Dustin Netherlands (formerly Unilogic B.V.)

icon indicating a website link http://www.dustin.nl/

icon company Dustin Netherlands (formerly Unilogic B.V.) icon location The Netherlands

Results 4 issues of Dustin Netherlands (formerly Unilogic B.V.)

models/user.py: add non-zero valid_window to totp.verify

PyOTP's totp.verify defaults to the valid_window of zero, which means it will reject valid codes, if submitted just past the 30 sec window. It also means, users will run into...

routes/index.py: otp_force shouldn't apply to OAuth

1 comment

as 2FA policies are typically enforced on the OAuth proviers end Relates to #1051

models/user.py: properly guard plain_text_password property

Resolves the following issue, which occurs with force_otp enabled and OAuth authentication sources: File "/srv/powerdnsadmin/powerdnsadmin/models/user.py", line 481, in update_profile "utf-8") if self.plain_text_password else user.password AttributeError: 'User' object has no attribute...

bug
authentication

admin_edit_key: default to User role for new api keys

1 comment

hopefully this will prevent accidental administator api keys from being created

accepted
reviewed