#2490 yubikey auth failure on admin.fp.o displays a tick icon
Closed: Fixed None Opened 9 years ago by elwell.

= phenomenon =
when setting up a yubikey on https://admin.fedoraproject.org/accounts/yubikey
the Test Auth: part always displays a green 'tick' icon, regardless of the message

Yubikey auth success. (reasonable)
Yubikey auth Failed: Unauthorized/Invalid OTP. (uhm, this would be better with a big red cross icon)

= reason =

= recommendation =
make the icon more reflective of the status message

have categorised as 'web content' but may be security?

Had a look at the code and I think we may need to patch the TurboGears package in order to fix this. If the patch is fairly unintrusive, I'd be okay with adding it to the TurboGears package we carry in Fedora and EPEL (and submitting upstream, of course).

If you (or someone else) is willing to work on this, let me know -- I'll fill you in on IRC with what I discovered so far. It'll be something of a backport as this has been fixed in the flash() implementation in TurboGears2 but TG2's flash() is based on pylons so it's very different from TG1. I just don't have the time to work on the code for this at the moment.

I'll try to have a look at it.

I found a TG plugin which is outdated and likely un-maintained but might still do the work: http://pypi.python.org/pypi/TurboFancyFlash/0.1a I will see if I can do something with it.

Has there been any progress on this ticket?

This should be fixed now. There is no longer an icon at all, it just tells you if it worked or not. ;)

Login to comment on this ticket.