tuend/DirectAdmin-1.62.4
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

z

Browse Source
This commit is contained in:
tuend-work
2025-11-13 07:41:56 +07:00
parent 7f357f3a30
commit 4478491d73
1729 changed files with 193578 additions and 20 deletions
Download Patch File Download Diff File Expand all files Collapse all files

130
update/data/skins/power_user/user/twostep_auth.html Normal file
View File

@@ -0,0 +1,130 @@
|?TREE=&raquo; <a class=tree href="/CMD_SECURITY_QUESTIONS">Two-Step Authentication</a>|
|HTM_HEADER|
|HTM_TAB_USER|
<b>Two-Step Authentication</b><br>
<br>To use this feature, download the Google Authenticator App for your phone (or equivalent), and scan in the QR code.<br>The App will show you a code, which you'll use to Login to DirectAdmin.<br>Scratch Codes are one-time use codes in case you don't have your phone, so keep them safe.<br>
|*if TWOSTEP_TRUSTED_DEVICE="yes"|
<form action='CMD_TWOSTEP_AUTH' method='POST'>
<br><b>This device is currently trusted.</b>
<input type=hidden name='action' value='untrust'>
<input type=submit value='Remove Trust' title='This simply clears the cookie and will ask for code upon your next login.'>
</form>
|*endif|
|?SQ_BOLD_OPEN=|
|?SQ_BOLD_CLOSE=|
|*if TWOSTEP_AUTH_CHECKED=""|
<br><b>This feature is not turned on.</b><br>
Create a new secret to begin.
|?SQ_BOLD_OPEN=<b>|
|?SQ_BOLD_CLOSE=</b>|
|*endif|
<br>
<table class='list table-highlight' cellpadding=3 cellspacing=1>
<form action='CMD_TWOSTEP_AUTH' method='POST'>
<input type='hidden' name="action" value="new_secret" />
<tr>
<td colspan=2 class=listtitle><b>Settings</b></td >
</tr>
<tr>
<td class=list>Secret</td>
<td class=list><span class=code_edit>|SPACED_SECRET|</span> &nbsp;&nbsp;&nbsp; <input type=submit value='New Secret'>
<br>
Note: Creating a new secret voids your current codes. Re-Scan the QR code and re-print your scratch codes.
</td>
</tr>
</form>
|*if QR_URL!=""|
<form onsubmit="check_twostep_auth_code(); return false;">
<tr>
<td class=list2>QR Code</td>
<td class=list2><img id='qr_url' src="|QR_URL|">
<div style='display: inline-block; vertical-align: top;'>
Scan this code into your phone.
<br>
<br>
<script type="text/javascript">
<!--
var original_qr_url = "|QR_URL|";
function check_twostep_auth_code()
{
if (document.getElementById('code').value == "")
{
document.getElementById('code_test_result').innerHTML = 'Empty Code';
return;
}
document.getElementById('code_test_result').innerHTML = '';
var formData = new FormData();
formData.append('action', 'test');
formData.append('code', document.getElementById('code').value);
var xhr = new XMLHttpRequest();
xhr.open('POST', 'CMD_TWOSTEP_AUTH', true);
xhr.onload = function () {
if (xhr.status === 200) {
console.log('Code test result: ' + xhr.responseText);
document.getElementById('code_test_result').innerHTML = xhr.responseText;
} else {
alert('An error occurred! ' + xhr.responseText);
console.log('An error occurred: ' + xhr.responseText);
}
};
xhr.send(formData);
}
//-->
</script>
Before logging out, test your phone's code:<br>
<input id=code name=code placeholder='6 digit code' maxlength=8 onchange="this.value=this.value.replace(/\s+/g, '');"> <input type=submit value='Test code'><br>
<span id=code_test_result></span>
</div>
</td>
</tr>
</form>
|*endif|
<form action='CMD_TWOSTEP_AUTH' method='POST'>
<input type='hidden' name="action" value="settings" />
<input type='hidden' name="version" value="1" />
<tr title='This describes your code. Shown in your phone.'>
<td class=list>Description</td>
<td class=list><input type=text name="twostep_auth_description" value='|KEY_NAME|' size=40></td>
</tr>
<tr>
<td class=list2 align=center><input type=checkbox name="twostep_auth" value="yes" |TWOSTEP_AUTH_CHECKED| |TWOSTEP_AUTH_DISABLED|></td>
<td class=list2>|SQ_BOLD_OPEN|Require valid Two-Step Authentication Code to login to this account.|SQ_BOLD_CLOSE|</td>
</tr>
<tr>
<td class=list align=center><input type=checkbox name="api_with_password" value="yes" |SECURITY_QUESTIONS_ON_API_CHECKED|></td>
<td class=list>Allow API logins with the current User/password. Login Keys and Session Keys are always allowed.</td>
</tr>
<tr>
<td class=list2 align=center><input type=checkbox name="notify_on_all_twostep_auth_failures" value="yes" |NOTIFY_ON_ALL_FAILURES_CHECKED|></td>
<td class=list2>Notify me on all incorrect codes entries. Disabling this option will still notify you after |MAX_ATTEMPTS| failed attempts.</td>
</tr>
<tr>
<td colspan=2 class=listtitle align=right><input type=submit name=save value="Save"></td>
</tr>
</form>
</table>
<br>
|SCRATCH_CODES|
<br>
|HTM_FOOTER|