]>
git.proxmox.com Git - pmg-api.git/blob - src/PMG/TFAConfig.pm
1 package PMG
::TFAConfig
;
8 use PVE
::JSONSchema
qw(get_standard_option);
9 use PVE
::Exception
qw(raise);
14 use base
'PMG::RS::TFA';
16 my $inotify_file_id = 'pmg-tfa.json';
17 my $config_filename = '/etc/pmg/tfa.json';
22 my $class = ref($type) || $type;
24 my $cfg = PVE
::INotify
::read_file
($inotify_file_id);
26 return bless $cfg, $class;
32 PVE
::INotify
::write_file
($inotify_file_id, $self);
35 # This lives in `UserConfig` in order to enforce lock order.
37 return PMG
::UserConfig
::lock_tfa_config
(@_);
40 my sub read_tfa_conf
: prototype($$) {
41 my ($filename, $fh) = @_;
45 $raw = do { local $/ = undef; <$fh> };
50 my $cfg = PMG
::RS
::TFA-
>new($raw);
52 # Purge invalid users:
53 my $usercfg = PMG
::UserConfig-
>new();
54 foreach my $user ($cfg->users()->@*) {
55 if (!$usercfg->lookup_user_data($user, 1)) {
56 $cfg->remove_user($user);
63 my sub write_tfa_conf
: prototype($$$) {
64 my ($filename, $fh, $cfg) = @_;
68 PVE
::Tools
::safe_print
($filename, $fh, $cfg->SUPER::write());
71 PVE
::INotify
::register_file
(
77 always_call_parser
=> 1,
78 # the parser produces a rust TfaConfig object, Clone::clone would break this