Added TOTP, minor fixes

2017-05-03 18:05:35 +02:00
parent 2f0129539b
commit f1e4b4fb39
72 changed files with 6261 additions and 27 deletions
--- a/data/web/inc/tfa_modals.php
+++ b/data/web/inc/tfa_modals.php
@@ -1,3 +1,6 @@
+<?php
+if (isset($_SESSION['mailcow_cc_role']) && ($_SESSION['mailcow_cc_role'] == "admin" || $_SESSION['mailcow_cc_role'] == "domainadmin")):
+?>
 <div class="modal fade" id="YubiOTPModal" tabindex="-1" role="dialog" aria-labelledby="YubiOTPModalLabel">
  <div class="modal-dialog" role="document">
    <div class="modal-content">
@@ -57,6 +60,44 @@
  </div>
 </div>

+<div class="modal fade" id="TOTPModal" tabindex="-1" role="dialog" aria-labelledby="TOTPModalLabel">
+  <div class="modal-dialog" role="document">
+    <div class="modal-content">
+      <div class="modal-header"><b><?=$lang['tfa']['totp'];?></b></div>
+      <div class="modal-body">
+        <form role="form" method="post">
+          <div class="form-group">
+            <input type="text" class="form-control" name="key_id" id="key_id" placeholder="<?=$lang['tfa']['key_id_totp'];?>" autocomplete="off" required>
+          </div>
+          <div class="form-group">
+            <input type="password" class="form-control" name="confirm_password" id="confirm_password" placeholder="<?=$lang['user']['password_now'];?>" autocomplete="off" required>
+          </div>
+          <hr>
+          <?php
+          $totp_secret = $tfa->createSecret();
+          ?>
+          <input type="hidden" value="<?=$totp_secret;?>" name="totp_secret" id="totp_secret"/>
+          <input type="hidden" name="tfa_method" value="totp">
+          <ol>
+            <li>
+              <p><?=$lang['tfa']['scan_qr_code'];?></p>
+              <img src="<?=$tfa->getQRCodeImageAsDataUri($_SESSION['mailcow_cc_username'], $totp_secret);?>">
+              <p class="help-block"><?=$lang['tfa']['enter_qr_code'];?>:<br />
+              <code><?=$totp_secret;?></code>
+              </p>
+            </li>
+            <li>
+              <p><?=$lang['tfa']['confirm_totp_token'];?>:</p>
+              <p><input type="number" style="width:33%" class="form-control" name="totp_confirm_token" id="totp_confirm_token" autocomplete="off" required></p>
+              <p><button class="btn btn-default" type="submit" name="set_tfa"><?=$lang['tfa']['confirm'];?></button></p>
+            </li>
+          </ol>
+        </form>
+      </div>
+    </div>
+  </div>
+</div>
+
 <div class="modal fade" id="DisableTFAModal" tabindex="-1" role="dialog" aria-labelledby="DisableTFAModalLabel">
  <div class="modal-dialog" role="document">
    <div class="modal-content">
@@ -77,6 +118,7 @@
 </div>

 <?php
+endif;
 if (isset($_SESSION['pending_tfa_method'])):
  $tfa_method = $_SESSION['pending_tfa_method'];
 ?>
@@ -114,8 +156,17 @@ if (isset($_SESSION['pending_tfa_method'])):
        break;
        case "totp":
      ?>
-       <div class="empty"></div>
-      <?php
+        <form role="form" method="post">
+          <div class="form-group">
+            <div class="input-group">
+              <span class="input-group-addon" id="tfa-addon"><span class="glyphicon glyphicon-lock" aria-hidden="true"></span></span>
+              <input type="number" min="000000" max="999999" name="token" id="token" class="form-control" placeholder="123456" aria-describedby="tfa-addon">
+              <input type="hidden" name="tfa_method" value="totp">
+            </div>
+          </div>
+          <button class="btn btn-sm btn-default" type="submit" name="verify_tfa_login"><?=$lang['login']['login'];?></button>
+        </form>
+        <?php
        break;
        case "hotp":
      ?>