Pascal de Bruijn 846c03f154 models/user.py: add non-zero valid_window to totp.verify ...

PyOTP's totp.verify defaults to the valid_window of zero, which means
it will reject valid codes, if submitted just past the 30 sec window.
It also means, users will run into authentication issues very quickly
if their phones time-sync isn't perfect.

Therefore valid_window should at the very least be 1 or more, settting
it higher trades security for robustness, especially with regard to
time desync issues.

2022-09-07 14:23:34 +02:00

..

__init__.py

feat: Associate an API Key with accounts (#1044)

2021-12-03 14:12:11 +00:00

account_user.py

Code refactoring and bug fixes

2020-06-19 08:47:51 +07:00

account.py

feat: Move the account parse calls to a method

2022-06-18 14:30:56 +02:00

api_key_account.py

feat: Associate an API Key with accounts (#1044)

2021-12-03 14:12:11 +00:00

api_key.py

Use secrets module for generating new API keys and passwords

2021-12-04 16:08:07 +01:00

base.py

Refactoring the code

2019-12-02 10:32:03 +07:00

domain_setting.py

Code refactoring and bug fixes

2020-06-19 08:47:51 +07:00

domain_template_record.py

Fix logging in models

2020-01-29 22:18:15 +07:00

domain_template.py

Refactoring the code

2019-12-02 10:32:03 +07:00

domain_user.py

Code refactoring and bug fixes

2020-06-19 08:47:51 +07:00

domain.py

enh: Improve performance of domain update (#1218)

2022-06-18 14:23:05 +02:00

history.py

History Tab Overhaul & Domain Record Modifications Changelog (#1042)

2021-11-30 11:02:37 +02:00

record_entry.py

Code refactoring and bug fixes

2020-06-19 08:47:51 +07:00

record.py

Update using only one api call

2022-06-18 18:58:39 +02:00

role.py

Code refactoring and bug fixes

2020-06-19 08:47:51 +07:00

server.py

Code refactoring and bug fixes

2020-06-19 08:47:51 +07:00

setting.py

feat: Add the extra chars as an option

2022-06-18 14:30:56 +02:00

user.py

models/user.py: add non-zero valid_window to totp.verify

2022-09-07 14:23:34 +02:00