renun/TwoNav
1
0
Fork 0
mirror of https://github.com/tznb1/TwoNav.git synced 2025-08-10 08:51:49 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

v2.0.34-20230809

Browse Source
This commit is contained in:
MI15\Win
2023-08-09 14:52:37 +08:00
parent cec87b24f2
commit 1ece1135ea
13 changed files with 405 additions and 29 deletions
Download Patch File Download Diff File Expand all files Collapse all files

119
templates/admin/page/SecuritySetting.php
View File

@@ -1,4 +1,6 @@
<?php $title='安全设置'; require 'header.php'; ?>
<?php $title='安全设置'; require 'header.php';
$LoginConfig = unserialize($USER_DB['LoginConfig']);
$LoginConfig['totp_key'] = empty($LoginConfig['totp_key']) ? '0':'1';?>
<body>
<div class="layuimini-container">
<div class="layuimini-main">
@@ -109,14 +111,58 @@
</div>
<div class="layui-form-item">
<div class="layui-input-block"><button class="layui-btn layui-btn-normal" lay-submit lay-filter="save">确认保存</button></div>
<div class="layui-input-block">
<button class="layui-btn layui-btn-normal" lay-submit lay-filter="save">确认保存</button>
<button class="layui-btn layui-bg-purple" lay-submit lay-filter="open_totp">OTP 双重验证</button>
</div>
</div>
</div>
</form>
</div>
</div>
<ul class="ul_totp" style="margin-top:18px;display:none;padding-right: 10px;">
<form class="layui-form" lay-filter="ul_totp">
<div class="layui-form-item">
<label class="layui-form-label">二维码</label>
<div id="qr"></div><div id="qrcode"></div>
</div>
<div class="layui-form-item">
<label class="layui-form-label">秘钥</label>
<div class="layui-input-inline">
<input type="text" name="key" id="key" class="layui-input">
</div>
<div class="layui-form-mid layui-word-aux">为了您的账户安全,成功保存后无法再查看秘钥,请勿泄漏秘钥</div>
</div>
<div class="layui-form-item">
<label class="layui-form-label">验证码</label>
<div class="layui-input-inline">
<input type="text" name="code" id="code" class="layui-input">
</div>
<div class="layui-form-mid layui-word-aux">请输入生成的验证码</div>
</div>
<pre class="layui-code" >
这东西叫法太多了,比如双重验证/动态密码/动态口令/动态令牌/身份验证器/双因子认证/2FA/TOTP验证码等等
原理是基于时间的动态验证码,网上客户端也大把,喜欢那个安装那个
开启后登录时需输入OTP验证码,作用是提高账号安全性
</pre>
<div class="layui-form-item">
<div class="layui-input-block">
<button class="layui-btn layui-btn-warm" type="button" id="close" >关闭</button>
<button class="layui-btn layui-btn-normal" lay-submit lay-filter="save_totp" id="save_totp">保存</button>
</div>
</div>
</form>
</ul>
<script src = "<?php echo $libs;?>/jquery/jquery-3.6.0.min.js"></script>
<script src = "<?php echo $libs;?>/jquery/jquery.md5.js"></script>
<script src = "<?php echo $libs; ?>/jquery/jquery.qrcode.min.js"></script>
<script src = "./templates/admin/js/public.js?v=<?php echo $Ver;?>"></script>
<?php load_static('js');?>
<script>
@@ -126,9 +172,9 @@ layui.use(['jquery','form','miniTab'], function () {
miniTab = layui.miniTab;
miniTab.listen();
//表单赋值
form.val('form', <?php echo json_encode(unserialize( $USER_DB['LoginConfig'] ));?>);
form.val('form', <?php echo json_encode($LoginConfig);?>);
//监听提交
//保存
form.on('submit(save)', function (data) {
$("*").blur(); //失去焦点,解决按回车无限提交
data.field.Password=$.md5(data.field.Password);
@@ -136,7 +182,7 @@ layui.use(['jquery','form','miniTab'], function () {
if(data.code == 1) {
var index = layer.alert("保存成功!", function () {
layer.close(index);
//miniTab.deleteCurrentByIframe();
//miniTab.deleteCurrentByIframe(); //关闭页面
});
}else{
layer.msg(data.msg, {icon: 5});
@@ -144,6 +190,69 @@ layui.use(['jquery','form','miniTab'], function () {
});
return false;
});
//双重验证
form.on('submit(open_totp)', function (data) {
$("*").blur(); //失去焦点,解决按回车无限提交
data.field.Password=$.md5(data.field.Password);
pwd_md5 = data.field.Password;
$.post(get_api('read_totp'),data.field,function(data,status){
if(data.code == 1){
layer.confirm('已开启双重验证,是否要关闭?',{icon: 3, title:'温馨提示'}, function(index){
layer.closeAll();
$.post(get_api('write_totp','delete'),{'Password':pwd_md5},function(data,status){
if(data.code == 1) {
layer.msg(data.msg, {icon: 1});
}else{
layer.msg(data.msg, {icon: 5});
}
});
});
}else if(data.code == 2) {
layer.confirm('未开启双重验证,是否要开启?',{icon: 3, title:'温馨提示'}, function(index){
layer.closeAll();
$('#key').val(data.key);
$('#code').val('');
$("#qr").html('');//防止多次操作出现多个二维码
let content = `otpauth://totp/${u}?secret=${data.key}&issuer=TwoNav`;
$('#qr').qrcode({render: "canvas",width: 200,height: 200,text: content});
var index = layer.open({type: 1,scrollbar: false,shadeClose: true,title: '双重验证',area : ['100%', '100%'],content: $('.ul_totp')});
});
return false;
}else{
layer.msg(data.msg, {icon: 5});
}
});
return false;
});
$('#key').on('input', function() {
$("#key").html('');
let key = $('#key').val();
let content = `otpauth://totp/${u}?secret=${key}&issuer=TwoNav`;
$("#qr").html('');
$('#qr').qrcode({render: "canvas",width: 200,height: 200,text: content});
});
//保存双重验证
form.on('submit(save_totp)', function (data) {
$("*").blur(); //失去焦点,解决按回车无限提交
data.field.Password = pwd_md5;
$.post(get_api('write_totp','set'),data.field,function(data,status){
if(data.code == 1) {
layer.closeAll();
layer.msg(data.msg, {icon: 1});
}else{
layer.msg(data.msg, {icon: 5});
}
});
return false;
});
//关闭页面
$(document).on('click', '#close', function() {
layer.closeAll();
});
});
</script>
</body>