Merge pull request #256 from rene-dekkers/nonint_error

Fail when non-numeric otp token was inserted
2025-06-14 20:16:05 +00:00 · 2018-05-18 10:43:26 +07:00
parent 77f0deade8 08335cdedc
commit 4daf6f72a7
1 changed files with 1 additions and 1 deletions
--- a/app/views.py
+++ b/app/views.py
@ -365,7 +365,7 @@ def login():

        # check if user enabled OPT authentication
        if user.otp_secret:
-            if otp_token:
+            if otp_token and isinstance(otp_token, int):
                good_token = user.verify_totp(otp_token)
                if not good_token:
                    return render_template('login.html', error='Invalid credentials',