Koha-community/Koha
13
7
Fork 0
Code Issues Releases Wiki Activity
Koha/debian/templates
History
David Cook 6a0955946e
Bug 30843: Add mfa_range configuration option for TOTP 
This change adds a mfa_range configuration option for TOTP
to koha-conf.xml, and overrides the "verify" method from
Auth::GoogleAuth in order to provide a new default for "range"

Test plan:
0. Apply the patch
1. koha-plack --restart kohadev
2. Go to
http://localhost:8081/cgi-bin/koha/admin/preferences.pl?op=search&searchfield=TwoFactorAuthentication
3. Change the syspref to "Enable"
4. Go to
http://localhost:8081/cgi-bin/koha/members/moremember.pl?borrowernumber=51
5. Click "More" and "Manage two-factor authentication"
6. Register using an app
7. In an Incognito window, go to
http://localhost:8081/cgi-bin/koha/mainpage.pl
8. Sign in with the "koha" user
9. Note down a code from your Authenticator app
10. Wait until after 60 seconds and try it
11. Note it says "Invalid two-factor code"
12. Try a new code from the app
13. Note that it works

14. Add <mfa_range>10</mfa_range> to /etc/koha/sites/kohadev/koha-conf.xml
15. Clear memcached and koha-plack --restart kohadev
16. Sign in with the "koha" user
17. Note down a code from your Authenticator app
18. Wait 4 minutes and then try it
19. Note that it works

20. Disable your two-factor authentication and click to re-enable it
21. Use a code older than 60 seconds when registering for the two
factor authentication
22. Note that the code works

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2023-09-25 10:53:51 -03:00
..
apache-shared-disable.conf
apache-shared-intranet-plack.conf Bug 33963: Remove C4::BackgroundJob 2023-06-15 08:48:12 -03:00
apache-shared-intranet.conf Bug 32030: Add Apache RewriteRule 2022-11-08 09:43:48 -03:00
apache-shared-opac-plack.conf
apache-shared-opac.conf
apache-shared.conf
apache-site-https.conf.in Bug 34193: SSLProtocol enable in use versions and disable deprecated versions 2023-08-18 10:29:21 +03:00
apache-site.conf.in
koha-common.conf
koha-conf-site.xml.in Bug 30843: Add mfa_range configuration option for TOTP 2023-09-25 10:53:51 -03:00
koha-core.conf
koha-sites.conf
koha-worker@.service Bug 32992: Move background_jobs_worker to misc/workers 2023-02-24 17:52:19 -03:00
log4perl-site.conf.in Bug 32612: (QA follow-up) Remove more unneeded appender lines 2023-02-03 10:30:04 -03:00
marc21-retrieval-info-auth-dom.xml
marc21-retrieval-info-bib-dom.xml
plack.psgi
SIPconfig.xml Bug 33580: Bring back ability to mark item as seen via SIP2 item information request 2023-05-12 11:22:47 -03:00
unimarc-retrieval-info-auth-dom.xml
unimarc-retrieval-info-bib-dom.xml
zebra-authorities-dom-site.cfg.in
zebra-biblios-dom-site.cfg.in
zebra.passwd.in