stages/authenticator_totp: set TOTP issuer based on slug'd tenant title

closes #1004 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-10 22:16:37 +02:00 · 2021-06-10 22:16:37 +02:00 · 7af12d4fec
parent 8d6db0fabf
commit 7af12d4fec
2 changed files with 6 additions and 2 deletions
--- a/authentik/stages/authenticator_totp/settings.py
+++ b/authentik/stages/authenticator_totp/settings.py
@ -3,4 +3,4 @@
 INSTALLED_APPS = [
    "django_otp.plugins.otp_totp",
 ]
-OTP_TOTP_ISSUER = "authentik"
+OTP_TOTP_ISSUER = "__to_replace__"
--- a/authentik/stages/authenticator_totp/stage.py
+++ b/authentik/stages/authenticator_totp/stage.py
@ -1,6 +1,7 @@
 """TOTP Setup stage"""
 from django.http import HttpRequest, HttpResponse
 from django.http.request import QueryDict
+from django.utils.text import slugify
 from django.utils.translation import gettext_lazy as _
 from django_otp.plugins.otp_totp.models import TOTPDevice
 from rest_framework.fields import CharField, IntegerField
@ -16,6 +17,7 @@ from authentik.flows.challenge import (
 from authentik.flows.planner import PLAN_CONTEXT_PENDING_USER
 from authentik.flows.stage import ChallengeStageView
 from authentik.stages.authenticator_totp.models import AuthenticatorTOTPStage
+from authentik.stages.authenticator_totp.settings import OTP_TOTP_ISSUER

 LOGGER = get_logger()
 SESSION_TOTP_DEVICE = "totp_device"
@ -54,7 +56,9 @@ class AuthenticatorTOTPStageView(ChallengeStageView):
        return AuthenticatorTOTPChallenge(
            data={
                "type": ChallengeTypes.NATIVE.value,
-                "config_url": device.config_url,
+                "config_url": device.config_url.replace(
+                    OTP_TOTP_ISSUER, slugify(self.request.tenant.branding_title)
+                ),
            }
        )