Skip to content

Commit

Permalink
3.1.0
Browse files Browse the repository at this point in the history
OTP generator implemented
  • Loading branch information
nilsteampassnet committed Nov 18, 2023
1 parent 75f46e6 commit 7eca6a5
Show file tree
Hide file tree
Showing 4 changed files with 43 additions and 11 deletions.
2 changes: 1 addition & 1 deletion includes/config/include.php
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,7 @@
*/
define('TP_VERSION', '3.1.0');
define("UPGRADE_MIN_DATE", "1697990713");
define('TP_VERSION_MINOR', '5');
define('TP_VERSION_MINOR', '6');
define('TP_TOOL_NAME', 'Teampass');
define('TP_ONE_DAY_SECONDS', 86400);
define('TP_ONE_WEEK_SECONDS', 604800);
Expand Down
42 changes: 35 additions & 7 deletions includes/core/load.js.php
Original file line number Diff line number Diff line change
Expand Up @@ -546,7 +546,7 @@ function(data) {
'</div>' +
'<input id="encryption-otp" type="password" class="form-control form-item-control" value="'+store.get('teampassUser').pwd+'">' +
'<div class="input-group-append">' +
'<button class="btn btn-outline-secondary btn-no-click" id="show-encryption-otp" title="<?php echo $lang->get('mask_pw'); ?>"><i class="fas fa-low-vision"></i></button>' +
'<button class="btn btn-outline-secondary btn-no-click" id="show-encryption-otp" title="<?php echo $lang->get('mask_pw'); ?>"><i class="fa-solid fa-low-vision"></i></button>' +
'</div>' +
'</div>' +
'</div>' +
Expand Down Expand Up @@ -715,6 +715,9 @@ function(teampassUser) {
'<span class="input-group-text"><?php echo $lang->get('generated-otp'); ?></span>' +
'</div>' +
'<input id="new-otp" type="text" class="form-control form-item-control" value="">' +
'<div class="input-group-append">' +
'<button class="btn btn-outline-secondary btn-no-click" id="generate-new-secret" title="<?php echo $lang->get('generate_new_otp'); ?>"><i class="fa-solid fa-rotate"></i></button>' +
'</div>' +
'</div>' +
'</div>' +
'<div class="row">' +
Expand All @@ -723,31 +726,53 @@ function(teampassUser) {
'<span class="input-group-text"><?php echo $lang->get('qrcode_label'); ?></span>' +
'</div>' +
'<input type="text" rows="1" id="otp-label" class="form-control form-item-control" value="">' +
'<div class="input-group-append">' +
'<button class="btn btn-outline-secondary btn-no-click" id="generate-new-qrcode" title="<?php echo $lang->get('generate_qrcode'); ?>"><i class="fa-solid fa-qrcode"></i></button>' +
'</div>' +
'</div>' +
'</div>' +
'<div class="row" style="height:200px;">' +
'<div class="" style="height:200px;">' +
'<div class="text-center" id="new-otp-qrcode">' +
'</div>' +
'</div>' +
'</div>',
'<?php echo $lang->get('generate_qrcode'); ?>',
'',
'<?php echo $lang->get('close'); ?>'
);

launchOtpGeneration(false);

// Manage click on button PERFORM
$(document).on('click', '#warningModalButtonAction', function() {
$(document).on('click', '#generate-new-qrcode', function() {
event.preventDefault();
if ($('#otp-label').val() === '') {
toastr.remove();
toastr.error(
'<?php echo $lang->get('please_provide_label'); ?>',
'<?php echo $lang->get('caution'); ?>', {
timeOut: 5000,
progressBar: true
}
);
} else {
launchOtpGeneration(true, true, 'generate-new-qrcode', $(this).html());
}
});

$(document).on('click', '#generate-new-secret', function() {
event.preventDefault();
launchOtpGeneration(true);
launchOtpGeneration(false, null, 'generate-new-secret', $(this).html());
});

function launchOtpGeneration(withQrCode)
function launchOtpGeneration(withQrCode, withSecret, zone, buttonHtml)
{
$('#'+zone).html('<i class="fa-solid fa-spinner fa-spin text-warning"></i>');

// Load OTP
var parameters = {
'label': $('#otp-label').val(),
'with_qrcode': withQrCode,
'secret_key': withSecret === true ? $('#new-otp').val() : '',
}
$.post(
"sources/main.queries.php", {
Expand All @@ -774,8 +799,11 @@ function(data) {
$('#new-otp').val(data.secret);
if (withQrCode === true) {
$('#new-otp-qrcode').html('<img class="text-center" src="' + data.qrcode + '" />');
} else {
$('#new-otp-qrcode').html('');
}
}
$('#'+zone).html(buttonHtml);
}
);
}
Expand Down Expand Up @@ -1782,7 +1810,7 @@ function(data) {
var html_list = '';
$.each(data.html_json, function(i, value) {
html_list += '<li onclick="showItemCard($(this).closest(\'li\'))" class="pointer" data-item-edition="0" data-item-id="' + value.id + '" data-item-sk="' + value.perso + '" data-item-expired="0" data-item-restricted="' + value.restricted + '" data-item-display="1" data-item-open-edit="0" data-item-reload="0" data-item-tree-id="' + value.tree_id + '" data-is-search-result="0">' +
'<i class="fas fa-caret-right mr-2"></i>' + value.label + '</li>';
'<i class="fa-solid fa-caret-right mr-2"></i>' + value.label + '</li>';
});
$('#index-last-pwds').html(html_list);
}
Expand Down
1 change: 1 addition & 0 deletions includes/language/english.php
Original file line number Diff line number Diff line change
Expand Up @@ -20,6 +20,7 @@
'generated-otp' => 'Generated OTP',
'qrcode_label' => 'QRCode label',
'generate_qrcode' => 'Generate QRCode',
'please_provide_label' => 'Please provide a label',
'mfa_code_send_by_email' => 'MFA code sent by email',
'user_keys_downloaded' => 'User keys downloaded',
'regenerate_only_personal_items_keys' => 'Only regenerate my personal items keys (it requires your public and private keys). This will not impact shared items.',
Expand Down
9 changes: 6 additions & 3 deletions sources/main.queries.php
Original file line number Diff line number Diff line change
Expand Up @@ -716,6 +716,7 @@ function utilsHandler(string $post_type, array|null|string $dataReceived, array
return generateAnOTP(
(string) filter_var($dataReceived['label'], FILTER_SANITIZE_FULL_SPECIAL_CHARS),
(bool) filter_var($dataReceived['with_qrcode'], FILTER_VALIDATE_BOOLEAN),
(string) filter_var($dataReceived['secret_key'], FILTER_SANITIZE_FULL_SPECIAL_CHARS),
);


Expand Down Expand Up @@ -3157,11 +3158,13 @@ function increaseSessionDuration(
return '[{"new_value":"expired"}]';
}

function generateAnOTP(string $label, bool $with_qrcode = false): string
function generateAnOTP(string $label, bool $with_qrcode = false, string $secretKey = ''): string
{
// generate new secret
$tfa = new TwoFactorAuth();
$secretKey = $tfa->createSecret();
if ($secretKey === '') {
$secretKey = $tfa->createSecret();
}

// generate new QR
if ($with_qrcode === true) {
Expand All @@ -3177,7 +3180,7 @@ function generateAnOTP(string $label, bool $with_qrcode = false): string
'error' => false,
'message' => '',
'secret' => $secretKey,
'qrcode' => $qrcode,
'qrcode' => $qrcode ?? '',
),
'encode'
);
Expand Down

0 comments on commit 7eca6a5

Please sign in to comment.