![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
![[site community profile]](https://www.dreamwidth.org/img/comm_staff.png){kind=small}
[dreamwidth/dw-free] c61bd0: Initial pass at TOTP (2fa) (#2624)
Branch: refs/heads/master
Home: https://github.com/dreamwidth/dw-free
Commit: c61bd094f36f46c89b75c0c109c39c5a32481bf9
https://github.com/dreamwidth/dw-free/commit/c61bd094f36f46c89b75c0c109c39c5a32481bf9
Author: Mark Smith <mark@dreamwidth.org>
Date: 2020-04-24 (Fri, 24 Apr 2020)
Changed paths:
M bin/upgrading/update-db-general.pl
A cgi-bin/DW/Auth/Helpers.pm
M cgi-bin/DW/Auth/Password.pm
A cgi-bin/DW/Auth/TOTP.pm
M cgi-bin/DW/Controller/Settings.pm
A cgi-bin/DW/Setting/Display/Manage2FA.pm
M cgi-bin/DW/TaskQueue/SQS.pm
M cgi-bin/LJ/User/Login.pm
M doc/dependencies-cpanm
M htdocs/manage/settings/index.bml
A t/auth-helpers.t
M t/auth-password.t
A t/auth-totp.t
M views/beta.tt.text
M views/settings/changepassword.tt
A views/settings/manage2fa/disable.tt
A views/settings/manage2fa/index-disabled.tt
A views/settings/manage2fa/index-enabled.tt
A views/settings/manage2fa/setup.tt
Log Message:
-----------
Initial pass at TOTP (2fa) (#2624)
* Initial pass at TOTP (2fa)
This implements support for configuring 2fa using TOTP codes. At the
moment, this is not actually used in our authentication flows, but it at
least is the plumbing to do so.
TODO:
* recover account with recovery codes
* admin tools for manipulating 2fa
* support tools for showing 2fa status
* actual authentication integration for login
* think about all the other flows we use passwords?
* ???
* profit!
* Update to new DW::Auth::TOTP format
* Put 2FA behind beta feature
* wtb precommit tidy
Home: https://github.com/dreamwidth/dw-free
Commit: c61bd094f36f46c89b75c0c109c39c5a32481bf9
https://github.com/dreamwidth/dw-free/commit/c61bd094f36f46c89b75c0c109c39c5a32481bf9
Author: Mark Smith <mark@dreamwidth.org>
Date: 2020-04-24 (Fri, 24 Apr 2020)
Changed paths:
M bin/upgrading/update-db-general.pl
A cgi-bin/DW/Auth/Helpers.pm
M cgi-bin/DW/Auth/Password.pm
A cgi-bin/DW/Auth/TOTP.pm
M cgi-bin/DW/Controller/Settings.pm
A cgi-bin/DW/Setting/Display/Manage2FA.pm
M cgi-bin/DW/TaskQueue/SQS.pm
M cgi-bin/LJ/User/Login.pm
M doc/dependencies-cpanm
M htdocs/manage/settings/index.bml
A t/auth-helpers.t
M t/auth-password.t
A t/auth-totp.t
M views/beta.tt.text
M views/settings/changepassword.tt
A views/settings/manage2fa/disable.tt
A views/settings/manage2fa/index-disabled.tt
A views/settings/manage2fa/index-enabled.tt
A views/settings/manage2fa/setup.tt
Log Message:
-----------
Initial pass at TOTP (2fa) (#2624)
* Initial pass at TOTP (2fa)
This implements support for configuring 2fa using TOTP codes. At the
moment, this is not actually used in our authentication flows, but it at
least is the plumbing to do so.
TODO:
* recover account with recovery codes
* admin tools for manipulating 2fa
* support tools for showing 2fa status
* actual authentication integration for login
* think about all the other flows we use passwords?
* ???
* profit!
* Update to new DW::Auth::TOTP format
* Put 2FA behind beta feature
* wtb precommit tidy