Specify TOTP validity window in settings.py

This commit is contained in:
Chris Young 2023-02-13 15:17:54 +00:00
parent 5bae00b3fe
commit 867b2ff542
2 changed files with 3 additions and 1 deletions

View file

@ -8,6 +8,7 @@ import pyotp
from bookwyrm import models from bookwyrm import models
from bookwyrm.settings import DOMAIN from bookwyrm.settings import DOMAIN
from bookwyrm.settings import TWO_FACTOR_LOGIN_VALIDITY_WINDOW
from .custom_form import CustomForm from .custom_form import CustomForm
@ -108,7 +109,7 @@ class Confirm2FAForm(CustomForm):
otp = self.data.get("otp") otp = self.data.get("otp")
totp = pyotp.TOTP(self.instance.otp_secret) totp = pyotp.TOTP(self.instance.otp_secret)
if not totp.verify(otp, valid_window=2): if not totp.verify(otp, valid_window=TWO_FACTOR_LOGIN_VALIDITY_WINDOW):
if self.instance.hotp_secret: if self.instance.hotp_secret:
# maybe it's a backup code? # maybe it's a backup code?

View file

@ -369,6 +369,7 @@ OTEL_EXPORTER_OTLP_HEADERS = env("OTEL_EXPORTER_OTLP_HEADERS", None)
OTEL_SERVICE_NAME = env("OTEL_SERVICE_NAME", None) OTEL_SERVICE_NAME = env("OTEL_SERVICE_NAME", None)
TWO_FACTOR_LOGIN_MAX_SECONDS = 60 TWO_FACTOR_LOGIN_MAX_SECONDS = 60
TWO_FACTOR_LOGIN_VALIDITY_WINDOW = 2
HTTP_X_FORWARDED_PROTO = env.bool("SECURE_PROXY_SSL_HEADER", False) HTTP_X_FORWARDED_PROTO = env.bool("SECURE_PROXY_SSL_HEADER", False)
if HTTP_X_FORWARDED_PROTO: if HTTP_X_FORWARDED_PROTO: