrypt TOTP secret before saving to database

2024-10-31 16:24:32 +07:00
parent f705d9538f
commit 197383c414
21 changed files with 271 additions and 172 deletions
--- a/handler/auth/totp/totp.go
+++ b/handler/auth/totp/totp.go
@ -39,7 +39,12 @@ func POST(w http.ResponseWriter, r *http.Request) {
 	}
 	code := r.Form.Get("code")
 	_, user, key := session.GetSession(r)
-	totp := gotp.NewDefaultTOTP(user.Totp)
+	decryptedSecret, err := app.Server.Encryption.Decrypt(user.Totp)
+	if err != nil {
+		w.WriteHeader(http.StatusInternalServerError)
+		app.Server.Logger.Error(err.Error())
+	}
+	totp := gotp.NewDefaultTOTP(decryptedSecret)

 	if totp.Verify(code, time.Now().Unix()) {
 		storeSession := session.Get(key)