admin/Facilitor
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

AAIT#35643 OTP vraag als veld in het inlogscherm

Browse Source 
svn path=/Website/trunk/; revision=28561
This commit is contained in:
Jos Groot Lipman
2016-03-21 15:02:11 +00:00
parent 894d4cb66d
commit 9d6ac19cc9
4 changed files with 37 additions and 76 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
APPL/Shared/Login.inc
View File

@@ -479,9 +479,9 @@ function verify_otp (otprequest, otpsecret, otpcounter)
// de laatste wordt gebruikt voor mobile/SMS
/* global */ login_fail_reason = L("lcl_login_wrong");
/* global */ otp_user_key = -1;
function tryLogin(username, wachtwoord, pmobile) {
Session.Contents.Remove("otp_user_key");
function tryLogin(username, wachtwoord, pmobile, otpcode) {
Session.Contents.Remove("org_user_key");
if (!username || username == 'undefined')
@@ -535,8 +535,10 @@ function tryLogin(username, wachtwoord, pmobile) {
if (!otpsecret || !wachtwoord)
doLogin(oRs("prs_perslid_key").Value);
else if (otpcode && testotp(oRs("prs_perslid_key").Value, otpcode))
doLogin(oRs("prs_perslid_key").Value);
else
Session("otp_user_key") = oRs("prs_perslid_key").Value;
/* global */ otp_user_key = oRs("prs_perslid_key").Value;
oRs.Close();
return true;

46
APPL/Shared/login.asp
View File

@@ -46,19 +46,11 @@ if (device.test(device.isMobile))
<script type="text/javascript">
function login_callback(json)
{
if (json.success && json.otp_hmac)
if (json.success && json.otp_prompt)
{
var otp_code = prompt(json.otp_prompt);
if (otp_code)
{
var data = { otp_user_key: json.otp_user_key,
otp_hmac: json.otp_hmac,
otp_code: otp_code,
remember: $("remember").is(":checked")?"on":""
};
<% protectRequest.dataToken("data"); %>
$.post("login_otp_save.asp", data, FcltCallbackAndThen(login_callback), "json");
}
$("tr.trname,tr.trpass,tr.trremember").hide(); // Ingevulde usernaam/ wachtwoord laten we bewust staan
$("tr.trotp").show(); // en submitten we een tweede keer maar dan met otpcode
$("tr.trotp").find("label").html(json.otp_prompt);
}
else if (json.success)
{
@@ -105,21 +97,35 @@ if (device.test(device.isMobile))
<input type="hidden" id="mobile" name="mobile" value="0">
<div id="logindiv">
<table id="logintable">
<tr><td class="label"><label><%=L("lcl_vis_log_name")%></label>
<tr class='trname'><td class="label"><label><%=L("lcl_vis_log_name")%></label>
<div id="mobkey"><%
if (S("mobile_password") == 1
|| (S("mobile_password_pda") == 1 && device.test(device.isMobile))) {
%><img class="details" id="mobbutton" title="<%=L("lcl_password_to_mobile")%>" alt="SMS" src="../Pictures/key.png" onClick="passwrd2mobile();"><%
}
%></div></td></tr>
<tr><td><input class="required" type="text" maxlength="100" id="visname" name="vis_name"></td></tr>
<tr>
<td class="label"><label><%=L("lcl_vis_log_psw")%></label></td></tr>
<tr><td><input type="Password" <%=(S("mobile_password") == 1?" readonly ":"")%> maxlength="50" id="vispswd" name="vis_pswd">
</td>
%></div></td>
</tr>
<tr class='trname'>
<td><input class="required" type="text" maxlength="100" id="visname" name="vis_name"></td>
</tr>
<tr class='trpass'>
<td class="label"><label><%=L("lcl_vis_log_psw")%></label></td>
</tr>
<tr class='trpass'>
<td><input type="Password" <%=(S("mobile_password") == 1?" readonly ":"")%> maxlength="50" id="vispswd" name="vis_pswd"></td>
</tr>
<tr class='trotp' style='display:none'>
<td class="label"><label><%=L("lcl_vis_log_psw")%></label></td>
</tr>
<tr class='trotp' style='display:none'>
<td><input type="text" maxlength="6" id="otpcode" name="otpcode"></td>
</tr>
<% if (S("login_remember_days") > 0)
RWCHECKBOXTR("remember", "fldremember", L("lcl_login_remember"), 0, {boxfirst: true});
RWCHECKBOXTR("remember", "fldremember", L("lcl_login_remember"), 0, {boxfirst: true, trclass: "trremember"});
%><tr>
<td><%
buttons = [ { title: L("lcl_logon"), action: "do_submit()" } ];

47
APPL/Shared/login_otp_save.asp
View File

@@ -1,47 +0,0 @@
<%@language = "javascript" %>
<% /*
$Revision$
$Id$
File: login_otp_save.asp
Description: Van in ingevulde OTP-code op en controleer deze
Parameters:
Context: Vanuit inlogscherm nadat gebruiker username/wachtwoord
al heeft opgegeven.
Note:
*/
%>
<%
var JSON_Result = true;
var ANONYMOUS_Allowed = 1;
%>
<!-- #include file="../Shared/common.inc" -->
<!-- #include file="../Shared/login.inc" -->
<!-- #include file="../Shared/json2.js" -->
<%
var otp_user_key = getFParamInt("otp_user_key");
var otp_hmac = getFParam("otp_hmac");
var otp_code = getFParam("otp_code");
var remember = getFParam("remember", "off")=="on";
protectHMAC.verify(String(otp_user_key), otp_hmac, { expire: 600 }); // 10 minuten proberen is al veel te lang
if (testotp(otp_user_key, otp_code))
doLogin(otp_user_key);
result = { success: user_key > 0 };
if (user_key > 0)
{
if (S("login_remember_days") > 0 && remember && user_key > 0)
makeSessionCookie("Remember Login");
}
else
{
result.message = login_fail_reason;
}
Response.Write(JSON.stringify(result));
Response.End;
%>

12
APPL/Shared/login_save.asp
View File

@@ -14,11 +14,13 @@ var ANONYMOUS_Allowed = 1;
var nm = getFParam("vis_name");
var ps = getFParam("vis_pswd");
var otpcode = getFParam("otpcode", "");
var remember = getFParam("remember", "off")=="on";
var ismobile = getFParam("mobile");
tryLogin(nm, ps, ismobile); // nm = username, ps = wachtwoord
tryLogin(nm, ps, ismobile, otpcode); // nm = username, ps = wachtwoord
result = { success: user_key > 0 };
@@ -30,15 +32,13 @@ if (user_key > 0)
}
else
{
if (Session("otp_user_key") > 0)
if (otp_user_key > 0)
{
var otp_user = new Perslid(Session("otp_user_key"));
var otp_user = new Perslid(otp_user_key);
var issuer = L("lcl_otp_issuer").format(HTTP.urlzelf());
var friendly = L("lcl_otp_friendly").format(customerId, otp_user.oslogin(), otp_user.naam());
result.otp_user_key = Session("otp_user_key");
result.otp_hmac = protectHMAC.create(String(result.otp_user_key));
result.otp_prompt = L("lcl_otp_enter").format(friendly);
result.otp_prompt = L("lcl_otp_enter").format(friendly, issuer);
result.success = true;
}
else