Completed 2 step login support.

2025-03-09 15:40:18 +00:00 · 2019-01-15 18:21:03 -08:00 · 2019-01-15 18:21:03 -08:00 · ff173b8788
commit ff173b8788
parent faa3df958f
5 changed files with 143 additions and 52 deletions
--- a/views/default.handlebars
+++ b/views/default.handlebars
@ -1121,10 +1121,8 @@
                    updateSiteAdmin();
                    QV('verifyEmailId', (userinfo.emailVerified !== true) && (userinfo.email != null) && (serverinfo.emailcheck == true));
                    QV('verifyEmailId2', (userinfo.emailVerified !== true) && (userinfo.email != null) && (serverinfo.emailcheck == true));
-                    if ((features & 4096) != 0) {
-                        QV('otpAuth', (userinfo.otpsecret != 1));
-                        QV('otpAuthRemove', (userinfo.otpsecret == 1));
-                    }
+                    QV('otpAuth', ((features & 4096) != 0) && (userinfo.otpsecret != 1));
+                    QV('otpAuthRemove', ((features & 4096) != 0) && (userinfo.otpsecret == 1));
                    break;
                }
                case 'users': {
@ -1315,7 +1313,10 @@
                }
                case 'otpauth-request': {
                    if ((xxdialogMode == 2) && (xxdialogTag == 'otpauth-request')) {
-                        QH('d2optinfo', '<table style=width:380px><tr><td style=vertical-align:top>Install <a href=\"https://play.google.com/store/apps/details?id=com.google.android.apps.authenticator2\" rel=\"noreferrer noopener\" target=_blank>Google Authenticator</a> or a compatible application and scan the barcode, use <a href=\"' + message.url + '\" rel=\"noreferrer noopener\" target=_blank> this link</a> or enter the secret. Then, enter the current 6 digit token below to activate 2-Step login.<br /><br />Secret<br /><tt id=d2optsecret style=font-size:12px>' + message.secret + '</tt><br /><br /></td><td style=width:1px;vertical-align:top><a href=\"' + message.url + '\" rel=\"noreferrer noopener\" target=_blank><div id="qrcode"></div></a></td><tr><td colspan=2 style="text-align:center;border-top:1px solid black"><br />Enter the token here for 2-step login: <input type=text onkeypress=\"return (event.keyCode == 8) || (event.charCode >= 48 && event.charCode <= 57)\" onkeyup=account_addOtpCheck() onkeydown=account_addOtpCheck() maxlength=6 id=d2otpauthinput type="text"></td></table>');
+                        var secret = message.secret;
+                        if (secret.length == 52) { secret = secret.split(/(.............)/).filter(Boolean).join(' '); }
+                        else if (secret.length == 32) { secret = secret.split(/(....)/).filter(Boolean).join(' '); secret = secret.substring(0, 20) + '<br/>' + secret.substring(20) }
+                        QH('d2optinfo', '<table style=width:380px><tr><td style=vertical-align:top>Install <a href=\"https://play.google.com/store/apps/details?id=com.google.android.apps.authenticator2\" rel=\"noreferrer noopener\" target=_blank>Google Authenticator</a> or a compatible application and scan the barcode, use <a href=\"' + message.url + '\" rel=\"noreferrer noopener\" target=_blank> this link</a> or enter the secret. Then, enter the current 6 digit token below to activate 2-Step login.<br /><br />Secret<br /><tt id=d2optsecret secret=\"' + message.secret + '\" style=font-size:12px>' + secret + '</tt><br /><br /></td><td style=width:1px;vertical-align:top><a href=\"' + message.url + '\" rel=\"noreferrer noopener\" target=_blank><div id="qrcode"></div></a></td><tr><td colspan=2 style="text-align:center;border-top:1px solid black"><br />Enter the token here for 2-step login: <input type=text onkeypress=\"return (event.keyCode == 8) || (event.charCode >= 48 && event.charCode <= 57)\" onkeyup=account_addOtpCheck(event) onkeydown=account_addOtpCheck() maxlength=6 id=d2otpauthinput type=text></td></table>');
                        new QRCode(Q("qrcode"), { text: message.url, width: 128, height: 128, colorDark: "#000000", colorLight: "#EEE", correctLevel: QRCode.CorrectLevel.H });
                        QV('idx_dlgOkButton', true);
                        QE('idx_dlgOkButton', false);
@ -5056,12 +5057,14 @@

        function account_addOtp() {
            if (xxdialogMode || (userinfo.otpsecret == 1) || ((features & 4096) == 0)) return;
-            setDialogMode(2, "Add 2-Step Login", 2, function () { meshserver.send({ action: 'otpauth-setup', secret: Q('d2optsecret').innerHTML, token: Q('d2otpauthinput').value }); }, "<div id=d2optinfo>Loading...</div>", 'otpauth-request');
+            setDialogMode(2, "Add 2-Step Login", 2, function () { meshserver.send({ action: 'otpauth-setup', secret: Q('d2optsecret').attributes.secret.value, token: Q('d2otpauthinput').value }); }, "<div id=d2optinfo>Loading...</div>", 'otpauth-request');
            meshserver.send({ action: 'otpauth-request' });
        }

-        function account_addOtpCheck() {
-            QE('idx_dlgOkButton', Q('d2otpauthinput').value.length == 6);
+        function account_addOtpCheck(e) {
+            const v = (Q('d2otpauthinput').value.length == 6);
+            QE('idx_dlgOkButton', v);
+            if (e && (e.keyCode == 13) && v) { dialogclose(1); }
        }

        function account_removeOtp() {
--- a/views/login-mobile.handlebars
+++ b/views/login-mobile.handlebars
@ -117,7 +117,7 @@
                                    </form>
                                </div>
                            </div>
-                            <div id=resetpanel style="background-color: #979797;border-radius:16px;width:260px;padding:16px;text-align:center;display:none;clear:both">
+                            <div id=resetpanel style="background-color:#979797;border-radius:16px;width:260px;padding:16px;text-align:center;display:none;clear:both">
                                <form action=resetaccount method=post>
                                    <div id=message3>
                                        {{{message}}}
@ -140,6 +140,25 @@
                                    <hr /><a onclick=xgo(1) style=cursor:pointer>Back to login</a>
                                </form>
                            </div>
+                            <div id=tokenpanel style="background-color:#979797;border-radius:16px;width:260px;padding:16px;text-align:center;display:none;clear:both">
+                                <form action=tokenlogin method=post autocomplete=off>
+                                    <div id=message4>
+                                        {{{message}}}
+                                    </div>
+                                    <table>
+                                        <tr>
+                                            <td align=right width=100>Login token:</td>
+                                            <td><input id=tokenInput type=text name=token maxlength=6 onkeypress="return (event.keyCode == 8) || (event.keyCode == 13) || (event.charCode >= 48 && event.charCode <= 57)" onkeyup=checkToken(event) onkeydown=checkToken(event) /></td>
+                                        </tr>
+                                        <tr>
+                                            <td colspan=2>
+                                                <div style=float:right><input id=tokenOkButton type=submit value="Login" disabled="disabled" /></div>
+                                            </td>
+                                        </tr>
+                                    </table>
+                                    <hr /><a onclick=xgo(1) style=cursor:pointer>Back to login</a>
+                                </form>
+                            </div>
                        </td>
                    </tr>
                </table>
@ -218,9 +237,11 @@
            QV('loginpanel', x == 1);
            QV('createpanel', x == 2);
            QV('resetpanel', x == 3);
+            QV('tokenpanel', x == 4);
            if (x == 1) { Q('username').focus(); }
            if (x == 2) { Q('ausername').focus(); }
            if (x == 3) { Q('remail').focus(); }
+            if (x == 4) { Q('tokenInput').focus(); }
        }

        function validateLogin(box, e) {
@ -307,6 +328,8 @@
            return true;
        }

+        function checkToken() { QE('tokenOkButton', Q('tokenInput').value.length == 6); }
+
        //
        // POPUP DIALOG
        //
--- a/views/login.handlebars
+++ b/views/login.handlebars
@ -213,6 +213,25 @@
                                    <hr /><a onclick=xgo(1) style=cursor:pointer>Back to login</a>
                                </form>
                            </div>
+                            <div id=tokenpanel style="background-color: #979797;border-radius:16px;width:300px;padding:16px;text-align:center;display:none">
+                                <form action=tokenlogin method=post autocomplete=off>
+                                    <div id=message4>
+                                        {{{message}}}
+                                    </div>
+                                    <table>
+                                        <tr>
+                                            <td align=right width=100>Login token:</td>
+                                            <td><input id=tokenInput type=text name=token maxlength=6 onkeypress="return (event.keyCode == 8) || (event.keyCode == 13) || (event.charCode >= 48 && event.charCode <= 57)" onkeyup=checkToken(event) onkeydown=checkToken(event) /></td>
+                                        </tr>
+                                        <tr>
+                                            <td colspan=2>
+                                                <div style=float:right><input id=tokenOkButton type=submit value="Login" disabled="disabled" /></div>
+                                            </td>
+                                        </tr>
+                                    </table>
+                                    <hr /><a onclick=xgo(1) style=cursor:pointer>Back to login</a>
+                                </form>
+                            </div>
                        </td>
                    </tr>
                </table>
@ -301,9 +320,11 @@
            QV('loginpanel', x == 1);
            QV('createpanel', x == 2);
            QV('resetpanel', x == 3);
+            QV('tokenpanel', x == 4);
            if (x == 1) { Q('username').focus(); }
            if (x == 2) { Q('ausername').focus(); }
            if (x == 3) { Q('remail').focus(); }
+            if (x == 4) { Q('tokenInput').focus(); }
        }

        function validateLogin(box, e) {
@ -402,6 +423,8 @@
            return true;
        }
        
+        function checkToken() { QE('tokenOkButton', Q('tokenInput').value.length == 6); }
+
        //
        // POPUP DIALOG
        //