Remove totp options from code (#2541)
This commit is contained in:
parent
85e34afa64
commit
7b0990addd
|
@ -214,26 +214,14 @@ sub run {
|
||||||
$self->logger->debug("Reading TOTP secret if exists...");
|
$self->logger->debug("Reading TOTP secret if exists...");
|
||||||
$secret = $_->{_secret} foreach (@totp2f);
|
$secret = $_->{_secret} foreach (@totp2f);
|
||||||
|
|
||||||
if ( ( $req->param('newkey') and $self->conf->{totp2fUserCanChangeKey} )
|
if ($secret) {
|
||||||
or not $secret )
|
return $self->p->sendError( $req, 'totpExistingKey', 200 );
|
||||||
{
|
} else {
|
||||||
$secret = $self->newSecret;
|
$secret = $self->newSecret;
|
||||||
$self->logger->debug("Generating new secret = $secret");
|
$self->logger->debug("Generating new secret = $secret");
|
||||||
$nk = 1;
|
$nk = 1;
|
||||||
}
|
}
|
||||||
|
|
||||||
elsif ( $req->param('newkey') ) {
|
|
||||||
return $self->p->sendError( $req, 'notAuthorized', 200 );
|
|
||||||
}
|
|
||||||
|
|
||||||
elsif ( $self->conf->{totp2fDisplayExistingSecret} ) {
|
|
||||||
$self->logger->debug("User secret = $secret");
|
|
||||||
}
|
|
||||||
|
|
||||||
else {
|
|
||||||
return $self->p->sendError( $req, 'totpExistingKey', 200 );
|
|
||||||
}
|
|
||||||
|
|
||||||
# Secret is stored in a token: we choose to not accept secret returned
|
# Secret is stored in a token: we choose to not accept secret returned
|
||||||
# by Ajax request to avoid some attacks
|
# by Ajax request to avoid some attacks
|
||||||
my $token = $self->ott->createToken( {
|
my $token = $self->ott->createToken( {
|
||||||
|
|
Loading…
Reference in New Issue
Block a user