SSO-in-a-Box: comparison packages/ssoinabox-webui/root/usr/local/share/weblogin/ssoinabox/templates/multifactor.tmpl

equal deleted inserted replaced

--1:000000000000
+:3906ca745819
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
+<html>
+<head>
+<http-equiv="pragma" content="no-cache">
+<title>WebAuth Multifactor</title>
+</head>
+[% IF notdefined %]
+<!--
+This is the template for the WebAuth multifactor page.  This page is called
+from login.fcgi script on the weblogin server after a successful
+authentication that has come back signaling that multifactor authentication
+is also required.  Variables used:
+factor_type             : type of multifactor being used (o1, o2, etc)
+username                : the authenticated identity of the user
+login_cancel            : a cancel URL was specified
+cancel_url              : the specified cancel URL
+multifactor_sentauth    : the form was submitted to run the sendauth function
+error                   : some error occurred
+err_multifactor_missing : the form was submitted previously without an OTP
+err_multifactor_invalid : could not validate a submitted OTP
+-->
+[% END %]
+<body onload="document.login.otp.focus();">
+<h1 align="center">WebAuth Multifactor</h1>
+[% IF error %]
+<div class="error" align="center">
+<p><strong>
+[% IF err_multifactor_missing %]
+<!-- Error: no OTP submitted. -->
+Error: Enter a one-time password.
+[% END %]
+[% IF err_multifactor_invalid %]
+<!-- Error: login failed. -->
+Error: You entered an incorrect one-time password.
+[% END %]
+</strong></p>
+<p>Click <a href="/help.html">help</a> for assistance.</p>
+</div>
+[% END %]
+<div class="loginbox" align="center">
+<table border="1" width="70%">
+<tr>
+<td><img alt="Login" src="/images/login.png"
+width="160" height="160"/></td>
+<td>
+<div class="loginform">
+[% IF factor_type == "o2" %]
+<p>Your multifactor setup requires us to send you a password
+via a configured interface to verify your identity. Please
+click the following button to send the message to the
+source you have on file.</p>
+<form name="multifactor_send"
+action="[% script_name FILTER html %]"
+method="post"
+enctype="application/x-www-form-urlencoded">
+<input type="hidden" name="rm" value="multifactor_sendauth">
+<input type="submit" name="Submit" value="Send OTP">
+<input type="hidden" name="RT"
+value="[% RT FILTER html %]">
+<input type="hidden" name="ST"
+value="[% ST FILTER html %]">
+<input type="hidden" name="username"
+value="[% username FILTER html %]">
+<input type="hidden" name="factor_type"
+value="[% factor_type FILTER html %]">
+</form>
+[% IF multifactor_sentauth %]
+<p><strong>You have sent an OTP to your configured device.
+Once you receive it, please enter the code into the
+following field.</strong></p>
+[% END %]
+[% END %]
+<form name="multifactor_login"
+action="[% script_name FILTER html %]"
+method="post" autocomplete="OFF"
+enctype="application/x-www-form-urlencoded">
+<input type="hidden" name="rm" value="multifactor">
+<input type="hidden" name="RT"
+value="[% RT FILTER html %]">
+<input type="hidden" name="ST"
+value="[% ST FILTER html %]">
+<input type="hidden" name="username"
+value="[% username FILTER html %]">
+<input type="hidden" name="factor_type"
+value="[% factor_type FILTER html %]">
+<table>
+<tr>
+<td><strong>One-Time Password (OTP):</strong></td>
+<td><input name="otp" type="text"
+value=""
+size="10"><br/></td>
+</tr>
+<tr>
+<td colspan="2" align="right">
+<input type="submit" name="Submit" value="Login">
+</td>
+</tr>
+</table>
+</form>
+</div>
+<div class="loginlinks">
+<a href="/help.html">help</a>
+[% IF login_cancel %]
+<!-- The WebAuth Server has a cancel url.-->
+<a href="[% cancel_url FILTER html %]">cancel</a>
+[% END %]
+</div>
+</td>
+</tr>
+</table>
+</div>
+<div class="trailer">
+<h2>Caution:</h2>
+<p>Never enter your WebAuth one-time password on a web page
+unless the page is a page directly served by the WebAuth login
+server.</p>
+</div>
+</body>
+</html>