diff --git a/.env b/.env index b04b6320..d960f8e6 100644 --- a/.env +++ b/.env @@ -40,6 +40,13 @@ ## For U2F to work, the server must use HTTPS, you can use Let's Encrypt for free certs # DOMAIN=https://bw.domain.tld:8443 +## Yubico (Yubikey) Settings +## Set your Client ID and Secret Key for Yubikey OTP +## You can generate it here: https://upgrade.yubico.com/getapikey/ +## TODO: Allow choosing custom YubiCloud server +# YUBICO_CLIENT_ID=11111 +# YUBICO_SECRET_KEY=AAAAAAAAAAAAAAAAAAAAAAAA + ## Rocket specific settings, check Rocket documentation to learn more # ROCKET_ENV=staging # ROCKET_ADDRESS=0.0.0.0 # Enable this to test mobile app diff --git a/src/main.rs b/src/main.rs index db560661..f4c6d341 100644 --- a/src/main.rs +++ b/src/main.rs @@ -25,6 +25,7 @@ extern crate oath; extern crate data_encoding; extern crate jsonwebtoken as jwt; extern crate u2f; +extern crate yubico; extern crate dotenv; #[macro_use] extern crate lazy_static; @@ -245,6 +246,10 @@ pub struct Config { domain: String, domain_set: bool, + yubico_cred_set: bool, + yubico_client_id: String, + yubico_secret_key: String, + mail: Option, } @@ -258,6 +263,9 @@ impl Config { let domain = get_env("DOMAIN"); + let yubico_client_id = get_env("YUBICO_CLIENT_ID"); + let yubico_secret_key = get_env("YUBICO_SECRET_KEY"); + Config { database_url: get_env_or("DATABASE_URL", format!("{}/{}", &df, "db.sqlite3")), icon_cache_folder: get_env_or("ICON_CACHE_FOLDER", format!("{}/{}", &df, "icon_cache")), @@ -283,6 +291,10 @@ impl Config { domain_set: domain.is_some(), domain: domain.unwrap_or("http://localhost".into()), + yubico_cred_set: yubico_client_id.is_some() && yubico_secret_key.is_some(), + yubico_client_id: yubico_client_id.unwrap_or("00000".into()), + yubico_secret_key: yubico_secret_key.unwrap_or("AAAAAAA".into()), + mail: MailConfig::load(), } }