mirror of
https://github.com/inverse-inc/sogo.git
synced 2026-07-12 11:55:09 +00:00
fix(web): use a distinct salt for TOTP authentication
If TOTP is enabled for a user, it will be disabled until the user configure it again, which will generate a new private salt.
This commit is contained in:
@@ -26,6 +26,7 @@
|
||||
function link(scope, element, attrs) {
|
||||
var width = parseInt(scope.width) || 256,
|
||||
height = parseInt(scope.height) || width,
|
||||
// See https://github.com/google/google-authenticator/wiki/Key-Uri-Format
|
||||
uri = 'otpauth://totp/SOGo:' + Settings.activeUser('email') + '?secret=' + scope.text.replace(/=+$/, '') + '&issuer=SOGo';
|
||||
new QRCode(element[0], {
|
||||
text: uri,
|
||||
|
||||
Reference in New Issue
Block a user