RPJosh
/
authelia
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge pull request #162 from clems4ever/remove-totp-secret-logs 

Remove totp secret logs
pull/163/head
Clément Michaud 2017-10-18 00:45:41 +02:00 committed by GitHub
parent 5300f67217 67096cfb9d
commit 8def9bb1a9
1 changed files with 1 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
server/src/lib/routes/secondfactor/totp/sign/post.ts
View File

@ -23,12 +23,10 @@ export default function (vars: ServerVariables) {
return AuthenticationSession.get(req)
.then(function (_authSession: AuthenticationSession.AuthenticationSession) {
authSession = _authSession;
vars.logger.info(req, "Initiate TOTP validation for user '%s'.", authSession.userid);
vars.logger.info(req, "Initiate TOTP validation for user \"%s\".", authSession.userid);
return vars.userDataStore.retrieveTOTPSecret(authSession.userid);
})
.then(function (doc: TOTPSecretDocument) {
vars.logger.debug(req, "TOTP secret is %s", JSON.stringify(doc));
if (!vars.totpHandler.validate(token, doc.secret.base32))
return BluebirdPromise.reject(new Error("Invalid TOTP token."));