proxmox/proxmox-tfa
Wolfgang Bumiller a3448feb1a tfa: log all tfa verify errors and treat as failure, count
Use a custom result type to return success/failure and the
need to save the user data to the caller, while having
logged the error messages rather than returning them.

We count general TFA failures and also TOTP specifically,
and lock the user out of their 2nd factors on too many
failures.

To this end, all errors are now treated as failures.
While technically we can have crypto errors the user might
not be able to cause, we can't always know, and not all
errors are guaranteed to be a host side configuration issue,
so instead, all errors (since they are rare) now now counted
as a regular TFA error.

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2023-05-10 10:35:54 +02:00
..
debian proxmox-tfa: update generated d/control 2023-03-02 16:54:59 +01:00
src tfa: log all tfa verify errors and treat as failure, count 2023-05-10 10:35:54 +02:00
Cargo.toml tfa: make 'anyhow' optional, enable with the 'api' feature 2023-05-08 10:32:26 +02:00