OTP 2nd-Factor authentication service
Provides OTP 2FA, see Two-factor OTP authentication for more details.
Setup
Use the template EVA_DIR/share/svc-tpl/svc-tpl-aaa-otp.yml:
# OTP auth service
command: svc/eva-aaa-otp
bus:
path: var/bus.ipc
config:
# user accounts to exclude OTP checking
exclude: []
user: nobody
Create the service using eva-shell:
eva svc create eva.aaa.otp /opt/eva4/share/svc-tpl/svc-tpl-aaa-otp.yml
or using the bus CLI client:
cd /opt/eva4
cat DEPLOY.yml | ./bin/yml2mp | \
./sbin/bus ./var/bus.ipc rpc call eva.core svc.deploy -
(see eva.core::svc.deploy for more info)
EAPI methods
See EAPI commons for the common information about the bus, types, errors and RPC calls.
otp.check
Description |
Checks OTP password for the given account |
Parameters |
required |
Returns |
If OTP is required, returns “OTP|svc|REQ” in the error message, for new OTP setup returns “OTP|svc|SETUP=SECRET” |
Name |
Type |
Description |
Required |
login |
String |
Account login |
yes |
otp |
String/null |
One-time password |
yes |
otp.destroy
Description |
Destroys OTP for the account |
Parameters |
required |
Returns |
nothing |
Name |
Type |
Description |
Required |
i |
String |
Account login |
yes |