Fix yubikey from session.

2021-07-01 11:36:44 +00:00 · 2021-07-01 11:36:44 +00:00 · 80a364839a
commit 80a364839a
parent 48f934045e
1 changed files with 5 additions and 1 deletions
--- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/2F/Yubikey.pm
+++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/2F/Yubikey.pm
@ -174,7 +174,11 @@ sub verify {
    # Verify OTP
    my $yubikey = $self->_findYubikey( $req, $session );

-    unless ( $yubikey ) {
+    if (
+        index( $yubikey,
+            substr( $code, 0, $self->conf->{yubikey2fPublicIDSize} ) ) == -1
+       )    
+    {
        $self->userLogger->warn('Yubikey not registered');
        return PE_BADOTP;
    }