blob: 633d36e5465b729577016b55266c5cf692e9425f [file] [log] [blame]
Copybara botbe50d492023-11-30 00:16:42 +01001<?php
2require_once(__DIR__."/../core.php");
3security::checkType(security::WORKER, security::METHOD_NOTFOUND);
4security::checkWorkerUIEnabled();
5secondFactor::checkAvailability();
6
7if (secondFactor::isEnabled()) {
8 security::notFound();
9}
10
11$secret = secondFactor::generateSecret();
12$url = "otpauth://totp/".str_replace("+", "%20", urlencode($conf["appName"])).":".urlencode(people::userData('username'))."?secret=".urlencode($secret)."&issuer=".str_replace("+", "%20", urlencode($conf["appName"]));
13?>
14
15<style>
16#dynDialog {
17 max-width: 500px;
18 width: auto;
19}
20
21.step {
22 padding: 10px 0;
23 border-bottom: 1px solid #ebebeb;
24}
25
26.step .number {
27 display: inline-block;
28 vertical-align: middle;
29 font-family: "Arial", sans-serif;
30 font-size: 36px;
31 font-weight: bold;
32 color: green;
33 margin: 0;
34 margin-right: 15px;
35 padding: 0;
36 line-height: normal;
37}
38
39.step .text {
40 display: inline-block;
41 vertical-align: middle;
42 margin: 0;
43 padding: 0;
44 width: Calc(100% - 40px);
45}
46
47.step .icon_container {
48 float: right;
49 height: 24px;
50 padding-top: 9px;
51 padding-right: 9px;
52}
53
54#qrcode {
55 margin: 8px 0;
56}
57
58#qrcode img, #qrcode canvas {
59 margin: auto;
60}
61</style>
62
63<dynscript>
64new QRCode(document.getElementById("qrcode"), {
65 text: "<?=security::htmlsafe($url)?>",
66 width: 200,
67 height: 200
68});
69</dynscript>
70
71<form action="doenablesecondfactor.php" method="POST" autocomplete="off">
72 <input type="hidden" name="secret" value="<?=security::htmlsafe($secret)?>">
73 <h4 class="mdl-dialog__title">Activa la verificación en dos pasos</h4>
74 <div class="mdl-dialog__content">
75 <p>Para activar la verificación en dos pasos, sigue los siguientes pasos:</p>
76
77 <div class="step">
78 <div class="number">1</div>
79 <div class="text"><b>Instala la aplicación Google Authenticator en tu <a href="http://appstore.com/googleauthenticator" target="_blank" rel="noopener noreferrer">iPhone</a> o <a href="https://play.google.com/store/apps/details?id=com.google.android.apps.authenticator2" target="_blank" rel="noopener noreferrer">Android</a>.</b><br>También puedes usar otra aplicación si lo prefieres.</div>
80 </div>
81 <div class="step">
82 <div class="number">2</div><div class="text"><b>Configura tu cuenta en la app Google Authenticator escaneando el siguiente código QR:</b></div>
83 </div>
84
85 <div id="qrcode"></div>
86
87 <div class="step" style="border-top: 1px solid #ebebeb;">
88 <div class="number">3</div><div class="text"><b>¿No puedes escanear el código QR? Introduce manualmente la siguiente clave secreta:</b><br><?=security::htmlsafe(secondFactorView::renderSecret($secret))?></div>
89 </div>
90 <div class="step" style="margin-bottom: 5px;">
91 <div class="number">4</div><div class="text"><b>Introduce el código de verificación de 6 dígitos:</b></div>
92 </div>
93 <div class="mdl-textfield mdl-js-textfield mdl-textfield--floating-label">
94 <input class="mdl-textfield__input" type="text" name="code" id="code" autocomplete="off" pattern="[0-9]{6}" data-required>
95 <label class="mdl-textfield__label" for="code">Código de verificación</label>
96 </div>
97 </div>
98 <div class="mdl-dialog__actions">
99 <button type="submit" class="mdl-button mdl-js-button mdl-js-ripple-effect mdl-button--primary">Activar</button>
100 <button data-dyndialog-close class="mdl-button mdl-js-button mdl-js-ripple-effect cancel">Cancelar</button>
101 </div>
102</form>