Fix OTP validation

The result from the form is never an int but rather a string of digits, so that's what we should be checking for. This fixes OTP validation (cherry picked from commit 5fe3c8b9f92665db54d74dc6b2334666c318bf0c)
2018-06-06 09:17:26 -02:00 · 2018-06-06 09:17:26 -02:00 · 5d40c42bbf
parent 0fb6e10cf5
commit 5d40c42bbf
1 changed files with 1 additions and 1 deletions
--- a/app/views.py
+++ b/app/views.py
@ -365,7 +365,7 @@ def login():

        # check if user enabled OPT authentication
        if user.otp_secret:
-            if otp_token and isinstance(otp_token, int):
+            if otp_token and otp_token.isdigit():
                good_token = user.verify_totp(otp_token)
                if not good_token:
                    return render_template('login.html', error='Invalid credentials',