diff --git a/loginSystem/static/loginSystem/login-systen.js b/loginSystem/static/loginSystem/login-systen.js index 68a75592f..d5681e4a8 100755 --- a/loginSystem/static/loginSystem/login-systen.js +++ b/loginSystem/static/loginSystem/login-systen.js @@ -33,73 +33,75 @@ var application = angular.module('loginSystem', []); application.config(['$interpolateProvider', - function($interpolateProvider) { + function ($interpolateProvider) { $interpolateProvider.startSymbol('{$'); $interpolateProvider.endSymbol('$}'); } ]); -application.controller('loginSystem', function($scope,$http,$window) { +application.controller('loginSystem', function ($scope, $http, $window) { + + $scope.verifyCode = true; + + $scope.verifyLoginCredentials = function () { + + $("#verifyingLogin").show(); - $scope.verifyLoginCredentials = function() { - - $("#verifyingLogin").show(); - - - var username = $scope.username; - var password= $scope.password; - var languageSelection= $scope.languageSelection; - - - url = "/verifyLogin"; - - var data = { - username: username, - password: password, - languageSelection:languageSelection, - }; - - var config = { - headers : { - 'X-CSRFToken': getCookie('csrftoken') - } - }; - - $http.post(url, data,config).then(ListInitialData, cantLoadInitialData); - - - function ListInitialData(response) { - - if (response.data.loginStatus === 0) - { - $scope.errorMessage = response.data.error_message; - $("#loginFailed").fadeIn(); - } - else{ - $("#loginFailed").hide(); - $window.location.href = '/base/'; - } - - - - $("#verifyingLogin").hide(); - } - function cantLoadInitialData(response) {} - + var username = $scope.username; + var password = $scope.password; + var languageSelection = $scope.languageSelection; + url = "/verifyLogin"; + var data = { + username: username, + password: password, + languageSelection: languageSelection, + twofa: $scope.twofa }; - $scope.initiateLogin = function($event){ - var keyCode = $event.which || $event.keyCode; - if (keyCode === 13) { - $scope.verifyLoginCredentials(); + var config = { + headers: { + 'X-CSRFToken': getCookie('csrftoken') + } + }; - } + $http.post(url, data, config).then(ListInitialData, cantLoadInitialData); - }; + + function ListInitialData(response) { + + if (response.data.loginStatus === 0) { + $scope.errorMessage = response.data.error_message; + $("#loginFailed").fadeIn(); + }else if(response.data.loginStatus === 2){ + $scope.verifyCode = false; + } + else { + $("#loginFailed").hide(); + $window.location.href = '/base/'; + } + + + $("#verifyingLogin").hide(); + } + + function cantLoadInitialData(response) { + } + + + }; + + $scope.initiateLogin = function ($event) { + var keyCode = $event.which || $event.keyCode; + if (keyCode === 13) { + $scope.verifyLoginCredentials(); + + } + + }; }); diff --git a/loginSystem/templates/loginSystem/login.html b/loginSystem/templates/loginSystem/login.html index 1b6da3feb..c34b049b6 100755 --- a/loginSystem/templates/loginSystem/login.html +++ b/loginSystem/templates/loginSystem/login.html @@ -191,6 +191,16 @@ src="{% static 'images/loading.gif' %}"> +
+
+ + + + +
+
+
diff --git a/loginSystem/views.py b/loginSystem/views.py index cbeb96b53..372a22f27 100644 --- a/loginSystem/views.py +++ b/loginSystem/views.py @@ -91,8 +91,32 @@ def verifyLogin(request): json_data = json.dumps(data) return HttpResponse(json_data) + if admin.twoFA: + try: + twoinit = request.session['twofa'] + except: + request.session['twofa'] = 0 + data = {'userID': admin.pk, 'loginStatus': 2, 'error_message': "None"} + json_data = json.dumps(data) + response.write(json_data) + return response + + + if hashPassword.check_password(admin.password, password): + if admin.twoFA: + if request.session['twofa'] == 0: + import pyotp + totp = pyotp.TOTP(admin.secretKey) + del request.session['twofa'] + logging.writeToFile(str(totp.now())) + if totp.verify(data['twofa']): + data = {'userID': 0, 'loginStatus': 0, 'error_message': "Invalid verification code."} + json_data = json.dumps(data) + response.write(json_data) + return response + request.session['userID'] = admin.pk ipAddr = request.META.get('REMOTE_ADDR') diff --git a/plogical/upgrade.py b/plogical/upgrade.py index 5f105e288..24b7f4fbd 100755 --- a/plogical/upgrade.py +++ b/plogical/upgrade.py @@ -534,7 +534,7 @@ $cfg['Servers'][$i]['SignonURL'] = 'phpmyadminsignin.php'; pass try: - cursor.execute("ALTER TABLE loginSystem_administrator ADD secretKey varchar(50) DEFAULT 'ACTIVE'") + cursor.execute("ALTER TABLE loginSystem_administrator ADD secretKey varchar(50) DEFAULT 'None'") except: pass diff --git a/static/loginSystem/login-systen.js b/static/loginSystem/login-systen.js index 68a75592f..d5681e4a8 100644 --- a/static/loginSystem/login-systen.js +++ b/static/loginSystem/login-systen.js @@ -33,73 +33,75 @@ var application = angular.module('loginSystem', []); application.config(['$interpolateProvider', - function($interpolateProvider) { + function ($interpolateProvider) { $interpolateProvider.startSymbol('{$'); $interpolateProvider.endSymbol('$}'); } ]); -application.controller('loginSystem', function($scope,$http,$window) { +application.controller('loginSystem', function ($scope, $http, $window) { + + $scope.verifyCode = true; + + $scope.verifyLoginCredentials = function () { + + $("#verifyingLogin").show(); - $scope.verifyLoginCredentials = function() { - - $("#verifyingLogin").show(); - - - var username = $scope.username; - var password= $scope.password; - var languageSelection= $scope.languageSelection; - - - url = "/verifyLogin"; - - var data = { - username: username, - password: password, - languageSelection:languageSelection, - }; - - var config = { - headers : { - 'X-CSRFToken': getCookie('csrftoken') - } - }; - - $http.post(url, data,config).then(ListInitialData, cantLoadInitialData); - - - function ListInitialData(response) { - - if (response.data.loginStatus === 0) - { - $scope.errorMessage = response.data.error_message; - $("#loginFailed").fadeIn(); - } - else{ - $("#loginFailed").hide(); - $window.location.href = '/base/'; - } - - - - $("#verifyingLogin").hide(); - } - function cantLoadInitialData(response) {} - + var username = $scope.username; + var password = $scope.password; + var languageSelection = $scope.languageSelection; + url = "/verifyLogin"; + var data = { + username: username, + password: password, + languageSelection: languageSelection, + twofa: $scope.twofa }; - $scope.initiateLogin = function($event){ - var keyCode = $event.which || $event.keyCode; - if (keyCode === 13) { - $scope.verifyLoginCredentials(); + var config = { + headers: { + 'X-CSRFToken': getCookie('csrftoken') + } + }; - } + $http.post(url, data, config).then(ListInitialData, cantLoadInitialData); - }; + + function ListInitialData(response) { + + if (response.data.loginStatus === 0) { + $scope.errorMessage = response.data.error_message; + $("#loginFailed").fadeIn(); + }else if(response.data.loginStatus === 2){ + $scope.verifyCode = false; + } + else { + $("#loginFailed").hide(); + $window.location.href = '/base/'; + } + + + $("#verifyingLogin").hide(); + } + + function cantLoadInitialData(response) { + } + + + }; + + $scope.initiateLogin = function ($event) { + var keyCode = $event.which || $event.keyCode; + if (keyCode === 13) { + $scope.verifyLoginCredentials(); + + } + + }; }); diff --git a/static/userManagment/userManagment.js b/static/userManagment/userManagment.js index 73eaed9a5..d404856f8 100644 --- a/static/userManagment/userManagment.js +++ b/static/userManagment/userManagment.js @@ -127,6 +127,13 @@ app.controller('createUserCtr', function ($scope, $http) { /* Java script code to modify user account */ app.controller('modifyUser', function ($scope, $http) { + var qrCode = window.qr = new QRious({ + element: document.getElementById('qr'), + size: 200, + value: 'QRious' + }); + + $scope.userModificationLoading = true; $scope.acctDetailsFetched = true; $scope.userAccountsLimit = true; @@ -137,6 +144,15 @@ app.controller('modifyUser', function ($scope, $http) { $scope.detailsFetched = true; $scope.accountTypeView = true; $scope.websitesLimit = true; + $scope.qrHidden = true; + + $scope.decideQRShow = function(){ + if($scope.twofa === true){ + $scope.qrHidden = false; + }else{ + $scope.qrHidden = true; + } + }; $scope.fetchUserDetails = function () { @@ -173,6 +189,12 @@ app.controller('modifyUser', function ($scope, $http) { $scope.lastName = userDetails.lastName; $scope.email = userDetails.email; $scope.secLevel = userDetails.securityLevel; + $scope.twofa = Boolean(userDetails.twofa); + + qrCode.set({ + value: userDetails.otpauth + }); + $scope.userModificationLoading = true; $scope.acctDetailsFetched = false; @@ -220,7 +242,6 @@ app.controller('modifyUser', function ($scope, $http) { }; - $scope.modifyUser = function () { @@ -252,7 +273,8 @@ app.controller('modifyUser', function ($scope, $http) { lastName: lastName, email: email, passwordByPass: password, - securityLevel: $scope.securityLevel + securityLevel: $scope.securityLevel, + twofa: $scope.twofa }; var config = { @@ -1685,7 +1707,7 @@ app.controller('listTableUsers', function ($scope, $http) { }; - + $scope.controlUserState = function (userName, state) { $scope.cyberpanelLoading = false; @@ -1693,7 +1715,7 @@ app.controller('listTableUsers', function ($scope, $http) { var data = { accountUsername: userName, - state : state + state: state }; var config = { diff --git a/userManagment/static/userManagment/userManagment.js b/userManagment/static/userManagment/userManagment.js index 73eaed9a5..d404856f8 100755 --- a/userManagment/static/userManagment/userManagment.js +++ b/userManagment/static/userManagment/userManagment.js @@ -127,6 +127,13 @@ app.controller('createUserCtr', function ($scope, $http) { /* Java script code to modify user account */ app.controller('modifyUser', function ($scope, $http) { + var qrCode = window.qr = new QRious({ + element: document.getElementById('qr'), + size: 200, + value: 'QRious' + }); + + $scope.userModificationLoading = true; $scope.acctDetailsFetched = true; $scope.userAccountsLimit = true; @@ -137,6 +144,15 @@ app.controller('modifyUser', function ($scope, $http) { $scope.detailsFetched = true; $scope.accountTypeView = true; $scope.websitesLimit = true; + $scope.qrHidden = true; + + $scope.decideQRShow = function(){ + if($scope.twofa === true){ + $scope.qrHidden = false; + }else{ + $scope.qrHidden = true; + } + }; $scope.fetchUserDetails = function () { @@ -173,6 +189,12 @@ app.controller('modifyUser', function ($scope, $http) { $scope.lastName = userDetails.lastName; $scope.email = userDetails.email; $scope.secLevel = userDetails.securityLevel; + $scope.twofa = Boolean(userDetails.twofa); + + qrCode.set({ + value: userDetails.otpauth + }); + $scope.userModificationLoading = true; $scope.acctDetailsFetched = false; @@ -220,7 +242,6 @@ app.controller('modifyUser', function ($scope, $http) { }; - $scope.modifyUser = function () { @@ -252,7 +273,8 @@ app.controller('modifyUser', function ($scope, $http) { lastName: lastName, email: email, passwordByPass: password, - securityLevel: $scope.securityLevel + securityLevel: $scope.securityLevel, + twofa: $scope.twofa }; var config = { @@ -1685,7 +1707,7 @@ app.controller('listTableUsers', function ($scope, $http) { }; - + $scope.controlUserState = function (userName, state) { $scope.cyberpanelLoading = false; @@ -1693,7 +1715,7 @@ app.controller('listTableUsers', function ($scope, $http) { var data = { accountUsername: userName, - state : state + state: state }; var config = { diff --git a/userManagment/templates/userManagment/modifyUser.html b/userManagment/templates/userManagment/modifyUser.html index 07d34bdab..b0e98cb1b 100755 --- a/userManagment/templates/userManagment/modifyUser.html +++ b/userManagment/templates/userManagment/modifyUser.html @@ -80,6 +80,23 @@
+
+ + +
+
+ +
+
+ +
+ +
+
+
@@ -143,9 +160,6 @@
- - - {% endblock %} diff --git a/userManagment/views.py b/userManagment/views.py index 0d7da486f..3048f861a 100755 --- a/userManagment/views.py +++ b/userManagment/views.py @@ -288,6 +288,14 @@ def fetchUserDetails(request): else: securityLevel = 'High' + import pyotp + + if user.secretKey == 'None': + user.secretKey = pyotp.random_base32() + user.save() + + otpauth = pyotp.totp.TOTP(user.secretKey).provisioning_uri(email, issuer_name="CyberPanel") + userDetails = { "id": user.id, "firstName": firstName, @@ -295,7 +303,9 @@ def fetchUserDetails(request): "email": email, "acl": user.acl.name, "websitesLimit": websitesLimit, - "securityLevel": securityLevel + "securityLevel": securityLevel, + "otpauth": otpauth, + 'twofa': user.twoFA } data_ret = {'fetchStatus': 1, 'error_message': 'None', "userDetails": userDetails} @@ -333,6 +343,11 @@ def saveModifications(request): except: securityLevel = 'HIGH' + try: + twofa = int(data['twofa']) + except: + twofa = 0 + user = Administrator.objects.get(userName=accountUsername) currentACL = ACLManager.loadedACL(val) @@ -358,6 +373,7 @@ def saveModifications(request): user.password = password user.token = token user.type = 0 + user.twoFA = twofa if securityLevel == 'LOW': user.securityLevel = secMiddleware.LOW