kagi icon indicating copy to clipboard operation
kagi copied to clipboard

Published 20 hours ago verified publisher icon justinmayer

Metadata

WebAuthn security keys and TOTP multi-factor authentication for Django

Results 15 kagi issues
Sort by recently updated
recently updated
newest added

The demo doesn't seems to work with last versions of Chrome and Firefox

3 comment

On chrome : user.icon must be a secure URL. ![image](https://user-images.githubusercontent.com/229453/94802133-644c9000-03e7-11eb-8033-86c987e621f3.png) On Firefox: undefined ![image](https://user-images.githubusercontent.com/229453/94802165-73cbd900-03e7-11eb-84ca-9a2a10ce21e5.png)

Natim avatar Natim

Brute-force protection on TOTP

It looks like there is no brute-force protection on the TOTP implementation, without which it is quite vulnerable (i.e. can be brute-forced within a few hours/days in a typical setup)....

spookylukey avatar spookylukey

"unspecified certificate verification error" when WEBAUTHN_TRUSTED_ATTESTATION_CERT_REQUIRED = True

Whenever attestation is enabled in settings.py, new keys are unable to be enrolled. django debug log: ``` [04/Jan/2022 10:36:17] "GET /kagi/add-webauthn-key/ HTTP/1.1" 200 3940 [04/Jan/2022 10:36:24] "POST /kagi/api/begin-activate/ HTTP/1.1" 200...

johnmcc3 avatar johnmcc3

Demo instructions invoke migrate no such file or directory

10 comment

The Demo instructions get me as far as `invoke migrate` after which I am stuck: ``` invoke migrate /bin/bash: line 1: /home/dirk/.local/share/virtualenvs/kagi/bin/python: No such file or directory ``` Related note:...

Frikster avatar Frikster

Silent failure if WebAuthn key name is omitted

## Steps to Reproduce 1. Log in and choose “Manage WebAuthn keys” 1. Tap the appropriate link to add a key 1. _Without entering a key name_, tap the “Add...

justinmayer avatar justinmayer

Metadata

90
Stars
10
Forks
Watchers

Owner

verified publisher icon justinmayer

Metadata

WebAuthn security keys and TOTP multi-factor authentication for Django

Back