diff --git a/system/admin/views/edit-mfa.html.php b/system/admin/views/edit-mfa.html.php
index ed23a68..1ca9ce7 100644
--- a/system/admin/views/edit-mfa.html.php
+++ b/system/admin/views/edit-mfa.html.php
@@ -8,6 +8,9 @@ use PragmaRX\Google2FA\Google2FA;
use BaconQrCode\Renderer\GDLibRenderer;
use BaconQrCode\Writer;
+$domain = site_url();
+$domain = str_replace("https://", "", $domain);
+$domain = rtrim($domain, "/");
$mfa_state = user('mfa_secret', $user);
if (is_null($mfa_state) || $mfa_state == 'disabled') {
@@ -19,7 +22,7 @@ if (is_null($mfa_state) || $mfa_state == 'disabled') {
$g2faUrl = $google2fa->getQRCodeUrl(
$user,
- site_url(),
+ $domain,
$mfasecret
);
@@ -60,7 +63,7 @@ if (is_null($mfa_state) || $mfa_state == 'disabled') {
- '
+
@@ -70,5 +73,5 @@ if (is_null($mfa_state) || $mfa_state == 'disabled') {
-
+
diff --git a/system/admin/views/login-mfa.html.php b/system/admin/views/login-mfa.html.php
new file mode 100644
index 0000000..6390c44
--- /dev/null
+++ b/system/admin/views/login-mfa.html.php
@@ -0,0 +1,15 @@
+
+
+
+
+
+
+
diff --git a/system/admin/views/login.html.php b/system/admin/views/login.html.php
index 05d6c46..7bd42e0 100644
--- a/system/admin/views/login.html.php
+++ b/system/admin/views/login.html.php
@@ -21,11 +21,6 @@
} ?>" name="password" placeholder=""/>
-
-
-
-
-
">
@@ -33,7 +28,7 @@
- ">
+ ">
diff --git a/system/htmly.php b/system/htmly.php
index 32c2c0f..135507e 100644
--- a/system/htmly.php
+++ b/system/htmly.php
@@ -79,7 +79,7 @@ get('/index', function () {
} else {
$pview = 'main';
}
-
+
$tblog = new stdClass;
$tblog->title = blog_tagline();
$tblog->url = site_url();
@@ -147,49 +147,22 @@ post('/login', function () {
$user = from($_REQUEST, 'user');
$pass = from($_REQUEST, 'password');
$mfa_secret = user('mfa_secret', $user);
- if ($proper && $captcha && !empty($user) && !empty($pass)) {
+ if ($proper && $captcha && !empty($user) && !empty($pass)) {
if (!is_null($mfa_secret) && $mfa_secret !== "disabled") {
- $mfacode = from($_REQUEST, 'mfacode');
- $google2fa = new Google2FA();
- if ($google2fa->verifyKey($mfa_secret, $mfacode, '1')) {
- session($user, $pass);
- $log = session($user, $pass);
+ config('views.root', 'system/admin/views');
- if (!empty($log)) {
-
- config('views.root', 'system/admin/views');
-
- render('login', array(
- 'title' => generate_title('is_default', i18n('Login')),
- 'description' => i18n('Login') . ' ' . blog_title(),
- 'canonical' => site_url(),
- 'metatags' => generate_meta(null, null),
- 'error' => '',
- 'type' => 'is_login',
- 'is_login' => true,
- 'bodyclass' => 'in-login',
- 'breadcrumb' => '' . config('breadcrumb.home') . ' » ' . i18n('Login')
- ));
- }
- } else {
- $message['error'] = '';
- $message['error'] .= '' . i18n('MFA_Error') . '';
- config('views.root', 'system/admin/views');
-
- render('login', array(
- 'title' => generate_title('is_default', i18n('Login')),
- 'description' => i18n('Login') . ' ' . blog_title(),
- 'canonical' => site_url(),
- 'metatags' => generate_meta(null, null),
- 'error' => '' . $message['error'] . '
',
- 'username' => $user,
- 'password' => $pass,
- 'type' => 'is_login',
- 'is_login' => true,
- 'bodyclass' => 'in-login',
- 'breadcrumb' => '' . config('breadcrumb.home') . ' » ' . i18n('Login')
- ));
- }
+ render('login-mfa', array(
+ 'title' => generate_title('is_default', i18n('Login')),
+ 'description' => i18n('Login') . ' ' . blog_title(),
+ 'canonical' => site_url(),
+ 'metatags' => generate_meta(null, null),
+ 'username' => $user,
+ 'password' => $pass,
+ 'type' => 'is_login',
+ 'is_login' => true,
+ 'bodyclass' => 'in-login',
+ 'breadcrumb' => '' . config('breadcrumb.home') . ' » ' . i18n('Login')
+ ));
} else {
session($user, $pass);
$log = session($user, $pass);
@@ -244,6 +217,60 @@ post('/login', function () {
}
});
+// Verify MFA
+post('/login-mfa', function () {
+
+ $proper = is_csrf_proper(from($_REQUEST, 'csrf_token'));
+ $user = from($_REQUEST, 'user');
+ $pass = from($_REQUEST, 'password');
+ $mfacode = from($_REQUEST, 'mfacode');
+ $mfa_secret = user('mfa_secret', $user);
+ $google2fa = new Google2FA();
+ if ($proper && $google2fa->verifyKey($mfa_secret, $mfacode, '1')) {
+ session($user, $pass);
+ $log = session($user, $pass);
+
+ if (!empty($log)) {
+
+ config('views.root', 'system/admin/views');
+
+ render('login', array(
+ 'title' => generate_title('is_default', i18n('Login')),
+ 'description' => i18n('Login') . ' ' . blog_title(),
+ 'canonical' => site_url(),
+ 'metatags' => generate_meta(null, null),
+ 'error' => '',
+ 'type' => 'is_login',
+ 'is_login' => true,
+ 'bodyclass' => 'in-login',
+ 'breadcrumb' => '' . config('breadcrumb.home') . ' » ' . i18n('Login')
+ ));
+ }
+ } else {
+ $message['error'] = '';
+ if (!$proper) {
+ $message['error'] .= '' . i18n('Token_Error') . '';
+ } else {
+ $message['error'] .= '' . i18n('MFA_Error') . '';
+ }
+ config('views.root', 'system/admin/views');
+
+ render('login-mfa', array(
+ 'title' => generate_title('is_default', i18n('Login')),
+ 'description' => i18n('Login') . ' ' . blog_title(),
+ 'canonical' => site_url(),
+ 'metatags' => generate_meta(null, null),
+ 'error' => '' . $message['error'] . '
',
+ 'username' => $user,
+ 'password' => $pass,
+ 'type' => 'is_login',
+ 'is_login' => true,
+ 'bodyclass' => 'in-login',
+ 'breadcrumb' => '' . config('breadcrumb.home') . ' » ' . i18n('Login')
+ ));
+ }
+});
+
// Show the author page
get('/author/:name', function ($name) {
@@ -3984,7 +4011,7 @@ get('/:static', function ($static) {
} else {
$pview = 'main';
}
-
+
$tblog = new stdClass;
$tblog->title = blog_string();
$tblog->url = site_url() . blog_path();