Remove totp options from code (#2541)
This commit is contained in:
parent
85e34afa64
commit
7b0990addd
|
@ -214,26 +214,14 @@ sub run {
|
|||
$self->logger->debug("Reading TOTP secret if exists...");
|
||||
$secret = $_->{_secret} foreach (@totp2f);
|
||||
|
||||
if ( ( $req->param('newkey') and $self->conf->{totp2fUserCanChangeKey} )
|
||||
or not $secret )
|
||||
{
|
||||
if ($secret) {
|
||||
return $self->p->sendError( $req, 'totpExistingKey', 200 );
|
||||
} else {
|
||||
$secret = $self->newSecret;
|
||||
$self->logger->debug("Generating new secret = $secret");
|
||||
$nk = 1;
|
||||
}
|
||||
|
||||
elsif ( $req->param('newkey') ) {
|
||||
return $self->p->sendError( $req, 'notAuthorized', 200 );
|
||||
}
|
||||
|
||||
elsif ( $self->conf->{totp2fDisplayExistingSecret} ) {
|
||||
$self->logger->debug("User secret = $secret");
|
||||
}
|
||||
|
||||
else {
|
||||
return $self->p->sendError( $req, 'totpExistingKey', 200 );
|
||||
}
|
||||
|
||||
# Secret is stored in a token: we choose to not accept secret returned
|
||||
# by Ajax request to avoid some attacks
|
||||
my $token = $self->ott->createToken( {
|
||||
|
|
Loading…
Reference in New Issue
Block a user