Closed ZetaTwo closed 5 years ago
Regression. Commit d71824816c89424696d4d07f916f8c4e75ebd4bf reverted this change so now 2FA is broken again.
Change
jQuery('#code').qrcode("#(totpToken)");
Into
jQuery('#code').qrcode("otpauth://totp/Fax%20Server:#(email)?secret=#(totpToken)&issuer=Fax%20Server&algorithm=SHA1&digits=6&period=30");
In Resources/Views/user.leaf:5 to fix this.
Currently the contents of the TOTP QR code contains simply the base32 secret key but for the authenticator apps to recognize them it needs some more extra data on this format:
"otpauth://TYPE/LABEL?PARAMETERS"
for example:
"otpauth://totp/Fax%20Server:user@domain.com?secret=SECRETBASE32KEYGOESHERE&issuer=Fax%20Server&algorithm=SHA1&digits=6&period=30"
Currently, then trying to scan the barcode I get an "invalid format" error.