DokuWiki entry: auth:motp
Download and install the archive by unpacking it in your DokuWiki root. Do NOT try to install it using the plugin manager!
After that, edit the file
conf/motp.auth.php and add the desired user's PINs, init-secrets and offsets. Don't forget to enable the motp authentication backend in the DokuWiki configuration. Also make sure that the server's time is correct.
This archive adds a new authentication backend called motp. This is basically a clone of the plain backend but with added checks for Mobile-OTP tokens. In the
conf/motp.auth.php file you define users who want to use mOTPs for login and their PIN and init-secrets of their token device. They then have to append the 6-digit token to their normal DokuWiki password to login.
So if your password is
foobar and your token device shows
1d2e3f as the current token, you have to enter
foobar1d2e3f as your password to get logged in. All users who are not listed in the
motp.auth.php file can still login normally.
A token is only valid for 10 seconds and can be used only once. The file
conf/motp.used.dat stores tokens and their last use to ensure that.
Please report problems on the plugin page of the DokuWiki homepage.
ntp_time.class.phpfor a list of servers), so make sure to adjust the offsets to 0
TIMEprotocol), edit the file
motp.class.phpand change line #70 from
$time = NTP_TIME::query();
$time = time();