[Koha-bugs] [Bug 29873] 2FA: Generate QR code without exposing secret via HTTP GET
bugzilla-daemon at bugs.koha-community.org
bugzilla-daemon at bugs.koha-community.org
Tue Jan 18 16:04:06 CET 2022
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=29873
Marcel de Rooy <m.de.rooy at rijksmuseum.nl> changed:
What |Removed |Added
----------------------------------------------------------------------------
Attachment #129402|0 |1
is obsolete| |
--- Comment #4 from Marcel de Rooy <m.de.rooy at rijksmuseum.nl> ---
Created attachment 129576
-->
https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=129576&action=edit
Bug 29873: Create QR code
Instead of using deprecated Google Charts API, and exposing our
secret in a GET parameter, we generate QR data ourselves.
Test plan:
[1] Enable two factor authentication in the prefs.
[2] Login in staff. Go to account. Select Manage 2FA.
[3] Verify that QR code is displayed.
[4] Register the QR in your authenticator app and test 2FA
by logging in again.
Signed-off-by: Marcel de Rooy <m.de.rooy at rijksmuseum.nl>
Tested with Google Authenticator and FreeOTP.
--
You are receiving this mail because:
You are watching all bug changes.
More information about the Koha-bugs
mailing list