summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorRobert Newson <rnewson@apache.org>2020-03-22 23:43:58 +0000
committerRobert Newson <rnewson@apache.org>2020-03-23 00:21:06 +0000
commitd639dee946ed1f5da57b4a460187eb7c8d21608c (patch)
treea1d17c01f8c2002663ea76c118e6d9387b781435
parentf8b60d19b7bb558909f75f6ab85327cc6ab5e9e2 (diff)
downloadcouchdb-d639dee946ed1f5da57b4a460187eb7c8d21608c.tar.gz
change verify_totp contract
Diffstat
-rw-r--r--src/couch/src/couch_httpd_auth.erl7
1 files changed, 4 insertions, 3 deletions
diff --git a/src/couch/src/couch_httpd_auth.erl b/src/couch/src/couch_httpd_auth.erl
index 7c55f390e..c91b6d694 100644
--- a/src/couch/src/couch_httpd_auth.erl
+++ b/src/couch/src/couch_httpd_auth.erl
@@ -333,7 +333,7 @@ handle_session_req(#httpd{method='POST', mochi_req=MochiReq}=Req, AuthModule) ->
end,
case authenticate(Password, UserProps) of
true ->
- verify_totp(UserProps, Form),
+ verify_totp(UserProps, couch_util:get_value("token", Form, "")),
% setup the session cookie
Secret = ?l2b(ensure_cookie_auth_secret()),
UserSalt = couch_util:get_value(<<"salt">>, UserProps),
@@ -501,7 +501,9 @@ reject_if_totp(User) ->
throw({unauthorized, <<"Name or password is incorrect.">>})
end.
-verify_totp(User, Form) ->
+verify_totp(User, Token) when is_list(Token) ->
+ verify_totp(User, ?l2b(Token));
+verify_totp(User, Token) when is_binary(Token) ->
case get_totp_config(User) of
undefined ->
ok;
@@ -510,7 +512,6 @@ verify_totp(User, Form) ->
Alg = couch_util:to_existing_atom(
couch_util:get_value(<<"algorithm">>, Props, <<"sha">>)),
Len = couch_util:get_value(<<"length">>, Props, 6),
- Token = ?l2b(couch_util:get_value("token", Form, "")),
verify_token(Alg, Key, Len, Token)
end.
View Lorry Controller Status