mirror of https://github.com/itflow-org/itflow
Updated 2FA UI
This commit is contained in:
root
parent
e247ad4ee4
commit
b65739bfc3
17
login.php
17
login.php
|
|
@ -15,15 +15,14 @@ if(isset($_POST['login'])){
|
|||
if(mysqli_num_rows($sql) == 1){
|
||||
$row = mysqli_fetch_array($sql);
|
||||
$token = $row['token'];
|
||||
$_SESSION['user_id'] = $row['user_id'];
|
||||
$_SESSION['name'] = $row['name'];
|
||||
$_SESSION['client_id'] = $row['client_id'];
|
||||
$client_id = $row['client_id'];
|
||||
|
||||
if(empty($token)){
|
||||
$_SESSION['logged'] = TRUE;
|
||||
$_SESSION['user_id'] = $row['user_id'];
|
||||
$_SESSION['name'] = $row['name'];
|
||||
$_SESSION['client_id'] = $row['client_id'];
|
||||
$client_id = $row['client_id'];
|
||||
|
||||
|
||||
|
||||
if($client_id > 0){
|
||||
header("Location: client.php?client_id=$client_id");
|
||||
}else{
|
||||
|
|
@ -35,10 +34,6 @@ if(isset($_POST['login'])){
|
|||
|
||||
if(TokenAuth6238::verify($token,$current_code)){
|
||||
$_SESSION['logged'] = TRUE;
|
||||
$_SESSION['user_id'] = $row['user_id'];
|
||||
$_SESSION['name'] = $row['name'];
|
||||
$_SESSION['client_id'] = $row['client_id'];
|
||||
$client_id = $row['client_id'];
|
||||
header("Location: $config_start_page");
|
||||
}else{
|
||||
$response = "
|
||||
|
|
@ -108,7 +103,7 @@ if(isset($_POST['login'])){
|
|||
<div class="form-group">
|
||||
<div class="form-label-group">
|
||||
<input type="text" id="inputToken" name="current_code" class="form-control" placeholder="2FA Token if applicable">
|
||||
<label for="inputToken">Token</label>
|
||||
<label for="inputToken">2FA Token</label>
|
||||
</div>
|
||||
</div>
|
||||
<button class="btn btn-primary btn-block" type="submit" name="login">Login</button>
|
||||
|
|
|
|||
14
post.php
14
post.php
|
|
@ -115,13 +115,23 @@ if(isset($_POST['edit_invoice_settings'])){
|
|||
|
||||
}
|
||||
|
||||
if(isset($_POST['settings_2fa'])){
|
||||
if(isset($_POST['enable_2fa'])){
|
||||
|
||||
$token = mysqli_real_escape_string($mysqli,$_POST['token']);
|
||||
|
||||
mysqli_query($mysqli,"UPDATE users SET token = '$token' WHERE user_id = $session_user_id");
|
||||
|
||||
$_SESSION['alert_message'] = "Updated User Token";
|
||||
$_SESSION['alert_message'] = "2FA Enabled and Token Updated";
|
||||
|
||||
header("Location: " . $_SERVER["HTTP_REFERER"]);
|
||||
|
||||
}
|
||||
|
||||
if(isset($_POST['disable_2fa'])){
|
||||
|
||||
mysqli_query($mysqli,"UPDATE users SET token = '' WHERE user_id = $session_user_id");
|
||||
|
||||
$_SESSION['alert_message'] = "2FA Disabled you can now login without an additional code";
|
||||
|
||||
header("Location: " . $_SERVER["HTTP_REFERER"]);
|
||||
|
||||
|
|
|
|||
|
|
@ -6,15 +6,10 @@
|
|||
|
||||
<div class="card mb-3">
|
||||
<div class="card-header">
|
||||
<h6 class="float-left mt-1"><i class="fa fa-fw fa-cog mr-2"></i>User Settings</h6>
|
||||
<h6 class="float-left mt-1"><i class="fa fa-fw fa-lock mr-2"></i>Two Factor Authentication</h6>
|
||||
</div>
|
||||
<div class="card-body">
|
||||
<form class="p-3" action="post.php" method="post" autocomplete="off">
|
||||
<input type="hidden" name="secretkey" value="<?php echo $secret_key; ?>">
|
||||
<div class="custom-control custom-switch mb-2">
|
||||
<input type="checkbox" class="custom-control-input" name="en2fa" <?php if($en2fa == 1){ echo "checked"; } ?> value="1" id="customSwitch1">
|
||||
<label class="custom-control-label" for="customSwitch1">Enable Two Factor Authentication</label>
|
||||
</div>
|
||||
|
||||
<?php
|
||||
|
||||
|
|
@ -23,22 +18,29 @@
|
|||
//Generate a base32 Key
|
||||
$secretkey = key32gen();
|
||||
|
||||
//Generate QR Code based off the generated key
|
||||
print sprintf('<img src="%s"/>',TokenAuth6238::getBarCodeUrl('','',$secretkey,'PittPC-CRM'));
|
||||
if(!empty($session_token)){
|
||||
//Generate QR Code based off the generated key
|
||||
print sprintf('<img src="%s"/>',TokenAuth6238::getBarCodeUrl('','',$session_token,'PittPC-CRM'));
|
||||
}
|
||||
|
||||
?>
|
||||
|
||||
<input type="hidden" name="token" value="<?php echo $secretkey; ?>">
|
||||
|
||||
<hr>
|
||||
<button type="submit" name="settings_2fa" class="btn btn-primary">Enable</button>
|
||||
|
||||
<?php if(empty($session_token)){ ?>
|
||||
<button type="submit" name="enable_2fa" class="btn btn-primary">Enable 2FA</button>
|
||||
<?php }else{ ?>
|
||||
<button type="submit" name="disable_2fa" class="btn btn-danger">Disable 2FA</button>
|
||||
<?php } ?>
|
||||
|
||||
</form>
|
||||
|
||||
<hr>
|
||||
|
||||
<?php if(!empty($session_token)){ ?>
|
||||
<form class="p-3" action="post.php" method="post" autocomplete="off">
|
||||
<div class="form-group">
|
||||
<label>Enter Code</label>
|
||||
<label>Verify 2FA is Working</label>
|
||||
<div class="input-group">
|
||||
<div class="input-group-prepend">
|
||||
<span class="input-group-text"><i class="fa fa-fw fa-key"></i></span>
|
||||
|
|
@ -48,10 +50,8 @@
|
|||
</div>
|
||||
<hr>
|
||||
<button type="submit" name="verify" class="btn btn-primary">Verify</button>
|
||||
|
||||
</form>
|
||||
|
||||
|
||||
<?php } ?>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
|
|
|
|||
Loading…
Reference in New Issue