1 前言

一个问题，一篇文章，一出故事。
笔者因为需要实现SFTP服务的2FA然后需要使用邮件发送验证码模板，于是整理此章节。
本章基于privacyIDEA，因此如果你没有部署privacyIDEA的环境，你需要参阅如下章节，

如何部署privacyIDEA？

2 最佳实践

2.1 修改邮件的默认主题

cp /opt/privacyidea/lib/python3.6/site-packages/privacyidea/lib/tokens/emailtoken.py /opt/privacyidea/lib/python3.6/site-packages/privacyidea/lib/tokens/emailtoken.py.default
vim /opt/privacyidea/lib/python3.6/site-packages/privacyidea/lib/tokens/emailtoken.py

修改如下配置，

    @log_with(log)
    def create_challenge(self, transactionid=None, options=None):
        #...
        if self.is_active() is True:
            #...
                if options.get("session") != CHALLENGE_SESSION.ENROLLMENT:
                    #...
                    subject_template, _n = self._get_email_text_or_subject(options,
                                                                       EMAILACTION.EMAILSUBJECT,
                                                                       "[CMDSCHOOL SFTP] SFTP Login Security Code")
                    #...

2.2 创建邮件模板

vim /etc/privacyidea/emailtemplate.html

修改如下配置，

<p>
Dear {username}
</p>
<p>
Note: This is a service message regarding the security code you have requested for login [CMDSCHOOL SFTP].
</p>
<p>
Here is the security code :
</p>
<p style="font-size: 160%;">
<b>{otp}</b>
</p>
<p>
Please enter this code on prompted screen to complete the verification and this code will automatically expire in 15 minutes.
</p>
<p>
Note: This email is an automatically generated email from [CMDSCHOOL SFTP], please do not respond to this email, and delete immediately after saving the  
credentials!
</p>

2.3 修改配置加载邮件模板

vim /opt/privacyidea/lib/python3.6/site-packages/privacyidea/lib/tokens/emailtoken.py

修改如下配置，

    @staticmethod
    def _get_email_text_or_subject(options,
                                   action=EMAILACTION.EMAILTEXT,
                                   default="file:/etc/privacyidea/emailtemplate.html"):
        #...

然后，你需要重载服务使配置生效，