Open developerfromjokela opened 4 years ago
Wilma has OTP built-in.
Here's HTML source code:
<input type="hidden" id="mfa-formkey" value="passwd:56:e41c76b9c3a1917b5c2118613ebc67f4"> Dialog is not here. It's unnecessary.
Actual checking of that 2fa code is a POST request to: https://<wilmaserver>/api/v1/accounts/me/mfa/otp/check Post Data:
https://<wilmaserver>/api/v1/accounts/me/mfa/otp/check
payload
{"otp":"<OTPCODE>"}
formkey
mfa-formkey
Failed response:
{ "error":{ "statusCode":400, "internalErrorCode":"mfa-001", "message":"Virheellinen kysely", "description":"Virheelliset parametrit" } }
Invalid code response:
{"statusCode":200,"payload":{"success":false}}
Successful code response:
{"statusCode":200,"payload":{"success":true}}
After successul response, we can do Wilma requests as typically we do
MFA is now properly implemented, should be on included in wiki
Wilma has OTP built-in.
Here's HTML source code:
Actual checking of that 2fa code is a POST request to:
https://<wilmaserver>/api/v1/accounts/me/mfa/otp/check
Post Data:payload
: JSON object ({"otp":"<OTPCODE>"}
)formkey
:mfa-formkey
from HTMLFailed response:
Invalid code response:
Successful code response:
After successul response, we can do Wilma requests as typically we do