Adds Yubico Client ID and Secret Key Env Vars

.env

@@ -40,6 +40,13 @@
 ## For U2F to work, the server must use HTTPS, you can use Let's Encrypt for free certs
 # DOMAIN=https://bw.domain.tld:8443
 
+## Yubico (Yubikey) Settings
+## Set your Client ID and Secret Key for Yubikey OTP
+## You can generate it here: https://upgrade.yubico.com/getapikey/
+## TODO: Allow choosing custom YubiCloud server
+# YUBICO_CLIENT_ID=11111
+# YUBICO_SECRET_KEY=AAAAAAAAAAAAAAAAAAAAAAAA
+
 ## Rocket specific settings, check Rocket documentation to learn more
 # ROCKET_ENV=staging
 # ROCKET_ADDRESS=0.0.0.0 # Enable this to test mobile app

src/main.rs

@@ -25,6 +25,7 @@ extern crate oath;
 extern crate data_encoding;
 extern crate jsonwebtoken as jwt;
 extern crate u2f;
+extern crate yubico;
 extern crate dotenv;
 #[macro_use]
 extern crate lazy_static;
@@ -245,6 +246,10 @@ pub struct Config {
     domain: String,
     domain_set: bool,
 
+    yubico_cred_set: bool,
+    yubico_client_id: String,
+    yubico_secret_key: String,
+
     mail: Option<MailConfig>,
 }
 
@@ -258,6 +263,9 @@ impl Config {
 
         let domain = get_env("DOMAIN");
 
+        let yubico_client_id = get_env("YUBICO_CLIENT_ID");
+        let yubico_secret_key = get_env("YUBICO_SECRET_KEY");
+
         Config {
             database_url: get_env_or("DATABASE_URL", format!("{}/{}", &df, "db.sqlite3")),
             icon_cache_folder: get_env_or("ICON_CACHE_FOLDER", format!("{}/{}", &df, "icon_cache")),
@@ -283,6 +291,10 @@ impl Config {
             domain_set: domain.is_some(),
             domain: domain.unwrap_or("http://localhost".into()),
 
+            yubico_cred_set: yubico_client_id.is_some() && yubico_secret_key.is_some(),
+            yubico_client_id: yubico_client_id.unwrap_or("00000".into()),
+            yubico_secret_key: yubico_secret_key.unwrap_or("AAAAAAA".into()),
+
             mail: MailConfig::load(),
         }
     }