Koha-community/Koha
13
7
Fork 0
Code Issues Releases Wiki Activity
Koha/debian/templates
History
David Cook 5cef65a87f Bug 30843: Add mfa_range configuration option for TOTP 
This change adds a mfa_range configuration option for TOTP
to koha-conf.xml, and overrides the "verify" method from
Auth::GoogleAuth in order to provide a new default for "range"

Test plan:
0. Apply the patch
1. koha-plack --restart kohadev
2. Go to
http://localhost:8081/cgi-bin/koha/admin/preferences.pl?op=search&searchfield=TwoFactorAuthentication
3. Change the syspref to "Enable"
4. Go to
http://localhost:8081/cgi-bin/koha/members/moremember.pl?borrowernumber=51
5. Click "More" and "Manage two-factor authentication"
6. Register using an app
7. In an Incognito window, go to
http://localhost:8081/cgi-bin/koha/mainpage.pl
8. Sign in with the "koha" user
9. Note down a code from your Authenticator app
10. Wait until after 60 seconds and try it
11. Note it says "Invalid two-factor code"
12. Try a new code from the app
13. Note that it works

14. Add <mfa_range>10</mfa_range> to /etc/koha/sites/kohadev/koha-conf.xml
15. Clear memcached and koha-plack --restart kohadev
16. Sign in with the "koha" user
17. Note down a code from your Authenticator app
18. Wait 4 minutes and then try it
19. Note that it works

20. Disable your two-factor authentication and click to re-enable it
21. Use a code older than 60 seconds when registering for the two
factor authentication
22. Note that the code works

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
(cherry picked from commit 6a0955946e)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
2023-10-05 08:36:20 -10:00
..
apache-shared-disable.conf
apache-shared-intranet-plack.conf Bug 27421: Commit and revert 2022-09-19 15:14:56 -03:00
apache-shared-intranet.conf Bug 32030: Add Apache RewriteRule 2022-11-08 09:43:48 -03:00
apache-shared-opac-plack.conf
apache-shared-opac.conf Bug 25548: Remove Apache rewrite directives that trigger redirects 2020-11-20 14:23:52 +01:00
apache-shared.conf
apache-site-https.conf.in Bug 34193: SSLProtocol enable in use versions and disable deprecated versions 2023-08-21 20:23:12 -10:00
apache-site.conf.in
koha-common.conf
koha-conf-site.xml.in Bug 30843: Add mfa_range configuration option for TOTP 2023-10-05 08:36:20 -10:00
koha-core.conf Bug 26672: Add additional koha-core and koha-full files to ./debian 2020-11-25 16:18:03 +01:00
koha-sites.conf Bug 18984: Remove NORMARC support 2021-10-07 15:36:40 +02:00
koha-worker@.service Bug 32992: Move background_jobs_worker to misc/workers 2023-02-24 17:52:19 -03:00
log4perl-site.conf.in Bug 32612: (QA follow-up) Remove more unneeded appender lines 2023-02-03 10:30:04 -03:00
marc21-retrieval-info-auth-dom.xml
marc21-retrieval-info-bib-dom.xml
plack.psgi Bug 22824: Remove C4::Boolean, true_p, boolean_preference, etc. 2021-03-04 16:18:42 +01:00
SIPconfig.xml Bug 33580: Bring back ability to mark item as seen via SIP2 item information request 2023-05-12 11:22:47 -03:00
unimarc-retrieval-info-auth-dom.xml
unimarc-retrieval-info-bib-dom.xml
zebra-authorities-dom-site.cfg.in
zebra-biblios-dom-site.cfg.in
zebra.passwd.in