3.62.2. VerifyHook Previous topic Parent topic Child topic Next topic

VerifyHook is a fragment of Perl code that is expected to validate a OTP and return 1 on success. You will need to specify your own VerifyHook if you require an external program to verify the correct OTP.
VerifyHook is passed the following arguments:
  • Reference to the current AuthBy module object
  • User name
  • Submitted OTP password in plaintext
  • Current RADIUS request packet
  • Same user context that was passed to ChallengeHook for this user when the challenge was generated. $context->{otp_password} will generally contain the correct plaintext password for this user.
The default VerifyHook compares the submitted password to $context->{otp_password}.
This example VerifyHook only accepts the password ‘xyzzy’:
VerifyHook sub {my ($self,$user,$submitted_pw,$p,$context)=@_;\
return $context->{otp_password} eq 'xyzzy';}