Commit d8d5dd4a authored by ale's avatar ale

add OTP to the login form

parent cbe2f151
......@@ -103,7 +103,10 @@ def login():
return show_login_page(params, 'Invalid session')
username = _tostr(request.form.get('username'))
password = _tostr(request.form.get('password'))
if not app.login_service.authenticate(username, password):
otp = None
if app.config.get('SSO_ENABLE_OTP'):
otp = _tostr(request.form.get('otp'))
if not app.login_service.authenticate(username, password, otp):
# Authentication failed, show login page again.
return show_login_page(params, 'Authentication failed')
......
......@@ -5,6 +5,7 @@ import os
import threading
import time
import traceback
from sso_server.oath import accept_totp
from sso_server.auth import AuthBase
log = logging.getLogger(__name__)
......
......@@ -41,6 +41,13 @@ function setFocus() {
<input type="password" id="password" name="password">
</div>
{%- if config.get('SSO_ENABLE_OTP') %}
<div class="pure-control-group">
<label for="otp">OTP:</label>
<input type="text" id="otp" name="otp" size="6">
</div>
{% endif -%}
<div class="pure-controls">
{% if err %}
<p class="error">
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment