如何修改代码自定义PrivacyIDEA的OTP邮件模板?

privacyIDEA

1 前言

一个问题,一篇文章,一出故事。
笔者因为需要实现SFTP服务的2FA然后需要使用邮件发送验证码模板,于是整理此章节。
本章基于privacyIDEA,因此如果你没有部署privacyIDEA的环境,你需要参阅如下章节,

如何部署privacyIDEA?

2 最佳实践

2.1 修改邮件的默认主题

cp /opt/privacyidea/lib/python3.6/site-packages/privacyidea/lib/tokens/emailtoken.py /opt/privacyidea/lib/python3.6/site-packages/privacyidea/lib/tokens/emailtoken.py.default
vim /opt/privacyidea/lib/python3.6/site-packages/privacyidea/lib/tokens/emailtoken.py

修改如下配置,

    @log_with(log)
    def create_challenge(self, transactionid=None, options=None):
        #...
        if self.is_active() is True:
            #...
                if options.get("session") != CHALLENGE_SESSION.ENROLLMENT:
                    #...
                    subject_template, _n = self._get_email_text_or_subject(options,
                                                                       EMAILACTION.EMAILSUBJECT,
                                                                       "[CMDSCHOOL SFTP] SFTP Login Security Code")
                    #...

2.2 创建邮件模板

vim /etc/privacyidea/emailtemplate.html

修改如下配置,

<p>
Dear {username}
</p>
<p>
Note: This is a service message regarding the security code you have requested for login [CMDSCHOOL SFTP].
</p>
<p>
Here is the security code :
</p>
<p style="font-size: 160%;">
<b>{otp}</b>
</p>
<p>
Please enter this code on prompted screen to complete the verification and this code will automatically expire in 15 minutes.
</p>
<p>
Note: This email is an automatically generated email from [CMDSCHOOL SFTP], please do not respond to this email, and delete immediately after saving the  
credentials!
</p>

2.3 修改配置加载邮件模板

vim /opt/privacyidea/lib/python3.6/site-packages/privacyidea/lib/tokens/emailtoken.py

修改如下配置,

    @staticmethod
    def _get_email_text_or_subject(options,
                                   action=EMAILACTION.EMAILTEXT,
                                   default="file:/etc/privacyidea/emailtemplate.html"):
        #...

然后,你需要重载服务使配置生效,

systemctl reload httpd.service

参阅文档
===============
https://privacyidea.readthedocs.io/en/latest/policies/authentication.html#emailtext
https://github.com/privacyidea/privacyidea/pull/907#discussion_r163258063

修改源代码的实现方式
——————
https://github.com/privacyidea/privacyidea/blob/master/privacyidea/lib/tokens/emailtoken.py#L363

没有评论

发表回复

privacyIDEA
如何让PrivacyIDEA集成Google身份验证器?

1 前言 一个问题,一篇文章,一出故事。 笔者安装并配置2FA的服务端PrivacyIDEA,想测试 …

Keycloak
如何配置Keycloak集成PrivacyIDEA?

1 基础知识 1.1 前言 一个问题,一篇文章,一出故事。 本章将Keycloak与PrivacyI …

privacyIDEA
如何配置PrivacyIDEA LDAP协议集成AD?

1 前言 一个问题,一篇文章,一出故事。 笔者的PrivacyIDEA需要通过与LDAP集成来获取用 …