Two Factor Authentication Settings'; if ($err !== null and $err != '') $pg .= "$err

"; $pg .= ''; $pg .= ''; $pg .= '
'; $pg .= makeForm('2fa'); $pg .= ''; $pg .= ''; break; case 'test': $pg .= ''; break; case 'ok': $pg .= ''; break; } $pg .= '
'; switch ($tfa) { case '': $pg .= '
'; $pg .= "You don't have 2FA setup yet

"; $pg .= 'To use 2FA you need an App on your phone/tablet
'; $pg .= 'The free and recommended ones that have been tested here are:

'; $pg .= "Android: 'FreeOTP Authenticator' by Red Hat
"; $pg .= "Apple: 'OTP Auth' by Roland Moers

"; $pg .= 'Click here to start setting up 2FA: '; $pg .= ''; $pg .= '
'; $pg .= '2FA is not yet enabled.
'; $pg .= 'Your 2FA key has been created but needs testing.

'; if (isset($ans['2fa_key'])) { $key = $ans['2fa_key']; $sfainfo = $ans['2fa_issuer'].': '.$ans['2fa_auth'].' '. $ans['2fa_hash'].' '.$ans['2fa_time'].'s'; $who = substr($user, 0, 8); $sfaurl = 'otpauth://'.$ans['2fa_auth'].'/'.$ans['2fa_issuer']. ':'.htmlspecialchars($who).'?secret='.$ans['2fa_key']. '&algorithm='.$ans['2fa_hash'].'&issuer='.$ans['2fa_issuer']; } else { $key = 'unavailable'; $sfainfo = 'unavailable'; $sfaurl = 'unavailable'; } $pg .= "Your 2FA Secret Key is: $key
"; $pg .= "2FA Settings are $sfainfo

"; $pg .= "2FA URL is Click

"; $pg .= '2FA Value: '; $pg .= ''; $pg .= '
'; $pg .= '2FA is enabled on your account.

'; $pg .= 'If you wish to replace your Secret Key with a new one:

'; $pg .= 'Current 2FA Value: '; $pg .= '*

'; $pg .= '*WARNING: replacing the Secret Key will disable 2FA
'; $pg .= 'until you successfully test the new key.

'; $pg .= '
'; $pg .= '
'; return $pg; } # function do2fa($data, $user) { $err = ''; $setup = getparam('Setup', false); if ($setup === 'Setup') { // rand() included as part of the entropy $ans = get2fa($user, 'setup', rand(1073741824,2147483647), 0); } else { $value = getparam('Value', false); $test = getparam('Test', false); if ($test === 'Test' and $value !== null) $ans = get2fa($user, 'test', 0, $value); else { $nw = getparam('New', false); if ($nw === 'New' and $value !== null) $ans = get2fa($user, 'new', rand(1073741824,2147483647), $value); else $ans = get2fa($user, '', 0, 0); } } if ($ans['STATUS'] != 'ok') $err = 'DBERR'; else { if (isset($ans['2fa_error'])) $err = $ans['2fa_error']; } if (!isset($ans['2fa_status'])) $tfa = null; else $tfa = $ans['2fa_status']; $pg = set_2fa($data, $user, $tfa, $ans, $err); return $pg; } # function show_2fa($info, $page, $menu, $name, $user) { gopage($info, NULL, 'do2fa', $page, $menu, $name, $user); } # ?>