paramecio/paramecio2fm
1
0
Fork 0
Code Issues 1 Pull requests Projects Releases Packages Wiki Activity

Fixes in double auth in admin

Browse source
This commit is contained in:
absurdo 2023-07-21 10:50:40 +02:00
parent 6ffb57b135
commit d31fe1e9a4
2 changed files with 84 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

4
paramecio2/modules/admin/templates/login.phtml
View file

@ -19,6 +19,8 @@
$('#loading').show(); $('#loading').show();
$('#login_submit').prop('disabled', true);
data_form={'username': $('#username_form').val(), 'password': $('#password_form').val(), 'csrf_token': $("#csrf_token").val()}; data_form={'username': $('#username_form').val(), 'password': $('#password_form').val(), 'csrf_token': $("#csrf_token").val()};
if($('#remember_login:checked').val()) if($('#remember_login:checked').val())
@ -43,6 +45,8 @@
} }
else else
{ {
$('#login_submit').prop('disabled', false);
//$('#csrf_token').val(data.csrf_token); //$('#csrf_token').val(data.csrf_token);

80
paramecio2/modules/admin/templates/need_auth.phtml Normal file
View file

@ -0,0 +1,80 @@
<%inherit file="login.phtml"/>
<%block name="title">${lang('admin', 'login', 'Paramecio Login')}</%block>
<%block name="content">
<form id="login">
<div id="title">
${lang('admin', 'login', 'Paramecio Login')}
</div>
<div class="form">
<p align="center">${lang('admin', 'check_your_email', 'Check your email for get instructions for complete login with double auth or')} <a href="${url_for('.logout')}">logout</a> and login again with other user</p>
<p><label>${lang('admin', 'code', 'Code')} *</label><input type="text" class="" name="code" id="code_form" value="" /> <span class="error" id="code_error"></span></p>
</div>
<div id="submit_block">
<input type="submit" value="${lang('common', 'send_code', 'Send code')}" class="submit" id="code_submit"/>
<span id="loading">&nbsp;</span>
</div>
</form>
</%block>
<%block name="ajax">
<script language="javascript">
$(document).ready( function () {
$('#code_submit').click( function () {
$('#code_submit').prop('disabled', true);
$('#loading').show();
data_form={'code': $('#code_form').val(), 'csrf_token': $("#csrf_token").val()};
$.ajax({
url: "${url_for('.auth_check')}",
method: "POST",
dataType: "json",
data: data_form,
error: function(jqXHR, textStatus, errorThrown ) {
alert(textStatus);
$('#code_submit').prop('disabled', false);
}
}).done(function(data) {
if(data.error==0)
{
//location.reload()
location.href="${url_for('.admin')}";
}
else
{
$('#code_submit').prop('disabled', true);
// Firefox have a horrible and stupid bug and you need attr for set de new csrf_token
$('#csrf_token').attr('value', data.csrf_token);
$('#loading').hide('slow');
if(data.hasOwnProperty('disable')) {
$('#code_error').html("${lang('common', 'error_disabled', 'Error, your user is disabled, you need support of web administration')}");
} else {
$('#code_error').html("${lang('common', 'error_wrong_code', 'Error, wrong code')}");
}
}
});
return false;
});
});
</script>
</%block>