Depends on http://github.com/bdauvergne/python-oath
pip install -e "git://github.com/bdauvergne/python-oath.git#egg=oath-dev"
Generate a secret key (and for fun, the QR code URL that can
be imported by the Google Authenticator scanner) with gen_google_code.py
.
See http://www.google.com/support/accounts/bin/answer.py?answer=1066447 for what to do with this.
Then, use check_auth.py
like this:
check_auth.py [secret] [code_from_authenticator]
$ python gen_google_code.py
Hex secret: 229249c943c32afca61b
...base32: EKJETSKDYMVPZJQ3
===== Google URL =====
Scan this with Google Authenticator or enter the base32
value above as 'key' when manually adding.
https://chart.googleapis.com/chart?chl=otpauth%3A%2F%2Ftotp%2FPC1168-miket.local%3Fsecret%3DEKJETSKDYMVPZJQ3&chs=200x200&cht=qr&chld=M%7C0
(See http://www.google.com/support/accounts/bin/answer.py?answer=1066447 )
Example of a valid auth:
$ python check_auth.py 229249c943c32afca61b 123456
(True, 0)
Example of an invalid auth:
$ python check_auth.py 229249c943c32afca61b 987654
(False, 0)
Hi, I find it should be
accept_totp(secret, code, "dec6")
instead ofaccept_totp(code, secret, "dec6")
.Thanks for your code, help me a lot.