AS1024
/
itflow
mirror of https://github.com/itflow-org/itflow
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Add 2FA code for Login/Password sharing

This commit is contained in:
johnnyq 2023-09-19 18:21:57 -04:00
parent 6bccc61b4a
commit 3bd8842171
1 changed files with 40 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

40
guest_view_item.php
View File

@ -140,6 +140,7 @@ if ($item_type == "Document") {
exit();
}
$login_id = intval($login_row['login_id']);
$login_name = nullable_htmlentities($login_row['login_name']);
$login_uri = nullable_htmlentities($login_row['login_uri']);
@ -152,8 +153,19 @@ if ($item_type == "Document") {
$login_password = nullable_htmlentities(openssl_decrypt($password_ciphertext, 'aes-128-cbc', $encryption_key, 0, $password_iv));
$login_otp = nullable_htmlentities($login_row['login_otp_secret']);
$login_otp_secret = nullable_htmlentities($login_row['login_otp_secret']);
$login_id_with_secret = '"' . $login_row['login_id'] . '","' . $login_row['login_otp_secret'] . '"';
if (empty($login_otp_secret)) {
$otp_display = "-";
} else {
$otp_display = "<span onmouseenter='showOTP($login_id_with_secret)'><i class='far fa-clock'></i> <span id='otp_$login_id'><i>Hover..</i></span></span>";
}
$login_notes = nullable_htmlentities($login_row['login_note']);
?>
<h4><?php echo $login_name; ?></h4>
@ -170,8 +182,36 @@ if ($item_type == "Document") {
<th>Password</th>
<td><?php echo $login_password ?></td>
</tr>
<?php if(!empty($login_otp_secret)){ ?>
<tr>
<th>2FA (TOTP)</th>
<td><?php echo $otp_display ?></td>
</tr>
<?php } ?>
</table>
<script>
function showOTP(id, secret) {
//Send a GET request to ajax.php as ajax.php?get_totp_token=true&totp_secret=SECRET
jQuery.get(
"ajax.php",
{get_totp_token: 'true', totp_secret: secret},
function(data) {
//If we get a response from post.php, parse it as JSON
const token = JSON.parse(data);
document.getElementById("otp_" + id).innerText = token
}
);
}
function generatePassword() {
document.getElementById("password").value = "<?php echo randomString(); ?>"
}
</script>
<?php