Adjust RFC6283 getTokenCode to only show one token at a time.

Remove the tokens from client_logins.php and replace with a mouseover/hover to show mechanism using ajax.php
2026-02-28 19:04:52 +00:00 · 2022-04-24 13:48:27 +01:00
parent dcd772c5f6
commit fda40055f8
3 changed files with 39 additions and 14 deletions
--- a/ajax.php
+++ b/ajax.php
@@ -9,6 +9,7 @@
 include("config.php");
 include("functions.php");
 include("check_login.php");
+require_once("rfc6238.php");

 /*
 * Fetches SSL certificates from remote hosts & returns the relevant info (issuer, expiry, public key)
@@ -304,4 +305,14 @@ if(isset($_GET['scheduled_ticket_get_json_details'])){

  echo json_encode($response);

+}
+
+/*
+ * Dynamic TOTP for client login page
+ * When provided with a TOTP secret, returns a 6-digit code
+ */
+if(isset($_GET['get_totp_token'])){
+  $otp = TokenAuth6238::getTokenCode($_GET['totp_secret']);
+
+  echo json_encode($otp);
 }