48 lines
627 B
Django/Jinja
48 lines
627 B
Django/Jinja
server default {
|
|
listen {
|
|
type = auth
|
|
ipaddr = *
|
|
port = 0
|
|
limit {
|
|
max_connections = 16
|
|
lifetime = 0
|
|
idle_timeout = 30
|
|
}
|
|
}
|
|
listen {
|
|
ipaddr = *
|
|
port = 0
|
|
type = acct
|
|
limit {
|
|
}
|
|
}
|
|
authorize {
|
|
filter_username
|
|
filter_google_totp
|
|
ldap
|
|
if (&Google-Password) {
|
|
update control {
|
|
&User-Password := "%{&Google-Password}"
|
|
Auth-Type := PAP
|
|
}
|
|
}
|
|
}
|
|
authenticate {
|
|
Auth-Type PAP {
|
|
pap
|
|
if (&Google-Password) {
|
|
update request {
|
|
&User-Password := "%{&Google-Password}"
|
|
}
|
|
pam
|
|
} else {
|
|
update reply {
|
|
Reply-Message := "Login incorrect: TOTP Fail"
|
|
}
|
|
reject
|
|
}
|
|
}
|
|
pam
|
|
}
|
|
}
|