Merge pull request #272 from tmuncks/fix-otp-validation

Fix OTP validation
This commit is contained in:
Khanh Ngo 2018-06-07 08:46:26 +07:00 committed by GitHub
commit 36bf492cb6
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23

View File

@ -365,7 +365,7 @@ def login():
# check if user enabled OPT authentication # check if user enabled OPT authentication
if user.otp_secret: if user.otp_secret:
if otp_token and isinstance(otp_token, int): if otp_token and otp_token.isdigit():
good_token = user.verify_totp(otp_token) good_token = user.verify_totp(otp_token)
if not good_token: if not good_token:
return render_template('login.html', error='Invalid credentials', return render_template('login.html', error='Invalid credentials',