NAME¶

oath_authenticate_usersfile - API function

SYNOPSIS¶

#include <oath.h>

int oath_authenticate_usersfile(const char * usersfile, const char * username, const char * otp, size_t window, const char * passwd, time_t * last_otp);

ARGUMENTS¶

const char * usersfile

string with user credential filename, in UsersFile format

const char * username

string with name of user

const char * otp

string with one-time password to authenticate

size_t window

how many past/future OTPs to search

const char * passwd

string with password, or NULL to disable password checking

time_t * last_otp

output variable holding last successful authentication

DESCRIPTION¶

Authenticate user named username with the one-time password otp and (optional) password passwd. Credentials are read (and updated) from a text file named usersfile.

Note that for TOTP the usersfile will only record the last OTP and use that to make sure more recent OTPs have not been seen yet when validating a new OTP. That logics relies on using the same search window for the same user.

RETURNS¶

On successful validation, OATH_OK is returned. If the supplied otp is the same as the last successfully authenticated one-time password, OATH_REPLAYED_OTP is returned and the timestamp of the last authentication is returned in last_otp. If the one-time password is not found in the indicated search window, OATH_INVALID_OTP is returned. Otherwise, an error code is returned.

REPORTING BUGS¶

Report bugs to <oath-toolkit-help@nongnu.org>. liboath home page: https://www.nongnu.org/oath-toolkit/ General help using GNU software: http://www.gnu.org/gethelp/

COPYRIGHT¶

Copyright © 2009-2020 Simon Josefsson.
Copying and distribution of this file, with or without modification, are permitted in any medium without royalty provided the copyright notice and this notice are preserved.