#!/bin/bash -e
user=${1:?Usage: $0 username}
issuer=${2:-your_company_name}
secret=$(cat /dev/urandom | tr -dc 'a-z0-9' | fold -w 15 | head -n 1)
secret_base16=$(python -c "import base64; print(base64.b16encode('${secret}'))")
#secret_base32=$(python -c "import base64; print(base64.b32encode('${secret}'))")
#otpauth_uri="otpauth://totp/${issuer}:${user}?secret=${secret_base32}&issuer=${issuer}"
#otpauth_uri=$(python -c "import urllib; print(urllib.quote('${otpauth_uri}'))")
#qrcode_url="https://chart.googleapis.com/chart?chs=300x300&cht=qr&chl=${otpauth_uri}"

#file="/var/www/otp/users"
#if [ ! -f "${file}" ]; then
#  [ -d $(dirname "$file") ] || mkdir -p $(dirname "$file")
#  touch ${file}
#  chown -R apache:apache $(dirname "$file")
#fi
#[ -w "${file}" ] || (echo "${file}: Permission denied" && exit 1)

#count=$(awk "\$2 ~ /^$user}\$/" ${file} | wc -l)
#if [ $count -le 0 ]; then
#  echo "HOTP/T30 $(printf '%-12s' $user) - ${secret_base16}" >> ${file}
#  echo "$qrcode_url"
#else
#  echo "User '$user' already exists"
#fi