Bug 34028: Fix manual entry for two factor authentication

This patch changes the "Account" and "Key" display so that you can manually enter two factor authentication details into an authenticator app. The details are the same as those provided by scanning the QR code. Test plan: 0. Apply patch 1. Go to http://localhost:8081/cgi-bin/koha/admin/preferences.pl?op=search&searchfield=TwoFactorAuthentication 2. Change setting to "Enable" 3. Go to http://localhost:8081/cgi-bin/koha/circ/circulation.pl?borrowernumber=51 4. Click "More" on record toolbar and choose "Manage two-factor authentication" 5. Click "Enable two-factor authentication" 6. Scan the QR code into an authenticator app and note it creates an entry called "Centerville: Centerville_koha" 7. Manually enter an entry into an authenticator app (like Google Authenticator) 7a. Add the "Account" as shown on the Koha screen 7b. Add the "Key" as shown on the Koha screen 8. Note that the entries added by QR code and manual entry have the same label and both were accepted by the authenticator app Signed-off-by: David Nind <david@davidnind.com> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2023-06-16 06:04:37 +00:00 · 2023-06-16 06:04:37 +00:00 · 7c05333914
commit 7c05333914
parent 396030df43
2 changed files with 3 additions and 2 deletions
--- a/koha-tmpl/intranet-tmpl/prog/en/includes/auth-two-factor.inc
+++ b/koha-tmpl/intranet-tmpl/prog/en/includes/auth-two-factor.inc
@ -4,8 +4,8 @@
            <p>We recommend cloud-based mobile authenticator apps such as Authy, Duo Mobile, and LastPass. They can restore access if you lose your hardware device.</p>
            <p>Can't scan the code?</p>
            <p>To add the entry manually, provide the following details to the application on your phone.</p>
-            <p>Account: <span id="issuer">[% issuer | html %]</span></p>
-            <p>Key: <span id="key_id">"[% key_id | html %]</span></p>
+            <p>Account: "<span id="issuer">[% issuer | html %]</span>: <span id="key_id">[% key_id | html %]</span>"</p>
+            <p>Key: "<span id="key_secret">[% secret32 | html %]</span>"</p>
            <p>Time based: Yes</p>
        </div>

--- a/koha-tmpl/intranet-tmpl/prog/en/modules/members/two_factor_auth.tt
+++ b/koha-tmpl/intranet-tmpl/prog/en/modules/members/two_factor_auth.tt
@ -100,6 +100,7 @@
                        $("#secret32").val(data.secret32);
                        $("#issuer").html(data.issuer);
                        $("#key_id").html(data.key_id);
+                        $("#key_secret").html(data.secret32);
                        $("#registration-form").show();
                        $("#registration-status").hide();
                    },