增加verifyDelta的window参数

lintry
Commit 33c3620925e3a2922b540e06fd0ee3d36b799de9 33c36209 1 parent 05329fc1
Showing 3 changed files with 17 additions and 11 deletions
lib/authenticator.js
test/authenticator.test.js
test/totp.test.js
--- a/lib/authenticator.js
View file @33c3620
+++ b/lib/authenticator.js
View file @33c3620
@@ -8,7 +8,6 @@ const Authenticator = function (secret, options) {
   }
   const _ = require('lodash'),
-    path = require('path'),
     crypto_utils = require('kml-crypto-utils'),
     speakeasy = require('speakeasy'),
     qr = require('qr-image');
@@ -30,15 +29,16 @@ const Authenticator = function (secret, options) {
    * @param token
    */
   this.verify = function(token) {
-    return speakeasy.totp.verify(_.merge({token: token}, TOTP_OPTIONS));
+    return speakeasy.totp.verify(_.merge({}, TOTP_OPTIONS, {token: token}));
   };
   /**
    * 在options.window的范围内验证token的有效性
    * @param token
+   * @param window
    */
-  this.verifyDelta = function(token) {
+  this.verifyDelta = function(token, window) {
-    return speakeasy.totp.verifyDelta(_.merge({token: token}, TOTP_OPTIONS));
+    return speakeasy.totp.verifyDelta(_.merge({}, TOTP_OPTIONS, {token: token, window: window}));
   };
   /**
@@ -48,7 +48,7 @@ const Authenticator = function (secret, options) {
    * @return {string}
    */
   this.getOtpAuth = function (title, issuer) {
-    return speakeasy.otpauthURL(_.merge({ label: title, issuer: issuer }, TOTP_OPTIONS));
+    return speakeasy.otpauthURL(_.merge({}, TOTP_OPTIONS, {label: title, issuer: issuer}));
   };
   /**
--- a/test/authenticator.test.js
View file @33c3620
+++ b/test/authenticator.test.js
View file @33c3620
@@ -2,16 +2,18 @@
  * Created by lintry on 2017/5/19.
  */
-const Authenticator = require('../lib/authenticator');
+const TOTP = require('../lib/totp');
 const chalk = require('chalk');
 const fs = require('fs-extra');
 const path = require('path');
+//使用外部生成的密钥
 let secret = 'vH6OdbUEjSukTqlDvW3TYdusjiOIkxRnAHNTjJewfZa5yNueG9wx1N9pJMFOmPAV';
-let authenticator = new Authenticator(secret, {algorithm: 'sha512'});
+let authenticator = new TOTP({algorithm: 'sha512'}).parse(secret);
 console.log(chalk.cyan('totp的secret'));
 console.log(secret, authenticator.totp_options);
+//外部传入的token参数
 let token = process.argv[2];
 if (!token) {
   token = authenticator.totp();
@@ -20,11 +22,13 @@ if (!token) {
 }
 console.log(chalk.green('token is'), token);
+//精确验证token
 let verify = authenticator.verify(token);
 console.log(chalk.magenta('verify is '), (verify ? chalk.green : chalk.red)(verify));
-console.log(chalk.blue('verifyDelta is '), authenticator.verifyDelta(token));
+//允许误差验证token
-
+console.log(chalk.blue('verifyDelta is '), authenticator.verifyDelta(token, 2));
+//生成密钥二维码图片
 let img_path = path.resolve(process.cwd(), 'img');
 let qr = path.resolve(img_path, 'qr.svg');
@@ -38,7 +42,7 @@ fs.ensureDir(img_path, function (err, added_root) {
   fs.writeSync(fd, authenticator.getQR('totp@gitlab.kmlab.com', '通行密钥'));
   fs.closeSync(fd);
-  console.log(chalk.yellow(authenticator.getOtpAuth('totp@gitlab.kmlab.com', '通行密钥')))
+  console.log(chalk.green('密钥字符串'), chalk.yellow(authenticator.getOtpAuth('totp@gitlab.kmlab.com', '通行密钥')))
 });
 console.log('QR SVG output is', img_path, qr);
\ No newline at end of file
--- a/test/totp.test.js
View file @33c3620
+++ b/test/totp.test.js
View file @33c3620
@@ -6,6 +6,7 @@ const TOTP = require('../lib/totp');
 const chalk = require('chalk');
 const fs = require('fs-extra');
+//根据第二个参数算法创建密钥，默认sha512
 let algorithm = process.argv[2] || 'sha512';
 let totp = new TOTP({algorithm: algorithm});
@@ -19,7 +20,8 @@ let authenticator = totp.parse(secret);
 console.log(authenticator.totp_options);
+//根据实际生成token
 let token = authenticator.totp();
 console.log(chalk.green('token is'), token);
-
+//验证token
 console.log(chalk.magenta('verify is '), authenticator.verify(token));
\ No newline at end of file