Add support for 2 factor authentication when logging in.
Review Request #5080 — Created Dec. 9, 2013 and submitted — Latest diff uploaded
Add support for 2 factor authentication when logging in.
RBCommons will soon be getting 2 factor auth support, and this will
likely trickle down into Review Board at some point once things
stabilize. This change adds support for this when logging into RBTools.After attempting to log in, the server may respond with an
X-ReviewBoard-OTP header. This is actually quite similar to the
X-GitHub-OTP header that GitHub uses. It indicates that a One-Time
Password is required, and what method the user is expected to use to
receive it. They are then prompted for that password. Once entering it,
RBTools will proceed as before, getting a cookie and using it for future
requests.
Tested with my OTP support pending in RBCommons. My first login attempt
prompted for a login and password, and then that was followed up with a
request for a token, which the server saw. I saw the instructions matching
my device.I entered a bad token, and it prompted me again. I then entered a good token
and it successfully logged in.I also posted this change to this server without problems.