-
-
Notifications
You must be signed in to change notification settings - Fork 13
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add OTP support #131
Add OTP support #131
Conversation
Thank you very much - I will get it to test it on Chrome. |
Hi, I testet it in Chrome (Version 120.0.6099.224) and the new 2FA auto login worked. Furtheremore I reviewed the code changes a bit and everything looks fine to me. It reuses many functions of the username-password auto login, which already proofed to work. I just have some notes regarding its usability:
|
Also - when adding the Add On to chrome - this throws an error in
I am not sure what that even means, but i does not seem to have impact on functionality. |
We do not inject any scripts into OpalExam for obvious reasons. So works as intended.
Nice catch, would've never noticed that. As you said, it has no impact on functionality in this case.
Yes this will need to be done, thanks for pointing that out. Probably it will just be another "tab" in the login window, as layout shifts currently mean more styling issues ^^ |
Could and should the UI-Change (i.e. additional input field) be done in another PR, or should I leave this one open? |
Will try to add it today. |
Nope, seems to be a bit harder as the currently established Username-Password input fields are really hard to extend. But I don't think thats too bad. Most users use TOTPs (I think? Personal experience...) and don't know where to find their secret. So saying to just generate a new token currently is the easiest way for anyone... So @OliEfr if you want to merge do it. |
* fix _execute_action for ff * Fix npm commands (#132) Thanks @A-K-O-R-A for noticing this bug and reporting it! Have a good day. * Feature/add hover texts (#133) * Add hover texts for the popup icons * Extend Informatik discord hover text * Correct spelling * Add OTP support (#131) * Add first classes for otp saving and generation * Typo * OTP saving complete * Better OTP saving * OTP filling * Add recovery codes to prompt * Eslint --------- Co-authored-by: Daniel Kluge <[email protected]> Co-authored-by: Maf <[email protected]> Co-authored-by: Daniel <[email protected]>
Pull Request
Description
This PR will add OTP support to TUfast where the secret is stored, and the values automatically filled on login.
Although this makes 2FA kinda useless, the fact that 2FA will be forced, and that this feature was requested multiple times means it should be added.
Also, currently the really critical logins (HISQIS/jExam/Selma) are not even secured by 2FA.
References
Closes #127
Type of change
Further info
Testing
We have 1500+ Users. Please test your changes thoroughly.
npm run test
locallyAdditional Information
When testing this, please be careful when creating new tokens!! Always save them in another location!