Skip to content
Projects
Groups
Snippets
Help
Loading...
Sign in
Toggle navigation
J
jumpserver
Project
Project
Details
Activity
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
0
Issues
0
List
Board
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Charts
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
ops
jumpserver
Commits
ab6c8882
Commit
ab6c8882
authored
6 years ago
by
vkill
Committed by
老广
6 years ago
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Support for TOTP valid_window configuration (#2187)
parent
b95f8a7d
Show whitespace changes
Inline
Side-by-side
Showing
4 changed files
with
13 additions
and
1 deletion
+13
-1
settings.py
apps/jumpserver/settings.py
+1
-0
utils.py
apps/users/utils.py
+2
-1
config_docker.py
config_docker.py
+7
-0
config_example.py
config_example.py
+3
-0
No files found.
apps/jumpserver/settings.py
View file @
ab6c8882
...
@@ -356,6 +356,7 @@ FILE_UPLOAD_DIRECTORY_PERMISSIONS = 0o755
...
@@ -356,6 +356,7 @@ FILE_UPLOAD_DIRECTORY_PERMISSIONS = 0o755
# OTP settings
# OTP settings
OTP_ISSUER_NAME
=
CONFIG
.
OTP_ISSUER_NAME
OTP_ISSUER_NAME
=
CONFIG
.
OTP_ISSUER_NAME
OTP_VALID_WINDOW
=
CONFIG
.
OTP_VALID_WINDOW
# Auth LDAP settings
# Auth LDAP settings
AUTH_LDAP
=
False
AUTH_LDAP
=
False
...
...
This diff is collapsed.
Click to expand it.
apps/users/utils.py
View file @
ab6c8882
...
@@ -292,7 +292,8 @@ def check_otp_code(otp_secret_key, otp_code):
...
@@ -292,7 +292,8 @@ def check_otp_code(otp_secret_key, otp_code):
if
not
otp_secret_key
or
not
otp_code
:
if
not
otp_secret_key
or
not
otp_code
:
return
False
return
False
totp
=
pyotp
.
TOTP
(
otp_secret_key
)
totp
=
pyotp
.
TOTP
(
otp_secret_key
)
return
totp
.
verify
(
otp_code
)
otp_valid_window
=
settings
.
OTP_VALID_WINDOW
or
0
return
totp
.
verify
(
otp
=
otp_code
,
valid_window
=
otp_valid_window
)
def
get_password_check_rules
():
def
get_password_check_rules
():
...
...
This diff is collapsed.
Click to expand it.
config_docker.py
View file @
ab6c8882
...
@@ -100,6 +100,9 @@ class Config:
...
@@ -100,6 +100,9 @@ class Config:
}
}
AUTH_LDAP_START_TLS
=
False
AUTH_LDAP_START_TLS
=
False
#
# OTP_VALID_WINDOW = 0
def
__init__
(
self
):
def
__init__
(
self
):
pass
pass
...
@@ -200,6 +203,10 @@ class DockerConfig(Config):
...
@@ -200,6 +203,10 @@ class DockerConfig(Config):
AUTH_LDAP_START_TLS
=
False
AUTH_LDAP_START_TLS
=
False
#
OTP_VALID_WINDOW
=
int
(
os
.
environ
.
get
(
"OTP_VALID_WINDOW"
))
if
os
.
environ
.
get
(
"OTP_VALID_WINDOW"
)
else
0
# Default using Config settings, you can write if/else for different env
# Default using Config settings, you can write if/else for different env
config
=
DockerConfig
()
config
=
DockerConfig
()
This diff is collapsed.
Click to expand it.
config_example.py
View file @
ab6c8882
...
@@ -90,6 +90,9 @@ class Config:
...
@@ -90,6 +90,9 @@ class Config:
# AUTH_OPENID_CLIENT_ID = 'client-id'
# AUTH_OPENID_CLIENT_ID = 'client-id'
# AUTH_OPENID_CLIENT_SECRET = 'client-secret'
# AUTH_OPENID_CLIENT_SECRET = 'client-secret'
#
# OTP_VALID_WINDOW = 0
def
__init__
(
self
):
def
__init__
(
self
):
pass
pass
...
...
This diff is collapsed.
Click to expand it.
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment
