diff options
author | Robert Newson <rnewson@apache.org> | 2020-03-22 23:43:58 +0000 |
---|---|---|
committer | Robert Newson <rnewson@apache.org> | 2020-03-23 00:21:06 +0000 |
commit | d639dee946ed1f5da57b4a460187eb7c8d21608c (patch) | |
tree | a1d17c01f8c2002663ea76c118e6d9387b781435 | |
parent | f8b60d19b7bb558909f75f6ab85327cc6ab5e9e2 (diff) | |
download | couchdb-d639dee946ed1f5da57b4a460187eb7c8d21608c.tar.gz |
change verify_totp contract
-rw-r--r-- | src/couch/src/couch_httpd_auth.erl | 7 |
1 files changed, 4 insertions, 3 deletions
diff --git a/src/couch/src/couch_httpd_auth.erl b/src/couch/src/couch_httpd_auth.erl index 7c55f390e..c91b6d694 100644 --- a/src/couch/src/couch_httpd_auth.erl +++ b/src/couch/src/couch_httpd_auth.erl @@ -333,7 +333,7 @@ handle_session_req(#httpd{method='POST', mochi_req=MochiReq}=Req, AuthModule) -> end, case authenticate(Password, UserProps) of true -> - verify_totp(UserProps, Form), + verify_totp(UserProps, couch_util:get_value("token", Form, "")), % setup the session cookie Secret = ?l2b(ensure_cookie_auth_secret()), UserSalt = couch_util:get_value(<<"salt">>, UserProps), @@ -501,7 +501,9 @@ reject_if_totp(User) -> throw({unauthorized, <<"Name or password is incorrect.">>}) end. -verify_totp(User, Form) -> +verify_totp(User, Token) when is_list(Token) -> + verify_totp(User, ?l2b(Token)); +verify_totp(User, Token) when is_binary(Token) -> case get_totp_config(User) of undefined -> ok; @@ -510,7 +512,6 @@ verify_totp(User, Form) -> Alg = couch_util:to_existing_atom( couch_util:get_value(<<"algorithm">>, Props, <<"sha">>)), Len = couch_util:get_value(<<"length">>, Props, 6), - Token = ?l2b(couch_util:get_value("token", Form, "")), verify_token(Alg, Key, Len, Token) end. |