* @copyright Copyright (C) 2002-2005 Markus Westphal, * 2006-2008 Malcolm Cowe, 2010 Matteo Lucarelli, * 2010-2012 Uwe Steinmann * @version Release: @package_version@ */ /** * Include parent class */ require_once("class.Bootstrap.php"); /** * Class which outputs the html page for Login view * * @category DMS * @package SeedDMS * @author Markus Westphal, Malcolm Cowe, Uwe Steinmann * @copyright Copyright (C) 2002-2005 Markus Westphal, * 2006-2008 Malcolm Cowe, 2010 Matteo Lucarelli, * 2010-2012 Uwe Steinmann * @version Release: @package_version@ */ class SeedDMS_View_Login extends SeedDMS_Bootstrap_Style { function js() { /* {{{ */ header('Content-Type: application/javascript; charset=UTF-8'); ?> document.form1.login.focus(); function checkForm() { msg = new Array() if($("#login").val() == "") msg.push(""); if($("#pwd").val() == "") msg.push(""); if (msg != "") { noty({ text: msg.join('
'), type: 'error', dismissQueue: true, layout: 'topRight', theme: 'defaultTheme', _timeout: 1500, }); return false; } else return true; } function guestLogin() { theme = $("#themeselector").val(); lang = $("#languageselector").val(); url = "../op/op.Login.php?login=guest"; if(theme) url += "&sesstheme=" + theme; if(lang) url += "&lang=" + lang; if (document.form1.referuri) { url += "&referuri=" + escape(document.form1.referuri.value); } document.location.href = url; } $(document).ready( function() { /* $('body').on('submit', '#form', function(ev){ if(checkForm()) return; ev.preventDefault(); }); */ $('body').on('click', '#guestlogin', function(ev){ ev.preventDefault(); guestLogin(); }); $("#form").validate({ invalidHandler: function(e, validator) { noty({ text: (validator.numberOfInvalids() == 1) ? "".replace('#', validator.numberOfInvalids()) : "".replace('#', validator.numberOfInvalids()), type: 'error', dismissQueue: true, layout: 'topRight', theme: 'defaultTheme', timeout: 1500, }); }, messages: { login: "", pwd: "" }, }); }); function webauthnAuthenticate(key, cb){ var pk = JSON.parse(key); var originalChallenge = pk.challenge; pk.challenge = new Uint8Array(pk.challenge); pk.allowCredentials.forEach(function(k, idx){ pk.allowCredentials[idx].id = new Uint8Array(k.id); }); /* ask the browser to prompt the user */ navigator.credentials.get({publicKey: pk}) .then(function(aAssertion) { // console.log("Credentials.Get response: ", aAssertion); var ida = []; (new Uint8Array(aAssertion.rawId)).forEach(function(v){ ida.push(v); }); var cd = JSON.parse(String.fromCharCode.apply(null, new Uint8Array(aAssertion.response.clientDataJSON))); var cda = []; (new Uint8Array(aAssertion.response.clientDataJSON)).forEach(function(v){ cda.push(v); }); var ad = []; (new Uint8Array(aAssertion.response.authenticatorData)).forEach(function(v){ ad.push(v); }); var sig = []; (new Uint8Array(aAssertion.response.signature)).forEach(function(v){ sig.push(v); }); var info = { type: aAssertion.type, originalChallenge: originalChallenge, rawId: ida, response: { authenticatorData: ad, clientData: cd, clientDataJSONarray: cda, signature: sig } }; cb(true, JSON.stringify(info)); }) .catch(function (aErr) { if (("name" in aErr) && (aErr.name == "AbortError" || aErr.name == "NS_ERROR_ABORT" || aErr.name == "NotAllowedError")) { cb(false, 'abort'); } else { cb(false, aErr.toString()); } }); } $(function(){ $('#webauthnlogin').click(function(ev){ var self = $(this); ev.preventDefault(); $.ajax({url: '../op/op.Login.php', method: 'POST', data: {action: 'preparelogin', login: $('#loginusername').val()}, dataType: 'json', success: function(j){ /* activate the key and get the response */ webauthnAuthenticate(j.challenge, function(success, info){ if (success) { $.ajax({url: '../op/op.Login.php', method: 'POST', data: {action: 'login', login: $('#loginusername').val(), logininfo: info}, dataType: 'json', success: function(j){ noty({ text: 'login completed successfully', type: 'success', dismissQueue: true, layout: 'topRight', theme: 'defaultTheme', _timeout: 1500, }); window.location = j; }, error: function(xhr, status, error){ noty({ text: 'login failed: '+error+": "+xhr.responseText, type: 'error', dismissQueue: true, layout: 'topRight', theme: 'defaultTheme', _timeout: 1500, }); } }); } else { noty({ text: info, type: 'error', dismissQueue: true, layout: 'topRight', theme: 'defaultTheme', _timeout: 1500, }); } }); }, error: function(xhr, status, error){ noty({ text: "couldn't initiate login: "+error+": "+xhr.responseText, type: 'error', dismissQueue: true, layout: 'topRight', theme: 'defaultTheme', _timeout: 1500, }); } }); }); }); params['enableguestlogin']; $enablepasswordforgotten = $this->params['enablepasswordforgotten']; $refer = $this->params['referrer']; $themes = $this->params['themes']; $msg = $this->params['msg']; $languages = $this->params['languages']; $enableLanguageSelector = $this->params['enablelanguageselector']; $enableThemeSelector = $this->params['enablethemeselector']; $enable2factauth = $this->params['enable2factauth']; $this->htmlAddHeader(''."\n", 'js'); $this->htmlStartPage(getMLText("sign_in"), "login"); $this->globalBanner(); $this->contentStart(); $this->pageNavigation(getMLText("sign_in")); if($msg) $this->errorMsg(htmlspecialchars($msg)); ?> contentContainerStart(); ?>

"; } $this->formField( getMLText("user_login"), array( 'element'=>'input', 'type'=>'text', 'id'=>'loginusername', 'name'=>'login', 'placeholder'=>'login', 'autocomplete'=>'off', 'required'=>true ) ); $this->formField( getMLText("password"), array( 'element'=>'input', 'type'=>'password', 'id'=>'pwd', 'name'=>'pwd', 'autocomplete'=>'off', 'required'=>true ) ); if($enable2factauth) { require "vendor/robthree/twofactorauth/lib/Providers/Qr/IQRCodeProvider.php"; require "vendor/robthree/twofactorauth/lib/Providers/Qr/BaseHTTPQRCodeProvider.php"; // require "vendor/robthree/twofactorauth/lib/Providers/Qr/GoogleQRCodeProvider.php"; require "vendor/robthree/twofactorauth/lib/Providers/Rng/IRNGProvider.php"; require "vendor/robthree/twofactorauth/lib/Providers/Rng/MCryptRNGProvider.php"; require "vendor/robthree/twofactorauth/lib/TwoFactorAuthException.php"; require "vendor/robthree/twofactorauth/lib/TwoFactorAuth.php"; $tfa = new \RobThree\Auth\TwoFactorAuth('SeedDMS'); $this->formField( getMLText("2_factor_auth"), '' ); } if($enableLanguageSelector) { $html = ""; $this->formField( getMLText("language"), $html ); } if($enableThemeSelector) { $html = ""; $this->formField( getMLText("theme"), $html ); } echo '

'; $this->formSubmit(getMLText('submit_login')); echo '

'; ?>

'; $this->formSubmit(getMLText('submit_webauthn_login'), 'webauthnlogin'); echo ''; $this->contentContainerEnd(); $tmpfoot = array(); if ($enableguestlogin) $tmpfoot[] = "" . getMLText("guest_login") . "\n"; if ($enablepasswordforgotten) $tmpfoot[] = "" . getMLText("password_forgotten") . "\n"; if($tmpfoot) { print "

"; print implode(' | ', $tmpfoot); print "

\n"; } $this->contentEnd(); $this->htmlEndPage(); } /* }}} */ } ?>