jepler/textual-totp
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
No description
19 commits 5 branches 9 tags 284 KiB
Python 98.5%
Makefile 1.5%
Find a file
Jeff Epler 52626cb84c
Add workflows
2023-12-06 12:19:50 -06:00
.github/workflows Add workflows 2023-12-06 12:19:50 -06:00
LICENSES Add workflows 2023-12-06 12:19:50 -06:00
src/ttotp set update interval smaller 2023-12-04 21:23:14 -06:00
.gitignore Make it installable 2023-12-04 09:06:29 -06:00
.pre-commit-config.yaml License as MIT 2023-12-04 08:36:42 -06:00
Makefile Make it installable 2023-12-04 09:06:29 -06:00
pyproject.toml Make it installable 2023-12-04 09:06:29 -06:00
README.md Refine the README 2023-12-04 19:32:26 -06:00
requirements.txt fix linter messages 2023-12-04 19:10:06 -06:00

README.md

textual-totp: TOTP (authenticator) application using Python & Textual

Installation

Right now you have to pick this up from github, it's not yet on pypi: pipx install https://github.com/jepler/textual-totp@main

Configuration

Configuration is in the form of a TOML file inside the user's standard configuration directory. On Linux, this is ~/.config/ttotp/settings.toml.

At startup, ttotp invokes a program that prints out TOTP URIs, one per line. The author recommends storing your TOTPs in pass, the standard unix password manager. In this case, you would configure with a command like

otp-command = ['pass', 'show', 'totp-tokens']

If you hate security, you can use an insecure command like cat, or just test things with echo:

otp-command = "echo 'otpauth://totp/example?algorithm=SHA1&digits=6&secret=IHACDTJ2TFCSLUJLMSHYDBD74FS7OY5B'"

If the command is a string, it is interpreted with the shell; otherwise, the list of arguments is used directly.

Using textual-totp

The command to start textual-totp is ttotp. It has several options which can be shown with ttotp --help.

ttotp will first invoke the otp-command to get the list of TOTPs. This may require interaction (for instance, the pass command may need to request your GPG key passphrase)

Once the otp-command finishes, ttotp will show each available TOTP. Each code will show as ****** until it is revealed.

Navigate up/down in several ways:

  • up and down keys
  • tab and shift-tab keys
  • "j" and "k" (vi keys)

To reveal a code, move to the desired line and press "s". When the code expires, it will be replaced with ****** again.

Copy a code directly to the operating system's clipboard by pressing "c". The code will be cleared from the clipboard after 30 seconds. Your Operating System may report that ttotp "pasted from the clipboard". This is because ttotp tries to only clear values that it set, by checking that the current clipboard value is equal to the value it pasted earlier.

Exit the app with Ctrl+C.

In-memory storage of TOTPs

As long as ttotp is open, the TOTP secret values are stored in memory in plain text.

ttotp never writes secret values to operating system files or stores them in environment variables. (but your otp-command might! check any related documentation carefully)