User.reset_totp_key - Python API

Changes a user’s TOTP key and its accompanying label. If key is not given on input, one is generated and returned on output.

Regular users may change their own keys only. Super-users may change any other user’s keys.

API

self.sso.user.reset_totp_key

reset_totp_key(self, cid, current_ust, user_id, key, key_label, current_app, remote_addr)

Changes a user’s TOTP key and its label.

Parameters:
  • cid (string) – Correlation ID used by audit log
  • current_ust (string) – Current user’s UST
  • user_id (string) – ID of the user to change the TOTP key of. If provided, current_ust must be that of a super-user.
  • key (string) – New TOTP key to set for user. May be None, in which case a new key will be generated by Zato.
  • key_label (string) – A textual label to assign to the TOTP key
  • current_app (string) – Name of application the current user is issuing the call from
  • remote_addr (string) – User’s remote address
Return type:

A newly generated TOTP key - returned only if one was generated by Zato

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
# -*- coding: utf-8 -*-

from __future__ import absolute_import, division, print_function, unicode_literals

# Zato
from zato.server.service import Service

class ResetUserTOTPKey(Service):

    def handle(self):

        # Data obtained from request and/or WSGI environment
        ust = 'gAAAAABalFycY50Budi...'
        current_app = 'CRM'
        remote_addr = '127.0.0.1'

        # We are changing another user's key
        user_id = 'zusrpdjpsqjqa8jdv533zh0pv8tcm'

        # No key to be provided on input = Zato will generate one
        key = None

        # A label is provided though
        key_label = 'My SSO key'

        # Change the key and label now
        totp_key = self.sso.user.reset_totp_key(self.cid, ust,
           user_id, key, key_label, current_app, remote_addr)
        self.logger.info('New key: %s', totp_key)