nathanwoodburn/emergency-access
1
0
Fork 0
generated from nathanwoodburn/python-webserver-template
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: Add support for multiple yubikeys
All checks were successful
Build Docker / BuildImage (push) Successful in 2m4s
Details

Browse Source
This commit is contained in:
Nathan Woodburn
2025-12-27 20:20:24 +11:00
parent d1c10d781d
commit b4d255b1ff
4 changed files with 453 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
server.py
View File

@@ -37,6 +37,10 @@ Session(app)
YUBICO_CLIENT_ID = os.getenv("YUBICO_CLIENT_ID")
YUBICO_SECRET_KEY = os.getenv("YUBICO_SECRET_KEY")
YUBIKEY_ID = os.getenv("YUBIKEY_ID") # The first 12 characters of your YubiKey OTP
if not YUBIKEY_ID and os.getenv("YUBIKEY_IDS"):
YUBIKEY_IDS = os.getenv("YUBIKEY_IDS","").split(",")
else:
YUBIKEY_IDS = [YUBIKEY_ID]
# Authentication function
def login_required(f):
@@ -111,7 +115,7 @@ def login():
otp = request.form.get("otp", "")
# Verify the first 12 characters of the OTP match the expected YubiKey ID
if not otp or len(otp) < 12 or otp[:12] != YUBIKEY_ID:
if not otp or len(otp) < 12 or (otp[:12] not in YUBIKEY_IDS):
error = "Invalid YubiKey OTP"
else:
try:
@@ -245,4 +249,4 @@ def not_found(e):
# endregion
if __name__ == "__main__":
app.run(debug=True, port=5000, host="0.0.0.0")
app.run(debug=True, port=5000, host="127.0.0.1")