Main Koha release repository
https://koha-community.org
Jonathan Druart
b93e15c235
Bug 28786 added the ability to turn on a two-factor authentication, using a One Time Password (OTP). Once enabled on the system, librarian had the choice to enable or disable it for themselves. For security reason an administrator could decide to force the librarians to use this second authentication step. This patch adds a third option to the existing syspref, 'Enforced', for that purpose. QA notes: the code we had in the members/two_factor_auth.pl controller has been moved to REST API controller methods (with their tests and swagger specs), for reusability reason. Code from template has been moved to an include file for the same reason. Test plan: A. Regression tests As we modified the code we need first to confirm the existing features are still working as expected. 1. Turn off TwoFactorAuthentication (disabled) and confirm that you are not able to enable and access the second authentication step 2. Turn it on (enabled) and confirm that you are able to enable it in your account 3. Logout and confirm then that you are able to login into Koha B. The new option 1. Set the pref to "enforced" 2. You are not logged out, logged in users stay logged in 3. Pick a user that does not have 2FA setup, login 4. Notice the new screen (UI is a bit ugly, suggestions welcomed) 5. Try to access Koha without enabling 2FA, you shouldn't be able to access any pages 6. Setup 2FA and confirm that you are redirected to the login screen 7. Login, send the correct pin code => You are fully logged in! Note that at 6 we could redirect to the mainpage, without the need to login again, but I think it's preferable to reduce the change to C4::Auth. If it's considered mandatory by QA I could have a look on another bug report. Sponsored-by: Rijksmuseum, Netherlands Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> |
||
|---|---|---|
| acqui | ||
| admin | ||
| api | ||
| authorities | ||
| basket | ||
| bin | ||
| C4 | ||
| catalogue | ||
| cataloguing | ||
| circ | ||
| clubs | ||
| course_reserves | ||
| debian | ||
| docs | ||
| errors | ||
| etc | ||
| ill | ||
| installer | ||
| Koha | ||
| koha-tmpl | ||
| labels | ||
| lib/CGI/Session/Serialize | ||
| members | ||
| misc | ||
| offline_circ | ||
| opac | ||
| patron_lists | ||
| patroncards | ||
| plugins | ||
| pos | ||
| recalls | ||
| reports | ||
| reserve | ||
| reviews | ||
| rotating_collections | ||
| serials | ||
| services | ||
| skel | ||
| suggestion | ||
| svc | ||
| t | ||
| tags | ||
| tmp/modified_authorities | ||
| tools | ||
| virtualshelves | ||
| xt | ||
| .editorconfig | ||
| .eslintrc.json | ||
| .gitignore | ||
| .htaccess | ||
| .mailmap | ||
| .perlcriticrc | ||
| .proverc.dist | ||
| .stylelintrc.json | ||
| about.pl | ||
| app.psgi | ||
| changelanguage.pl | ||
| cpanfile | ||
| fix-perl-path.PL | ||
| gulpfile.js | ||
| help.pl | ||
| INSTALL | ||
| Koha.pm | ||
| koha_perl_deps.pl | ||
| kohaversion.pl | ||
| LICENSE | ||
| mainpage.pl | ||
| Makefile.PL | ||
| MANIFEST.SKIP | ||
| package.json | ||
| README | ||
| README.md | ||
| README.robots | ||
| rewrite-config.PL | ||
| yarn.lock | ||
Koha is a free software integrated library system (ILS).
Koha is distributed under the GNU GPL version 3 or later.
Note: Koha does not accept pull requests from git hosting sites.
Note: This project has its own bug tracker, to report a bug or submit a patch visit http://bugs.koha-community.org.
For guidelines on submitting patches for Koha please visit https://wiki.koha-community.org/wiki/SubmitingAPatch
The developers handbook can be found at https://wiki.koha-community.org/wiki/Developer_handbook
