ThaMunsta/itflow
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add 2FA code for Login/Password sharing

Browse Source
This commit is contained in:
johnnyq
2023-09-19 18:21:57 -04:00
parent 6bccc61b4a
commit 3bd8842171
1 changed files with 40 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
guest_view_item.php
+40
View File
@@ -140,6 +140,7 @@ if ($item_type == "Document") {
exit(); exit();
} }
$login_id = intval($login_row['login_id']);
$login_name = nullable_htmlentities($login_row['login_name']); $login_name = nullable_htmlentities($login_row['login_name']);
$login_uri = nullable_htmlentities($login_row['login_uri']); $login_uri = nullable_htmlentities($login_row['login_uri']);
@@ -152,8 +153,19 @@ if ($item_type == "Document") {
$login_password = nullable_htmlentities(openssl_decrypt($password_ciphertext, 'aes-128-cbc', $encryption_key, 0, $password_iv)); $login_password = nullable_htmlentities(openssl_decrypt($password_ciphertext, 'aes-128-cbc', $encryption_key, 0, $password_iv));
$login_otp = nullable_htmlentities($login_row['login_otp_secret']); $login_otp = nullable_htmlentities($login_row['login_otp_secret']);
$login_otp_secret = nullable_htmlentities($login_row['login_otp_secret']);
$login_id_with_secret = '"' . $login_row['login_id'] . '","' . $login_row['login_otp_secret'] . '"';
if (empty($login_otp_secret)) {
$otp_display = "-";
} else {
$otp_display = "<span onmouseenter='showOTP($login_id_with_secret)'><i class='far fa-clock'></i> <span id='otp_$login_id'><i>Hover..</i></span></span>";
}
$login_notes = nullable_htmlentities($login_row['login_note']); $login_notes = nullable_htmlentities($login_row['login_note']);
?> ?>
<h4><?php echo $login_name; ?></h4> <h4><?php echo $login_name; ?></h4>
@@ -170,8 +182,36 @@ if ($item_type == "Document") {
<th>Password</th> <th>Password</th>
<td><?php echo $login_password ?></td> <td><?php echo $login_password ?></td>
</tr> </tr>
<?php if(!empty($login_otp_secret)){ ?>
<tr>
<th>2FA (TOTP)</th>
<td><?php echo $otp_display ?></td>
</tr>
<?php } ?>
</table> </table>
<script>
function showOTP(id, secret) {
//Send a GET request to ajax.php as ajax.php?get_totp_token=true&totp_secret=SECRET
jQuery.get(
"ajax.php",
{get_totp_token: 'true', totp_secret: secret},
function(data) {
//If we get a response from post.php, parse it as JSON
const token = JSON.parse(data);
document.getElementById("otp_" + id).innerText = token
}
);
}
function generatePassword() {
document.getElementById("password").value = "<?php echo randomString(); ?>"
}
</script>
<?php <?php