• Stars
    star
    127
  • Rank 282,790 (Top 6 %)
  • Language
    Python
  • License
    GNU General Publi...
  • Created almost 13 years ago
  • Updated over 4 years ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

A centralized totp solution based on google-authenticator

TOTPCGI

A centralized totp solution based on google-authenticator

Build Status
Author:[email protected]
Copyright:Konstantin Ryabitsev and contributors
License:GPLv2+
Version:0.6.0

DECRIPTION

The idea of totpcgi (pronounced "Toopy-CGI") came when lamenting that google-authenticator implementation is "almost there" to be used as a generic org-wide 2-factor solution, but is annoyingly written to be a one-secret-per-service (or -per-host) solution. Thus, totpcgi was born, which uses files generated by google-authenticator and serves them from a central installation.

It is intended to be used with pam_url.

FEATURES

  1. Fully interoperable with Google-Authenticator
  2. Uses Google-Authenticator-generated secret files
  3. Supports pincodes (i.e. users log in with 'usercode555555')
  4. Supports file-based state backend for non-redundant installations and Postgresql for load-balanced setups.
  5. Supports encrypting the Google-Authenticator master secret with the user's pincode.
  6. Supports web-based provisioning to generate Google-Authenticator compatible files (or database entries).

REQUIREMENTS

  1. pyotp
  2. google-authenticator to generate the .totp files by hand
  3. flup (for .fcgi only)
  4. psycopg2 (for postgresql backend support)
  5. py-bcrypt (for pincode support using bcrypt)
  6. pycrypto and passlib (for encrypted-secret support)
  7. pam_url (for PAM support)
  8. python-qrcode (for provisioning support)
  9. MySQL-python (for MySQL backend support)

All of these dependencies are in EPEL for RHEL 6.

AUTHORS

SUPPORT

Please open an issue on GitHub: https://github.com/mricon/totp-cgi/issues