mirror of
https://github.com/mail-in-a-box/mailinabox.git
synced 2024-12-22 07:17:05 +00:00
Exclude mru_token in user key hash
This commit is contained in:
parent
ada2167d08
commit
1f0e493b8c
@ -4,7 +4,7 @@ from flask import make_response
|
||||
|
||||
import utils
|
||||
from mailconfig import get_mail_password, get_mail_user_privileges
|
||||
from mfa import get_mfa_state, validate_auth_mfa
|
||||
from mfa import get_hash_mfa_state, validate_auth_mfa
|
||||
|
||||
DEFAULT_KEY_PATH = '/var/lib/mailinabox/api.key'
|
||||
DEFAULT_AUTH_REALM = 'Mail-in-a-Box Management Server'
|
||||
@ -147,7 +147,7 @@ class KeyAuthService:
|
||||
|
||||
# Add to the message the current MFA state, which is a list of MFA information.
|
||||
# Turn it into a string stably.
|
||||
msg += b" " + json.dumps(get_mfa_state(email, env), sort_keys=True).encode("utf8")
|
||||
msg += b" " + json.dumps(get_hash_mfa_state(email, env), sort_keys=True).encode("utf8")
|
||||
|
||||
# Make the HMAC.
|
||||
hash_key = self.key.encode('ascii')
|
||||
|
@ -22,11 +22,17 @@ def get_mfa_state(email, env):
|
||||
]
|
||||
|
||||
def get_public_mfa_state(email, env):
|
||||
c = open_database(env)
|
||||
c.execute('SELECT id, type, label FROM mfa WHERE user_id=?', (get_user_id(email, c),))
|
||||
mfa_state = get_mfa_state(email, env)
|
||||
return [
|
||||
{ "id": r[0], "type": r[1], "label": r[2] }
|
||||
for r in c.fetchall()
|
||||
{ "id": s["id"], "type": s["type"], "label": s["label"] }
|
||||
for s in mfa_state
|
||||
]
|
||||
|
||||
def get_hash_mfa_state(email, env):
|
||||
mfa_state = get_mfa_state(email, env)
|
||||
return [
|
||||
{ "id": s["id"], "type": s["type"], "secret": s["secret"] }
|
||||
for s in mfa_state
|
||||
]
|
||||
|
||||
def enable_mfa(email, type, secret, token, label, env):
|
||||
|
Loading…
Reference in New Issue
Block a user