You cannot select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
43 lines
1.9 KiB
PHTML
43 lines
1.9 KiB
PHTML
7 years ago
|
<?php
|
||
|
|
||
|
dieifnotloggedin();
|
||
|
|
||
|
use OTPHP\Factory;
|
||
|
use Endroid\QrCode\QrCode;
|
||
|
|
||
|
// extra login utils
|
||
|
require_once __DIR__ . "/../lib/login.php";
|
||
|
|
||
|
$APPS["setup_2fa"]["title"] = lang("setup 2fa", false);
|
||
|
$APPS["setup_2fa"]["icon"] = "lock";
|
||
|
if (userHasTOTP($_SESSION['username'])) {
|
||
|
$APPS["setup_2fa"]["content"] = '<div class="alert alert-info"><i class="fa fa-info-circle"></i> ' . lang("2fa active", false) . '</div>'
|
||
|
. '<a href="action.php?action=rm2fa&source=security" class="btn btn-warning btn-sm btn-block">'
|
||
|
. lang("remove 2fa", false) . '</a>';
|
||
|
} else if ($_GET['2fa'] == "generate") {
|
||
|
$codeuri = newTOTP($_SESSION['username']);
|
||
|
$qrCode = new QrCode($codeuri);
|
||
|
$qrCode->setSize(200);
|
||
|
$qrCode->setErrorCorrection("H");
|
||
|
$qrcode = $qrCode->getDataUri();
|
||
|
$totp = Factory::loadFromProvisioningUri($codeuri);
|
||
|
$codesecret = $totp->getSecret();
|
||
|
$chunk_secret = trim(chunk_split($codesecret, 8, ' '));
|
||
|
$APPS["setup_2fa"]["content"] = '<div class="alert alert-info"><i class="fa fa-info-circle"></i> ' . lang("scan 2fa qrcode", false) . '</div>' . <<<END
|
||
|
<img src="$qrcode" class="img-responsive qrcode" />
|
||
|
<div class="well well-sm" style="text-align: center; font-size: 110%; font-family: monospace;">$chunk_secret</div>
|
||
|
<form action="action.php" method="POST">
|
||
|
<input type="hidden" name="action" value="add2fa" />
|
||
|
<input type="hidden" name="source" value="security" />
|
||
|
<input type="hidden" name="secret" value="$codesecret" />
|
||
|
<button type="submit" class="btn btn-success btn-sm btn-block">
|
||
|
END
|
||
|
. lang("confirm 2fa", false) . <<<END
|
||
|
</button>
|
||
|
</form>
|
||
|
END;
|
||
|
} else {
|
||
|
$APPS["setup_2fa"]["content"] = '<div class="alert alert-info"><i class="fa fa-info-circle"></i> ' . lang("2fa explained", false) . '</div>'
|
||
|
. '<a class="btn btn-success btn-sm btn-block" href="home.php?page=security&2fa=generate">'
|
||
|
. lang("enable 2fa", false) . '</a>';
|
||
|
}
|