# Simple totp subrequest authentication

## Setup
- Run `new-secret.sh` to create a `.env` file with a random secret and a text file `secret.qr` with the corresponding qr-code for your TOTP mobile app.
- Adapt the sample configuration `vdi.example.com_location` and copy it to `vhost.d` of your [reverse-proxy](https://github.com/nginx-proxy/nginx-proxy)

## Credits:
  - Based on [newhouseb/nginxwebauthn](https://github.com/newhouseb/nginxwebauthn)

## References:
  - [NGINX: Authentication Based on Subrequest Result](https://docs.nginx.com/nginx/admin-guide/security-controls/configuring-subrequest-authentication/)