mike-jumper commented on a change in pull request #471: GUACAMOLE-753: Add TOTP
auth method to Docker image
URL: https://github.com/apache/guacamole-client/pull/471#discussion_r383098401
##########
File path: guacamole-docker/bin/start.sh
##########
@@ -707,6 +722,11 @@ END
exit 1;
fi
+# Use TOTP if specified.
+if [ -n "$TOTP_ENABLED" ]; then
Review comment:
My preference would be:
* Continue using `TOTP_ENABLED`.
* Actually check the value rather than simply whether it's set. The current
implementation would enable TOTP if the user sets `TOTP_ENABLED` to "1", to
"false", to "salmon", etc., and that's not exactly rigorous.
I'm not against additionally accepting `TOTP_*` in lieu of `TOTP_ENABLED`
for convenience, but if so:
* Only actual, known variables should be accepted (for similar reasons to
the above... setting `TOTP_FISH` to "salmon" shouldn't result in TOTP being
enabled).
* `TOTP_ENABLED` should still probably be accepted (and checked), as users
shouldn't be required to set a TOTP-related variable to its default value just
to enable use of TOTP.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
[email protected]
With regards,
Apache Git Services
