Closed wittrup closed 6 years ago
Merging #55 into master will increase coverage by
<.01%
. The diff coverage is100%
.
@@ Coverage Diff @@
## master #55 +/- ##
==========================================
+ Coverage 98.46% 98.47% +<.01%
==========================================
Files 8 8
Lines 326 328 +2
==========================================
+ Hits 321 323 +2
Misses 5 5
Impacted Files | Coverage Δ | |
---|---|---|
setup.py | 100% <ø> (ø) |
:arrow_up: |
src/pyotp/otp.py | 100% <100%> (ø) |
:arrow_up: |
Continue to review full report at Codecov.
Legend - Click here to learn more
Δ = absolute <relative> (impact)
,ø = not affected
,? = missing data
Powered by Codecov. Last update 5418044...f9f4246. Read the comment docs.
Hi @wittrup, thank you for your pull request, and sorry it took me a while to get to reviewing it.
Most OTP secrets are expected to be transmitted via QR code. For situations where the code is copied verbatim, sanitizing input like this violates the principle of least surprise and is outside the scope of this library's functionality.
You are welcome to re-submit a PR that updates the package documentation with an appropriate recipe for how to sanitize user secret input.
In addition, please do not submit PRs that update the version number. The version is automatically managed by the release infrastructure in https://github.com/pyotp/pyotp/blob/master/common.mk.
Maybe a pull request to add a function that sanitizes, which wouldn't violate that 'principle of least surprise'
Added function that strips secret string from all non base32 characters. As many Two-step-verification providers tend to show the secrets this way, i.e.
"JBSW Y3DP EHPK 3PXP"
instead of"JBSWY3DPEHPK3PXP"
This feature make pyotp way easier to use with the console.Fixed pull request #54 issues: