AAIT#35643 OTP/2 factor authentication

svn path=/Website/trunk/; revision=28523
2016-03-17 14:18:26 +00:00
parent 085e7deca1
commit bc0e3fa677
1 changed files with 38 additions and 0 deletions
--- a/APPL/PRS/prs_perslid_otp_new_save.asp
+++ b/APPL/PRS/prs_perslid_otp_new_save.asp
@@ -0,0 +1,38 @@
+<%@language = "javascript" %>
+<% /*
+    $Revision$
+    $Id$
+
+    File:           prs_perslid_otp_new_save.asp.asp
+    Description:    Verifieert een temp otp-code en maakt hem eventueel definitief
+    Parameters:
+    Context:        Vanuit prs_perslid_otp_new.asp
+    Note:
+*/
+var JSON_Result = true;
+%>
+
+<!--#include file="../Shared/common.inc"-->
+<!--#include file="../Shared/login.inc"-->
+<!-- #include file="../Shared/json2.js" -->
+<%
+protectRequest.validateToken();
+
+var otp_code = getFParam("otp_code");
+var otp_secret = Session("otp_secret_temp");
+var otp_counter = -1;
+
+if (!verify_otp(otp_code, otp_secret , -1))
+    abort_with_warning(L("lcl_otp_wrong"));
+
+var sql = "UPDATE prs_perslid"
+        + "   SET prs_perslid_otpsecret = " + safe.quoted_sql(otp_secret)
+        + "     , prs_perslid_otpcounter = " + otp_counter
+        + " WHERE prs_perslid_key = " + user_key;
+Oracle.Execute(sql);
+
+var result = { success: user_key > 0, message: L("lcl_otp_saved") };
+
+Response.Write(JSON.stringify(result));
+Response.End;
+%>