Hi all,
I’ve set up on Onwcloud 2FA TOTP application according to the manuals.
Everything works fine but there is a requirement to slightly change initial 2FA-registration step whith forced 2FA.
Instead of showing QR picture for authenticator app on the challenge page it is required to send this picture to the user email (which is on internal protected network). It increases security and does not expose the registration QR to internet.
The question: is it possible to change the page code to achieve this?
The challenge.php in ./apps_external/twofactor_totp/templates seems the place to make these changes. But as I’m not strong in php I’d would ask the community first.
Thanks
Steps to reproduce
- Log with logon and passwd to OC
- Get the next challenge page asking to scan shown QR with authenticator app on mobile phone (only first time)
- Enter number code from authenticator app
4.Get into the OwnCloud interface
Expected behaviour
- Email is sent to logging user account in the background, and the challenge page is waiting for number code
Server configuration
OracleLinux 7.6
Web server:
apache 2.4.6
PHP version:
7.4.33
ownCloud version: (see ownCloud admin page)
10.13.4