From 46e6ddb8fc264d6c244e4dee60a2b9dabb2caa62 Mon Sep 17 00:00:00 2001
From: si458 <simonsmith5521@gmail.com>
Date: Sun, 23 Mar 2025 20:07:06 +0000
Subject: [PATCH] upgrade otplib to 12.0.1 #6912

Signed-off-by: si458 <simonsmith5521@gmail.com>
---
 docker/Dockerfile | 2 +-
 meshcentral.js    | 2 +-
 meshuser.js       | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/docker/Dockerfile b/docker/Dockerfile
index 20dee2ea..67b0e6ec 100644
--- a/docker/Dockerfile
+++ b/docker/Dockerfile
@@ -89,7 +89,7 @@ RUN cd meshcentral && npm install
 
 # NOTE: ALL MODULES MUST HAVE A VERSION NUMBER AND THE VERSION MUST MATCH THAT USED IN meshcentral.js mainStart()
 RUN if ! [ -z "$INCLUDE_MONGODBTOOLS" ]; then cd meshcentral && npm install mongodb@4.13.0 saslprep@1.0.3; fi
-RUN if ! [ -z "$PREINSTALL_LIBS" ] && [ "$PREINSTALL_LIBS" == "true" ]; then cd meshcentral && npm install ssh2@1.16.0 semver@7.5.4 nodemailer@6.9.15 image-size@1.1.1 wildleek@2.0.0 otplib@10.2.3 yubikeyotp@0.2.0; fi
+RUN if ! [ -z "$PREINSTALL_LIBS" ] && [ "$PREINSTALL_LIBS" == "true" ]; then cd meshcentral && npm install ssh2@1.16.0 semver@7.5.4 nodemailer@6.9.15 image-size@1.1.1 wildleek@2.0.0 otplib@12.0.1 yubikeyotp@0.2.0; fi
 
 EXPOSE 80 443 4433
 
diff --git a/meshcentral.js b/meshcentral.js
index b9a30b3b..b037457f 100644
--- a/meshcentral.js
+++ b/meshcentral.js
@@ -4299,7 +4299,7 @@ function mainStart() {
         if (config.settings.no2factorauth !== true) {
             // Setup YubiKey OTP if configured
             if (yubikey == true) { modules.push('yubikeyotp@0.2.0'); } // Add YubiKey OTP support
-            if (allsspi == false) { modules.push('otplib@10.2.3'); } // Google Authenticator support (v10 supports older NodeJS versions).
+            if (allsspi == false) { modules.push('otplib@12.0.1'); } // Google Authenticator support (v10 supports older NodeJS versions).
         }
 
         // Desktop multiplexor support
diff --git a/meshuser.js b/meshuser.js
index d6907144..eec5ba8d 100644
--- a/meshuser.js
+++ b/meshuser.js
@@ -3695,7 +3695,7 @@ module.exports.CreateMeshUser = function (parent, db, ws, req, args, domain, use
                         } else if (domain.dns == null && domain.id != '') {
                             domainName += "/" + domain.id;
                         }
-                        ws.send(JSON.stringify({ action: 'otpauth-request', secret: secret, url: otplib.authenticator.keyuri(encodeURIComponent(user.name), domainName, secret) }));
+                        ws.send(JSON.stringify({ action: 'otpauth-request', secret: secret, url: otplib.authenticator.keyuri(user.name, domainName, secret) }));
                     }
                     break;
                 }