Koha-community/Koha
13
7
Fork 0
Code Issues Releases Wiki Activity
Koha/etc
History
David Cook 5cef65a87f Bug 30843: Add mfa_range configuration option for TOTP 
This change adds a mfa_range configuration option for TOTP
to koha-conf.xml, and overrides the "verify" method from
Auth::GoogleAuth in order to provide a new default for "range"

Test plan:
0. Apply the patch
1. koha-plack --restart kohadev
2. Go to
http://localhost:8081/cgi-bin/koha/admin/preferences.pl?op=search&searchfield=TwoFactorAuthentication
3. Change the syspref to "Enable"
4. Go to
http://localhost:8081/cgi-bin/koha/members/moremember.pl?borrowernumber=51
5. Click "More" and "Manage two-factor authentication"
6. Register using an app
7. In an Incognito window, go to
http://localhost:8081/cgi-bin/koha/mainpage.pl
8. Sign in with the "koha" user
9. Note down a code from your Authenticator app
10. Wait until after 60 seconds and try it
11. Note it says "Invalid two-factor code"
12. Try a new code from the app
13. Note that it works

14. Add <mfa_range>10</mfa_range> to /etc/koha/sites/kohadev/koha-conf.xml
15. Clear memcached and koha-plack --restart kohadev
16. Sign in with the "koha" user
17. Note down a code from your Authenticator app
18. Wait 4 minutes and then try it
19. Note that it works

20. Disable your two-factor authentication and click to re-enable it
21. Use a code older than 60 seconds when registering for the two
factor authentication
22. Note that the code works

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
(cherry picked from commit 6a0955946e)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
2023-10-05 08:36:20 -10:00
..
z3950 Bug 25716: (QA follow-up) Make sure a comment doesn't break tests 2022-10-24 18:52:35 -03:00
zebradb Bug 24517: Add missing 6th position to date-entered-on-file index 2023-07-17 13:43:49 +01:00
apache.conf Bug 20582: Add very simple configuration file for Apache 2020-10-06 12:00:04 +02:00
koha-conf.xml Bug 30843: Add mfa_range configuration option for TOTP 2023-10-05 08:36:20 -10:00
koha-httpd.conf Bug 32030: Add Apache RewriteRule 2022-11-08 09:43:48 -03:00
koha-worker.service Bug 32992: Move background_jobs_worker to misc/workers 2023-02-24 17:52:19 -03:00
log4perl.conf Bug 32612: (QA follow-up) Remove superfluous line 2023-02-03 10:30:03 -03:00
nginx.conf Bug 32716: larger proxy_buffer_size in NGINX example config 2023-04-14 11:35:18 -03:00
README.txt
SIPconfig.xml Bug 34101: Limit items types that can be checked out via SIP2 2023-07-17 16:35:05 +01:00

README.txt 

Koha Configuration Files:

The following files specify the base configuration for Koha ZOOM:

 * koha-httpd.conf  
In a debian system, this apache configuration file will be symlinked
from /etc/apache2/sites-enabled
Specify Koha's IP address with NameVirtualHost
Set ServerName, etc

 * koha-production.xml  
 * koha-testing.xml 
These are the production and testing configurations for zebrasrv and for Koha.
The first part of each file specifies Zebra server names, indexing configuration files,
and query language configurations.  Koha configuration directives follow. 

 * zebra-authorities.cfg  
 * zebra-biblios.cfg