nsinnovations/fusionpbx
2
0
Fork 0
mirror of https://github.com/fusionpbx/fusionpbx.git synced 2025-12-30 00:53:50 +00:00
Code Issues Packages Projects Releases Wiki Activity

[bug] base32 encoded TOTP secret

Browse Source 
Some applications rejected the TOTP secret. Use the Base2n class to create a better base32 encoded TOTP secret.
This commit is contained in:
FusionPBX
2023-04-27 01:14:06 -06:00
committed by GitHub
parent b3a0d67ac9
commit 5cfdccdc2a
1 changed files with 4 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
core/users/user_edit.php
View File

@@ -1104,11 +1104,13 @@
echo "</td>\n";
echo "<td class='vtable' align='left' valign='top'>\n";
echo " <input type='hidden' class='formfld' style='width: 250px;' name='user_totp_secret' id='user_totp_secret' value=\"".escape($user_totp_secret)."\" >";
if (strlen($user_totp_secret) == 0) {
if (empty($user_totp_secret)) {
$base32 = new base2n(5, 'ABCDEFGHIJKLMNOPQRSTUVWXYZ234567', FALSE, TRUE, TRUE);
$user_totp_secret = $base32->encode(generate_password(20,3));
echo button::create(['type'=>'button',
'label'=>$text['button-setup'],
'icon'=>'key',
'onclick'=>"document.getElementById('user_totp_secret').value = '".strtoupper(generate_password(32,3))."';
'onclick'=>"document.getElementById('user_totp_secret').value = '".$user_totp_secret."';
document.getElementById('frm').submit();"]);
}
else {