search

EsupPortail / esup-otp-api

REST API to send/validate One time passwords
https://www.esup-portail.org/wiki/display/esupotp
MIT License
5 stars 7 forks source link

Improve security of push #6

Closed vbonamy closed 3 years ago

vbonamy commented 3 years ago

Use random string instead user hash as lt (when lt is not needed/provided). No need to send user.push.code to phone application.

aanli commented 3 years ago

Vincent tu peux proposer 2 commits distincts pour lt et pour le code ?

vbonamy commented 3 years ago

Vincent tu peux proposer 2 commits distincts pour lt et pour le code ?

Fait :+1: