mirror of
https://github.com/Ylianst/MeshCentral.git
synced 2025-11-07 12:52:54 -05:00
Added support for 2FA messaging (#4650)
This commit is contained in:
Ylian Saint-Hilaire
@@ -217,6 +217,7 @@
|
||||
<div>
|
||||
<img id=securityKeyButton src="images/login/2fa-key-48.png" srcset="images/login/2fa-key-96.png 2x" title="Use Security Key" loading="lazy" width="48" height="48" style="display:none;margin-left:3px;margin-right:3px;border-radius:3px;box-shadow:2px 2px 5px black;cursor:pointer;background-color:#FFF" onclick="useSecurityKey(1)" />
|
||||
<img id=smsKeyButton src="images/login/2fa-sms-48.png" srcset="images/login/2fa-sms-96.png 2x" title="SMS" loading="lazy" width="48" height="48" style="display:none;margin-left:3px;margin-right:3px;border-radius:3px;box-shadow:2px 2px 5px black;cursor:pointer;background-color:#FFF" onclick="useSMSToken(1)" />
|
||||
<img id=msgKeyButton src="images/login/2fa-messaging-48.png" srcset="images/login/2fa-messaging-96.png 2x" title="Messaging" loading="lazy" width="48" height="48" style="display:none;margin-left:3px;margin-right:3px;border-radius:3px;box-shadow:2px 2px 5px black;cursor:pointer;background-color:#FFF" onclick="useMsgToken(1)" />
|
||||
<img id=emailKeyButton src="images/login/2fa-mail-48.png" srcset="images/login/2fa-mail-96.png 2x" title="Email" loading="lazy" width="48" height="48" style="display:none;margin-left:3px;margin-right:3px;border-radius:3px;box-shadow:2px 2px 5px black;cursor:pointer;background-color:#FFF" onclick="useEmailToken(1)" />
|
||||
<img id=pushKeyButton src="images/login/2fa-push-48.png" srcset="images/login/2fa-push-96.png 2x" title="Device Authentication" loading="lazy" width="48" height="48" style="display:none;margin-left:3px;margin-right:3px;border-radius:3px;box-shadow:2px 2px 5px black;cursor:pointer;background-color:#FFF" onclick="usePushToken(1)" />
|
||||
</div>
|
||||
@@ -251,6 +252,7 @@
|
||||
<div>
|
||||
<img id=securityKeyButton2 src="images/login/2fa-key-48.png" srcset="images/login/2fa-key-96.png 2x" title="Use Security Key" loading="lazy" width="48" height="48" style="display:none;margin-left:3px;margin-right:3px;border-radius:3px;box-shadow:2px 2px 5px black;cursor:pointer;background-color:#FFF" onclick="useSecurityKey(2)" />
|
||||
<img id=smsKeyButton2 src="images/login/2fa-sms-48.png" srcset="images/login/2fa-sms-96.png 2x" title="SMS" loading="lazy" width="48" height="48" style="display:none;margin-left:3px;margin-right:3px;border-radius:3px;box-shadow:2px 2px 5px black;cursor:pointer;background-color:#FFF" onclick="useSMSToken(2)" />
|
||||
<img id=msgKeyButton2 src="images/login/2fa-msg-48.png" srcset="images/login/2fa-msg-96.png 2x" title="SMS" loading="lazy" width="48" height="48" style="display:none;margin-left:3px;margin-right:3px;border-radius:3px;box-shadow:2px 2px 5px black;cursor:pointer;background-color:#FFF" onclick="useMsgToken(2)" />
|
||||
<img id=emailKeyButton2 src="images/login/2fa-mail-48.png" srcset="images/login/2fa-mail-96.png 2x" title="Email" loading="lazy" width="48" height="48" style="display:none;margin-left:3px;margin-right:3px;border-radius:3px;box-shadow:2px 2px 5px black;cursor:pointer;background-color:#FFF" onclick="useEmailToken(2)" />
|
||||
<img id=pushKeyButton2 src="images/login/2fa-push-48.png" srcset="images/login/2fa-push-96.png 2x" title="Device Authentication" loading="lazy" width="48" height="48" style="display:none;margin-left:3px;margin-right:3px;border-radius:3px;box-shadow:2px 2px 5px black;cursor:pointer;background-color:#FFF" onclick="usePushToken(2)" />
|
||||
</div>
|
||||
@@ -389,6 +391,7 @@
|
||||
var publicKeyCredentialRequestOptions = null;
|
||||
var otpemail = (decodeURIComponent('{{{otpemail}}}') === 'true');
|
||||
var otpsms = (decodeURIComponent('{{{otpsms}}}') === 'true');
|
||||
var otpmsg = (decodeURIComponent('{{{otpmsg}}}') === 'true');
|
||||
var otppush = (decodeURIComponent('{{{otppush}}}') === 'true');
|
||||
var autofido = (decodeURIComponent('{{{autofido}}}') === 'true');
|
||||
var twoFactorCookieDays = parseInt('{{{twoFactorCookieDays}}}');
|
||||
@@ -414,7 +417,7 @@
|
||||
// Display the right server message
|
||||
var i;
|
||||
var messageid = parseInt('{{{messageid}}}');
|
||||
var okmessages = ['', "If valid, reset mail sent.", "Email sent.", "Email verification required, check your mailbox and click the confirmation link.", "SMS sent.", "Sending notification..."];
|
||||
var okmessages = ['', "If valid, reset mail sent.", "Email sent.", "Email verification required, check your mailbox and click the confirmation link.", "SMS sent.", "Sending notification...", "Message sent."];
|
||||
var failmessages = ["Unable to create account.", "Account limit reached.", "Existing account with this email address.", "Invalid account creation token.", "Username already exists.", "Password rejected, use a different one.", "Invalid email.", "Account not found.", "Invalid token, try again.", "Unable to sent email.", "Account locked.", "Access denied.", "Login failed, check username and password.", "Password change requested.", "IP address blocked, try again later.", "Server under maintenance.", "Unable to send device notification.", "Invalid security check."];
|
||||
if (messageid > 0) {
|
||||
var msg = '';
|
||||
@@ -508,12 +511,14 @@
|
||||
var twofakey = (hardwareKeyChallenge != null) && (hardwareKeyChallenge.type == 'webAuthn');
|
||||
var emailkey = otpemail && (messageid != 2) && (messageid != 4);
|
||||
var smskey = otpsms && (messageid != 2) && (messageid != 4);
|
||||
var msgkey = otpmsg && (messageid != 2) && (messageid != 4);
|
||||
var pushkey = otppush && (messageid != 2) && (messageid != 4);
|
||||
QV('securityKeyButton', twofakey);
|
||||
QV('emailKeyButton', emailkey);
|
||||
QV('smsKeyButton', smskey);
|
||||
QV('msgKeyButton', msgkey);
|
||||
QV('pushKeyButton', pushkey);
|
||||
QV('2farow', twofakey || emailkey || smskey || pushkey);
|
||||
QV('2farow', twofakey || emailkey || smskey || msgkey || pushkey);
|
||||
|
||||
// If hardware key is an option, trigger it now
|
||||
if (autofido && twofakey) { setTimeout(function () { useSecurityKey(1); }, 300); }
|
||||
@@ -525,12 +530,14 @@
|
||||
var twofakey = (hardwareKeyChallenge != null) && (hardwareKeyChallenge.type == 'webAuthn');
|
||||
var emailkey = otpemail && (messageid != 2) && (messageid != 4);
|
||||
var smskey = otpsms && (messageid != 2) && (messageid != 4);
|
||||
var msgkey = otpmsg && (messageid != 2) && (messageid != 4);
|
||||
var pushkey = otppush && (messageid != 2) && (messageid != 4);
|
||||
QV('securityKeyButton2', twofakey);
|
||||
QV('emailKeyButton2', emailkey);
|
||||
QV('smsKeyButton2', smskey);
|
||||
QV('msgKeyButton2', msgkey);
|
||||
QV('pushKeyButton', pushkey);
|
||||
QV('2farow2', twofakey || emailkey || smskey || pushkey);
|
||||
QV('2farow2', twofakey || emailkey || smskey || msgkey || pushkey);
|
||||
|
||||
// If hardware key is an option, trigger it now
|
||||
if (autofido && twofakey) { setTimeout(function () { useSecurityKey(2); }, 300); }
|
||||
@@ -645,6 +652,23 @@
|
||||
}
|
||||
}
|
||||
|
||||
function useMsgToken(panelAction) {
|
||||
if (otpmsg != true) return;
|
||||
setDialogMode(1, "Secure Login", 3, useMsgTokenEx, "Send token to messaging application?", panelAction);
|
||||
}
|
||||
|
||||
function useMsgTokenEx(b, panelAction) {
|
||||
if (panelAction == 1) {
|
||||
Q('hwtokenInput').value = '**msg**';
|
||||
QE('tokenOkButton', true);
|
||||
Q('tokenOkButton').click();
|
||||
} else if (panelAction == 2) {
|
||||
Q('resetHwtokenInput').value = '**msg**';
|
||||
QE('resetTokenOkButton', true);
|
||||
Q('resetTokenOkButton').click();
|
||||
}
|
||||
}
|
||||
|
||||
function usePushToken(panelAction) {
|
||||
if (panelAction == 1) {
|
||||
Q('hwtokenInput').value = '**push**';
|
||||
|
||||
Reference in New Issue
Block a user