fix issuer of OTP URI should be URI-encoded. (#6634)

* fix: Issuer of OTP URI should be URI-encoded. follow this link https://github.com/google/google-authenticator/wiki/Key-Uri-Format . * filter unsafe character ':' in issuer * Use Replace rather than ReplaceAll
2025-10-31 19:47:34 -04:00 · 2019-05-28 01:00:32 +08:00
parent 2c412f517a
commit cf3ffebfde
1 changed files with 3 additions and 1 deletions
--- a/routers/user/setting/security_twofa.go
+++ b/routers/user/setting/security_twofa.go
@@ -74,11 +74,13 @@ func twofaGenerateSecretAndQr(ctx *context.Context) bool {
 	if uri != nil {
 		otpKey, err = otp.NewKeyFromURL(uri.(string))
 	}
+	// Filter unsafe character ':' in issuer
+	issuer := strings.Replace(setting.AppName+" ("+setting.Domain+")", ":", "", -1)
 	if otpKey == nil {
 		err = nil // clear the error, in case the URL was invalid
 		otpKey, err = totp.Generate(totp.GenerateOpts{
 			SecretSize:  40,
-			Issuer:      setting.AppName + " (" + strings.TrimRight(setting.AppURL, "/") + ")",
+			Issuer:      issuer,
 			AccountName: ctx.User.Name,
 		})
 		if err != nil {