Feature/totp default admin #111
Conversation
jack1902
force-pushed
the
feature/totp_default_admin
branch
from
db142cd to
8586b81
Compare
|
Kudos, SonarCloud Quality Gate passed!
|
|
That force-push was to cause SonarCloud to re-trigger. i have disabled the warning about |
There was a problem hiding this comment.
Sorry for the delay, I wanted to give a test in a local setup to be sure everything was fine, for the next iteration of the CI I think I need to focus on unit testing or something on the likes to save time.
The change is awseome @jack1902, thanks for all the work done ˆˆ.
| key, err := totp.Generate( | ||
| totp.GenerateOpts{ | ||
| Issuer: httpHost, | ||
| AccountName: config.Info.Email, |
There was a problem hiding this comment.
Here's the problem, it should be c.Info.Email not config
|
I don't see this option when I go to settings, is there a flag or some way to enable this? I'd love to use it on my admin account. |
to:
cc: @subspacecommunity/subspace-maintainers
related to:
resolves: #104
Background
Wanted to secure the default user of subspace with TOTP. Now it is possible to turn on TOTP for the default user by visiting
/settingsand scanning the QR code with your phone (or putting the secret key into something else)Changes
/settings/settings(only visible if TOTP is already configured)Admin(This means both SAML Signed in Admin and the default Admin)Pics
Initial Setup of MFA
Reset MFA (will then result in the above page)
Sign in page for default admin account if TOTP has been saved
Testing
Ran this locally multiple times on my Droplet in Digital Ocean (i'm using rsync to sync changes to my box and then running
docker-compose up --build -dwhenever changes are made togofiles. For changes related static files i simply specify--debugin the build step forgo-bindataand mountweb/into the running container.go-bindatathen reads these files live on each request :D)