[Koha-bugs] [Bug 30843] TOTP expiration delay should be configurable
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=30843 Katrin Fischer changed: What|Removed |Added Text to go in the||The mfa_range element in release notes||the koha-conf.xml file can ||now be used to change the ||default "range". Keywords|rel_22_11_candidate,|release-notes-needed |rel_23_05_candidate | -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 30843] TOTP expiration delay should be configurable
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=30843 --- Comment #21 from Matt Blenkinsop --- Nice work everyone! Pushed to oldstable for 22.11.x -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 30843] TOTP expiration delay should be configurable
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=30843 Matt Blenkinsop changed: What|Removed |Added Version(s)|23.11.00,23.05.05 |23.11.00,23.05.05,22.11.11 released in|| Status|Pushed to stable|Pushed to oldstable -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 30843] TOTP expiration delay should be configurable
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=30843 Fridolin Somers changed: What|Removed |Added Version(s)|23.11.00|23.11.00,23.05.05 released in|| Status|Pushed to master|Pushed to stable --- Comment #20 from Fridolin Somers --- Pushed to 23.05.x for 23.05.05 -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 30843] TOTP expiration delay should be configurable
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=30843 Marcel de Rooy changed: What|Removed |Added CC||fridolin.som...@biblibre.co ||m --- Comment #19 from Marcel de Rooy --- ping Fridolin -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 30843] TOTP expiration delay should be configurable
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=30843 --- Comment #18 from Tomás Cohen Arazi --- Pushed to master for 23.11. Nice work everyone, thanks! -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 30843] TOTP expiration delay should be configurable
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=30843 Tomás Cohen Arazi changed: What|Removed |Added Version(s)||23.11.00 released in|| Status|Passed QA |Pushed to master -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 30843] TOTP expiration delay should be configurable
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=30843 Martin Renvoize changed: What|Removed |Added Keywords||rel_22_11_candidate, ||rel_23_05_candidate -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 30843] TOTP expiration delay should be configurable
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=30843 --- Comment #17 from Martin Renvoize --- Though strictly and enhancement, I'd be tempted to treat this as a bugfix and have it backported a few versions personally. -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 30843] TOTP expiration delay should be configurable
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=30843 Martin Renvoize changed: What|Removed |Added Status|Signed Off |Passed QA --- Comment #16 from Martin Renvoize --- This is a solid improvement, works well and is unit tested.. no regressions and qa scripts are happy. Passing QA -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 30843] TOTP expiration delay should be configurable
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=30843 Martin Renvoize changed: What|Removed |Added Attachment #155354|0 |1 is obsolete|| -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 30843] TOTP expiration delay should be configurable
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=30843 Martin Renvoize changed: What|Removed |Added Attachment #155355|0 |1 is obsolete|| --- Comment #15 from Martin Renvoize --- Created attachment 155357 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=155357=edit Bug 30843: Add unit test for Koha::Auth::TwoFactorAuth::verify This change adds a unit test to test Koha::Auth::TwoFactorAuth::verify Signed-off-by: Marcel de Rooy Signed-off-by: Martin Renvoize -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 30843] TOTP expiration delay should be configurable
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=30843 --- Comment #14 from Martin Renvoize --- Created attachment 155356 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=155356=edit Bug 30843: Add mfa_range configuration option for TOTP This change adds a mfa_range configuration option for TOTP to koha-conf.xml, and overrides the "verify" method from Auth::GoogleAuth in order to provide a new default for "range" Test plan: 0. Apply the patch 1. koha-plack --restart kohadev 2. Go to http://localhost:8081/cgi-bin/koha/admin/preferences.pl?op=search=TwoFactorAuthentication 3. Change the syspref to "Enable" 4. Go to http://localhost:8081/cgi-bin/koha/members/moremember.pl?borrowernumber=51 5. Click "More" and "Manage two-factor authentication" 6. Register using an app 7. In an Incognito window, go to http://localhost:8081/cgi-bin/koha/mainpage.pl 8. Sign in with the "koha" user 9. Note down a code from your Authenticator app 10. Wait until after 60 seconds and try it 11. Note it says "Invalid two-factor code" 12. Try a new code from the app 13. Note that it works 14. Add 10 to /etc/koha/sites/kohadev/koha-conf.xml 15. Clear memcached and koha-plack --restart kohadev 16. Sign in with the "koha" user 17. Note down a code from your Authenticator app 18. Wait 4 minutes and then try it 19. Note that it works 20. Disable your two-factor authentication and click to re-enable it 21. Use a code older than 60 seconds when registering for the two factor authentication 22. Note that the code works Signed-off-by: Marcel de Rooy Signed-off-by: Martin Renvoize -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 30843] TOTP expiration delay should be configurable
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=30843 Martin Renvoize changed: What|Removed |Added CC||martin.renvoize@ptfs-europe ||.com QA Contact|testo...@bugs.koha-communit |martin.renvoize@ptfs-europe |y.org |.com -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 30843] TOTP expiration delay should be configurable
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=30843 Marcel de Rooy changed: What|Removed |Added Attachment #155349|0 |1 is obsolete|| --- Comment #13 from Marcel de Rooy --- Created attachment 155355 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=155355=edit Bug 30843: Add unit test for Koha::Auth::TwoFactorAuth::verify This change adds a unit test to test Koha::Auth::TwoFactorAuth::verify Signed-off-by: Marcel de Rooy -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 30843] TOTP expiration delay should be configurable
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=30843 Marcel de Rooy changed: What|Removed |Added Attachment #155348|0 |1 is obsolete|| --- Comment #12 from Marcel de Rooy --- Created attachment 155354 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=155354=edit Bug 30843: [alternate] Add mfa_range configuration option for TOTP This change adds a mfa_range configuration option for TOTP to koha-conf.xml, and overrides the "verify" method from Auth::GoogleAuth in order to provide a new default for "range" Test plan: 0. Apply the patch 1. koha-plack --restart kohadev 2. Go to http://localhost:8081/cgi-bin/koha/admin/preferences.pl?op=search=TwoFactorAuthentication 3. Change the syspref to "Enable" 4. Go to http://localhost:8081/cgi-bin/koha/members/moremember.pl?borrowernumber=51 5. Click "More" and "Manage two-factor authentication" 6. Register using an app 7. In an Incognito window, go to http://localhost:8081/cgi-bin/koha/mainpage.pl 8. Sign in with the "koha" user 9. Note down a code from your Authenticator app 10. Wait until after 60 seconds and try it 11. Note it says "Invalid two-factor code" 12. Try a new code from the app 13. Note that it works 14. Add 10 to /etc/koha/sites/kohadev/koha-conf.xml 15. Clear memcached and koha-plack --restart kohadev 16. Sign in with the "koha" user 17. Note down a code from your Authenticator app 18. Wait 4 minutes and then try it 19. Note that it works 20. Disable your two-factor authentication and click to re-enable it 21. Use a code older than 60 seconds when registering for the two factor authentication 22. Note that the code works Signed-off-by: Marcel de Rooy -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 30843] TOTP expiration delay should be configurable
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=30843 Marcel de Rooy changed: What|Removed |Added Status|Needs Signoff |Signed Off Patch complexity|--- |Trivial patch -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 30843] TOTP expiration delay should be configurable
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=30843 --- Comment #11 from David Cook --- (In reply to Jonathan Druart from comment #6) > Why don't you set it in Koha/Auth/TwoFactorAuth.pm to also affect the call > from Koha/REST/V1/TwoFactorAuth.pm (used for the registration)? Done -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 30843] TOTP expiration delay should be configurable
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=30843 --- Comment #10 from David Cook --- Created attachment 155349 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=155349=edit Bug 30843: Add unit test for Koha::Auth::TwoFactorAuth::verify This change adds a unit test to test Koha::Auth::TwoFactorAuth::verify -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 30843] TOTP expiration delay should be configurable
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=30843 David Cook changed: What|Removed |Added Attachment #155253|0 |1 is obsolete|| --- Comment #9 from David Cook --- Created attachment 155348 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=155348=edit Bug 30843: [alternate] Add mfa_range configuration option for TOTP This change adds a mfa_range configuration option for TOTP to koha-conf.xml, and overrides the "verify" method from Auth::GoogleAuth in order to provide a new default for "range" Test plan: 0. Apply the patch 1. koha-plack --restart kohadev 2. Go to http://localhost:8081/cgi-bin/koha/admin/preferences.pl?op=search=TwoFactorAuthentication 3. Change the syspref to "Enable" 4. Go to http://localhost:8081/cgi-bin/koha/members/moremember.pl?borrowernumber=51 5. Click "More" and "Manage two-factor authentication" 6. Register using an app 7. In an Incognito window, go to http://localhost:8081/cgi-bin/koha/mainpage.pl 8. Sign in with the "koha" user 9. Note down a code from your Authenticator app 10. Wait until after 60 seconds and try it 11. Note it says "Invalid two-factor code" 12. Try a new code from the app 13. Note that it works 14. Add 10 to /etc/koha/sites/kohadev/koha-conf.xml 15. Clear memcached and koha-plack --restart kohadev 16. Sign in with the "koha" user 17. Note down a code from your Authenticator app 18. Wait 4 minutes and then try it 19. Note that it works 20. Disable your two-factor authentication and click to re-enable it 21. Use a code older than 60 seconds when registering for the two factor authentication 22. Note that the code works -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 30843] TOTP expiration delay should be configurable
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=30843 David Cook changed: What|Removed |Added Status|ASSIGNED|Needs Signoff -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 30843] TOTP expiration delay should be configurable
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=30843 Jonathan Druart changed: What|Removed |Added Status|Needs Signoff |ASSIGNED -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 30843] TOTP expiration delay should be configurable
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=30843 --- Comment #8 from Jonathan Druart --- (In reply to David Cook from comment #7) > (In reply to Jonathan Druart from comment #6) > > Why don't you set it in Koha/Auth/TwoFactorAuth.pm to also affect the call > > from Koha/REST/V1/TwoFactorAuth.pm (used for the registration)? > > Funny you mention it... I did write a version where I overrode verify() but > then I thought maybe we wouldn't want to embed C4::Context in > Koha/Auth/TwoFactorAuth.pm, so I opted for this version instead. That's not a problem. % git grep -l 'use C4::Context' Koha|wc -l 93 -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 30843] TOTP expiration delay should be configurable
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=30843 --- Comment #7 from David Cook --- (In reply to Jonathan Druart from comment #6) > Why don't you set it in Koha/Auth/TwoFactorAuth.pm to also affect the call > from Koha/REST/V1/TwoFactorAuth.pm (used for the registration)? Funny you mention it... I did write a version where I overrode verify() but then I thought maybe we wouldn't want to embed C4::Context in Koha/Auth/TwoFactorAuth.pm, so I opted for this version instead. Both options seemed to have their pros and cons, and I was fine with both really. Happy to do the override version instead if folk prefer that. -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 30843] TOTP expiration delay should be configurable
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=30843 --- Comment #6 from Jonathan Druart --- Why don't you set it in Koha/Auth/TwoFactorAuth.pm to also affect the call from Koha/REST/V1/TwoFactorAuth.pm (used for the registration)? -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 30843] TOTP expiration delay should be configurable
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=30843 --- Comment #5 from David Cook --- Note this change affects both app-based and emailed passwords. It would be way too much work to just do it for emailed passwords. -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 30843] TOTP expiration delay should be configurable
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=30843 --- Comment #4 from David Cook --- Created attachment 155253 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=155253=edit Bug 30843: Add mfa_range configuration option for TOTP This change adds a mfa_range configuration option for TOTP to koha-conf.xml Test plan: 0. Apply the patch 1. koha-plack --restart kohadev 2. Go to http://localhost:8081/cgi-bin/koha/admin/preferences.pl?op=search=TwoFactorAuthentication 3. Change the syspref to "Enable" 4. Go to http://localhost:8081/cgi-bin/koha/members/moremember.pl?borrowernumber=51 5. Click "More" and "Manage two-factor authentication" 6. Register using an app 7. In an Incognito window, go to http://localhost:8081/cgi-bin/koha/mainpage.pl 8. Sign in with the "koha" user 9. Note down a code from your Authenticator app 10. Wait until after 60 seconds and try it 11. Note it says "Invalid two-factor code" 12. Try a new code from the app 13. Note that it works 14. Add 10 to /etc/koha/sites/kohadev/koha-conf.xml 15. Clear memcached and koha-plack --restart kohadev 16. Sign in with the "koha" user 17. Note down a code from your Authenticator app 18. Wait 4 minutes and then try it 19. Note that it works -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 30843] TOTP expiration delay should be configurable
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=30843 David Cook changed: What|Removed |Added Status|NEW |Needs Signoff -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 30843] TOTP expiration delay should be configurable
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=30843 David Cook changed: What|Removed |Added Assignee|koha-b...@lists.koha-commun |dc...@prosentient.com.au |ity.org | -- You are receiving this mail because: You are watching all bug changes. You are the assignee for the bug. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 30843] TOTP expiration delay should be configurable
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=30843 --- Comment #3 from David Cook --- Sorry I meant "interval" not "range". -- You are receiving this mail because: You are the assignee for the bug. You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 30843] TOTP expiration delay should be configurable
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=30843 --- Comment #2 from David Cook --- I'm getting reports that 60 seconds isn't long enough for some users. As I noted on https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=28787#c12 it seems that other systems support up to 5 minutes. I reckon we should be using a different "range" for emailed tokens versus app tokens, but it looks like we'd need some extra session state to be able to know what method to expect. -- You are receiving this mail because: You are watching all bug changes. You are the assignee for the bug. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 30843] TOTP expiration delay should be configurable
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=30843 Bug 30843 depends on bug 30842, which changed state. Bug 30842 Summary: Two-factor authentication code should be valid longer https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=30842 What|Removed |Added Status|Pushed to stable|RESOLVED Resolution|--- |FIXED -- You are receiving this mail because: You are watching all bug changes. You are the assignee for the bug. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 30843] TOTP expiration delay should be configurable
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=30843 --- Comment #1 from Marcel de Rooy --- (In reply to Jonathan Druart from comment #0) > It's valid 60 seconds, it could be a configuration option. The interval is default 30 seconds in GoogleAuth. 30842 adds 1 older token. Note that GoogleAuth does not take the interval in the new method, but allows you to pass interval both to ->code as well as ->verify. -- You are receiving this mail because: You are the assignee for the bug. You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 30843] TOTP expiration delay should be configurable
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=30843 David Cook changed: What|Removed |Added CC||dc...@prosentient.com.au -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 30843] TOTP expiration delay should be configurable
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=30843 Marcel de Rooy changed: What|Removed |Added CC||m.de.r...@rijksmuseum.nl -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
