Add support for multiple OTPs in OTP (2FA) module

[quoraquestions]

i can help implement this, i am wondering about the method one should use to configure the OTP secrets, looks like configuring/inputting them via the nurses-ui poses a limitation on number of such secrets we can configure, lest we add another 'page' on which the user can configure 'n' number of secrets one by one.

[BenjaminSoelberg]

I think an easy fix could be a comma separated key value field, if it can hold the data. But if you can find a better way in ncurses then give it a go as well.

Then split it into pairs in python and generating a small c struct to be included in the opt.c. Like G, base64key, D, base64key G for say google, D for Dropbox and so on.

The display layout could be like: G123 T 456

Side note: We could also see if any of the symbols on the display is useful in anyway.

Use up/down buttons to switch between OTPs (with roll around)

[quoraquestions]

I'll start off with refactoring the otp.c to allow for more than one secret which should be a trivial change, i.e converting the array of keys to an array of pointers to the keys the index to which is controlled by up down keys. your idea sounds great, perhaps the first cut could be to we manually add key/value pairs into the ncurses otp box and the python decode code figures out whether there is a single key in there or multiple and accordingly populates the array, i have little experience with ncurses may take me some digging to figure out what the best ui element would be for our use case.

[BenjaminSoelberg]

Sounds fantastic.

I think a working OTP will be a very prominent feature of the watch. I agree that we should take the simple route for now.

[quoraquestions]

Just pushed a first cut commit, perhaps you could try it out and let me know if it is okay. i am not entirely happy with my python skills hence the file field_encoding.py is not up to mark/pythonic imho. feel free to emend the commit. i tested this out with four keys and it worked just fine, thanks for the key/value csv, made the job much easier to figure out how to go about this. for now no changes to urwind/ncurses.

[BenjaminSoelberg]

Sounds fantastic. Can’t wait to try it out. My python foo isn’t fantastic either. I suggest that if it works, then don’t fix it.

[BenjaminSoelberg]

Works great!

I took the liberty to patch a few minor things. Let me hear what you think.

I swapped up and down buttons back to "natural" since I just added a config feature to swap them system wide.

I have also changed the automatic index to start from A instead of 0 to make it more distinct that the first digit/char isn't part of the key.

I also added a call to clock_event on every index change in order to update the display right away and not have to wait up to a full second.

[quoraquestions]

LGTM 👍

[BenjaminSoelberg]

The help text for otp needs updating in config.py to explain usage and format

[BenjaminSoelberg]

I also found that adding Dropbox and GitHub 2FA fails. I guess it is due to the smaller key size ?

[quoraquestions]

Yes, I was thinking about this as well, should be an easy fix we could generate the otp key length for each key and add it as part of key structure rather than using a #define which is set to 20 bytes I think

[BenjaminSoelberg]

I was actually looking at that part of the code right now. But there is some usage of the sizeof as well, I guess that would have to be fixed as well. Is this a fix you would take on ?

[quoraquestions]

Sure I can fix it today and test it out as well

[quoraquestions]

fixed in latest pull request