<!-- include start from auth-local-users.xml.i -->
<node name="local-users">
  <properties>
    <help>Local user authentication</help>
  </properties>
  <children>
    <tagNode name="username">
      <properties>
        <help>Username used for authentication</help>
        <valueHelp>
          <format>txt</format>
          <description>Username used for authentication</description>
        </valueHelp>
      </properties>
      <children>
        #include <include/generic-disable-node.xml.i>
        <leafNode name="password">
          <properties>
            <help>Password used for authentication</help>
          </properties>
        </leafNode>
        <node name="otp">
          <properties>
            <help>2FA OTP authentication parameters</help>
          </properties>
          <children>
            <leafNode name="key">
              <properties>
                <help>Token Key Secret key for the token algorithm (see RFC 4226)</help>
                <valueHelp>
                  <format>txt</format>
                  <description>OTP key in hex-encoded format</description>
                </valueHelp>
                <constraint>
                  <regex>[a-fA-F0-9]{20,10000}</regex>
                </constraint>
                <constraintErrorMessage>Key name must in hex be alphanumerical only (min. 20 hex characters)</constraintErrorMessage>
              </properties>
            </leafNode>
            <leafNode name="otp-length">
              <properties>
                <help>Optional. Number of digits in OTP code (default: 6)</help>
                <valueHelp>
                  <format>u32:6-8</format>
                  <description>Number of digits in OTP code (default: 6)</description>
                </valueHelp>
                <constraint>
                  <validator name="numeric" argument="--range 6-8"/>
                </constraint>
                <constraintErrorMessage>Number of digits in OTP code must be between 6 and 8</constraintErrorMessage>
              </properties>
            </leafNode>
            <leafNode name="interval">
              <properties>
                <help>Optional. Time tokens interval in seconds (for time tokens) (default: 30)</help>
                <valueHelp>
                  <format>u32:5-86400</format>
                  <description>Time tokens interval in seconds (for time tokens). (default: 30)</description>
                </valueHelp>
                <constraint>
                  <validator name="numeric" argument="--range 5-86400"/>
                </constraint>
                <constraintErrorMessage>Time token interval must be between 5 and 86400 seconds</constraintErrorMessage>
              </properties>
            </leafNode>
            <leafNode name="token-type">
              <properties>
                <help>Optional. Token type (default: hotp-time)</help>
                <valueHelp>
                  <format>hotp-time</format>
                  <description>time-based OTP algorithm</description>
                </valueHelp>
                <valueHelp>
                  <format>hotp-event</format>
                  <description>event-based OTP algorithm</description>
                </valueHelp>
                <constraint>
                  <regex>(hotp-time|hotp-event)</regex>
                </constraint>
                <completionHelp>
                  <list>hotp-time hotp-event</list>
                </completionHelp>
              </properties>
            </leafNode>
          </children>
        </node>
      </children>
    </tagNode>
  </children>
</node>
<!-- include end -->