change mfa to SMS otp - Githubissues

data-govt-nz / ckanext-security

A CKAN extension to hold various security improvements for CKAN

GNU Affero General Public License v3.0

25 stars 31 forks source link

change mfa to SMS otp #68

Open Nimaj1994 opened 6 months ago

Nimaj1994 commented 6 months ago

Hi As I understood you've used pyotp package for mfa. this package also support SMS otp.can you please point me to the file that I should change to switch it to SMS otp please? I did add mobile phone number to my users model and there is no problem with that.

markstuart commented 4 months ago

Hi @Nimaj1994, the interaction with the pyotp library all happens in the SecurityTOTP class here: https://github.com/data-govt-nz/ckanext-security/blob/master/ckanext/security/model.py#L58

If you look at where the class methods on SecurityTOTP are used in the codebase, that should give you an idea of where you might need to make changes to pass the SMS code in or whatever you need to do.

Feel free to raise a pull request if you like :)