feat(authelia): new totp settings (#111)

authelia · Dec 3, 2021 · e2e5314 · e2e5314
1 parent 17e7b94
commit e2e5314
Show file tree

Hide file tree

Showing 4 changed files with 33 additions and 5 deletions.
diff --git a/charts/authelia/Chart.yaml b/charts/authelia/Chart.yaml
@@ -1,6 +1,6 @@
 apiVersion: v2
 name: authelia
-version: 0.7.0
+version: 0.7.1
 kubeVersion: ">= 1.13.0-0"
 description: Authelia is a Single Sign-On Multi-Factor portal for web apps
 type: application

diff --git a/charts/authelia/templates/configMap.yaml b/charts/authelia/templates/configMap.yaml
@@ -35,6 +35,8 @@ data:
       {{- end }}
     totp:
       issuer: {{ default .Values.domain .Values.configMap.totp.issuer }}
+      algorithm: {{ default "sha1" .Values.configMap.totp.issuer }}
+      digits: {{ default 6 .Values.configMap.totp.issuer }}
       period: {{ default 30 .Values.configMap.totp.period }}
       skew: {{ default 1 .Values.configMap.totp.skew }}
     ntp:

diff --git a/charts/authelia/values.local.yaml b/charts/authelia/values.local.yaml
@@ -449,9 +449,22 @@ configMap:
     ## See: https://github.com/google/google-authenticator/wiki/Key-Uri-Format for more info on issuer names
     ## Defaults to <domain>.
     issuer: ""
-    ## The period in seconds a one-time password is current for. Changing this will require all users to register
-    ## their TOTP applications again. Warning: before changing period read the docs link below.
+
+    ## The TOTP algorithm to use.
+    ## It is CRITICAL you read the documentation before changing this option:
+    ## https://www.authelia.com/docs/configuration/one-time-password.html#algorithm
+    algorithm: "sha1"
+
+    ## The number of digits a user has to input. Must either be 6 or 8.
+    ## Changing this option only affects newly generated TOTP configurations.
+    ## It is CRITICAL you read the documentation before changing this option:
+    ## https://www.authelia.com/docs/configuration/one-time-password.html#digits
+    digits: 6
+
+    ## The period in seconds a one-time password is valid for.
+    ## Changing this option only affects newly generated TOTP configurations.
     period: 30
+
     ## The skew controls number of one-time passwords either side of the current one that are valid.
     ## Warning: before changing skew read the docs link below.
     ## See: https://www.authelia.com/docs/configuration/one-time-password.html#period-and-skew to read the documentation.

diff --git a/charts/authelia/values.yaml b/charts/authelia/values.yaml
@@ -447,9 +447,22 @@ configMap:
     ## See: https://github.com/google/google-authenticator/wiki/Key-Uri-Format for more info on issuer names
     ## Defaults to <domain>.
     issuer: ""
-    ## The period in seconds a one-time password is current for. Changing this will require all users to register
-    ## their TOTP applications again. Warning: before changing period read the docs link below.
+
+    ## The TOTP algorithm to use.
+    ## It is CRITICAL you read the documentation before changing this option:
+    ## https://www.authelia.com/docs/configuration/one-time-password.html#algorithm
+    algorithm: "sha1"
+
+    ## The number of digits a user has to input. Must either be 6 or 8.
+    ## Changing this option only affects newly generated TOTP configurations.
+    ## It is CRITICAL you read the documentation before changing this option:
+    ## https://www.authelia.com/docs/configuration/one-time-password.html#digits
+    digits: 6
+
+    ## The period in seconds a one-time password is valid for.
+    ## Changing this option only affects newly generated TOTP configurations.
     period: 30
+
     ## The skew controls number of one-time passwords either side of the current one that are valid.
     ## Warning: before changing skew read the docs link below.
     ## See: https://www.authelia.com/docs/configuration/one-time-password.html#period-and-skew to read the documentation.