mirror of
https://github.com/Luzifer/vault-otp-ui.git
synced 2024-11-08 08:10:11 +00:00
Viewer for time based one-time passwords whose secret is stored in Vault
|
||
---|---|---|
Godeps | ||
vendor | ||
.gitignore | ||
.repo-runner.yaml | ||
application.coffee | ||
application.js | ||
assets.go | ||
Dockerfile | ||
index.html | ||
LICENSE | ||
main.go | ||
Makefile | ||
oauth.go | ||
README.md | ||
token.go |
Luzifer / vault-otp-ui
vault-otp-ui
is a viewer for time based one-time passwords whose secret is stored in Vault. After the Github oAuth2 login the interface features a clean list of tokens with their corresponding account names, a (regular expression capable) filter function, automatic refresh of the shown tokens after they got invalid and a mobile-friendly interface which allows the usage on any mobile phone.
Storage of the secrets
Two different methods are supported to store the secrets in Vault:
- Vault 0.7.x included TOTP backend
- Custom (generic) secrets containing
secret
,name
, andicon
keys
(When using the Vault builtin TOTP backend switching the icons for the tokens is not supported.)
Setup
- Create a new oAuth application
- Configure
<your vault-otp-ui instance>/oauth2
as the callback URL - Configure the Github authentication backend for your users to be able to
read
the keys containing the secrets / TOTP codes - See
vault-otp-ui --help
for configuration parameters- You must configure the Github oAuth2 credentials
- You must configure the Vault parameters
- You should configure a
session-secret
having at least 64 byte length (If you don't set this it's chosen randomly which will invalidate your session cookies on every restart of the application)