From 89bb219376d473d0f0c03ded8392b923b9a1dd10 Mon Sep 17 00:00:00 2001
From: fufesou <linlong1266@gmail.com>
Date: Thu, 22 May 2025 17:46:40 +0800
Subject: [PATCH] feat: numeric one-time password

Signed-off-by: fufesou <linlong1266@gmail.com>
---
 src/config.rs            | 14 +++++++++++++-
 src/password_security.rs |  7 ++++++-
 2 files changed, 19 insertions(+), 2 deletions(-)

diff --git a/src/config.rs b/src/config.rs
index c85477d..55ae70f 100644
--- a/src/config.rs
+++ b/src/config.rs
@@ -93,6 +93,8 @@ lazy_static::lazy_static! {
         ]);
 }
 
+const NUM_CHARS: &[char] = &['0', '1', '2', '3', '4', '5', '6', '7', '8', '9'];
+
 const CHARS: &[char] = &[
     '2', '3', '4', '5', '6', '7', '8', '9', 'a', 'b', 'c', 'd', 'e', 'f', 'g', 'h', 'i', 'j', 'k',
     'm', 'n', 'p', 'q', 'r', 's', 't', 'u', 'v', 'w', 'x', 'y', 'z',
@@ -883,9 +885,17 @@ impl Config {
     }
 
     pub fn get_auto_password(length: usize) -> String {
+        Self::get_auto_password_with_chars(length, CHARS)
+    }
+
+    pub fn get_auto_numeric_password(length: usize) -> String {
+        Self::get_auto_password_with_chars(length, NUM_CHARS)
+    }
+
+    fn get_auto_password_with_chars(length: usize, chars: &[char]) -> String {
         let mut rng = rand::thread_rng();
         (0..length)
-            .map(|_| CHARS[rng.gen::<usize>() % CHARS.len()])
+            .map(|_| chars[rng.gen::<usize>() % chars.len()])
             .collect()
     }
 
@@ -2419,6 +2429,7 @@ pub mod keys {
     pub const OPTION_ENABLE_RECORD_SESSION: &str = "enable-record-session";
     pub const OPTION_ENABLE_BLOCK_INPUT: &str = "enable-block-input";
     pub const OPTION_ALLOW_REMOTE_CONFIG_MODIFICATION: &str = "allow-remote-config-modification";
+    pub const OPTION_ALLOW_NUMERNIC_ONE_TIME_PASSWORD: &str = "allow-numeric-one-time-password";
     pub const OPTION_ENABLE_LAN_DISCOVERY: &str = "enable-lan-discovery";
     pub const OPTION_DIRECT_SERVER: &str = "direct-server";
     pub const OPTION_DIRECT_ACCESS_PORT: &str = "direct-access-port";
@@ -2583,6 +2594,7 @@ pub mod keys {
         OPTION_ENABLE_RECORD_SESSION,
         OPTION_ENABLE_BLOCK_INPUT,
         OPTION_ALLOW_REMOTE_CONFIG_MODIFICATION,
+        OPTION_ALLOW_NUMERNIC_ONE_TIME_PASSWORD,
         OPTION_ENABLE_LAN_DISCOVERY,
         OPTION_DIRECT_SERVER,
         OPTION_DIRECT_ACCESS_PORT,
diff --git a/src/password_security.rs b/src/password_security.rs
index 5c04cc9..ef5cf2b 100644
--- a/src/password_security.rs
+++ b/src/password_security.rs
@@ -22,7 +22,12 @@ pub enum ApproveMode {
 
 // Should only be called in server
 pub fn update_temporary_password() {
-    *TEMPORARY_PASSWORD.write().unwrap() = Config::get_auto_password(temporary_password_length());
+    *TEMPORARY_PASSWORD.write().unwrap() =
+        if Config::get_bool_option(crate::config::keys::OPTION_ALLOW_NUMERNIC_ONE_TIME_PASSWORD) {
+            Config::get_auto_numeric_password(temporary_password_length())
+        } else {
+            Config::get_auto_password(temporary_password_length())
+        };
 }
 
 // Should only be called in server