Koha-community/Koha
13
7
Fork 0
Code Issues Releases Wiki Activity

Bug 30842: 2FA - Allow at least one old TOTP

Browse source 
We allow one old token when we are setting the two-factor auth, we
should reuse the same settings when validation the authentication
itself.

Test plan:
Setup 2FA for your logged-in user
Logout/Login
Have a look at the code and wait for 30 sec before using it (< 1min
however)

Signed-off-by: David Nind <david@davidnind.com>

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This commit is contained in:
Jonathan Druart 2022-05-25 10:04:58 +02:00 committed by Tomas Cohen Arazi
parent 17b7ae56c5
commit f6110ce417
Signed by: tomascohen
GPG key ID: 0A272EA1B2F3C15F
1 changed files with 1 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
C4/Auth.pm
View file

@ -911,7 +911,7 @@ sub checkauth {
{ {
my $patron = Koha::Patrons->find( { userid => $userid } ); my $patron = Koha::Patrons->find( { userid => $userid } );
my $auth = Koha::Auth::TwoFactorAuth->new( { patron => $patron } ); my $auth = Koha::Auth::TwoFactorAuth->new( { patron => $patron } );
my $verified = $auth->verify($otp_token); my $verified = $auth->verify($otp_token, 1);
$auth->clear; $auth->clear;
if ( $verified ) { if ( $verified ) {
# The token is correct, the user is fully logged in! # The token is correct, the user is fully logged in!