mailinabox/management/templates/login.html

<style>
  .title {
    margin: 1em;
    text-align: center;
  }

  .subtitle {
    margin: 2em;
    text-align: center;
  }

  .login {
    margin: 0 auto;
    max-width: 32em;
  }

  .login #loginOtp {
    display: none;
  }

  #loginForm.is-twofactor #loginOtp {
    display: block
  }
</style>

<h1 class="title">{{hostname}}</h1>

{% if no_users_exist or no_admins_exist %}
<div class="row">
<div class="col-md-offset-2 col-md-8">
  {% if no_users_exist %}
  <p class="text-danger">There are no users on this system! To make an administrative user,
  log into this machine using SSH (like when you first set it up) and run:</p>
  <pre>cd mailinabox
sudo management/cli.py user add me@{{hostname}}
sudo management/cli.py user make-admin me@{{hostname}}</pre>
  {% else %}
  <p class="text-danger">There are no administrative users on this system! To make an administrative user,
  log into this machine using SSH (like when you first set it up) and run:</p>
  <pre>cd mailinabox
sudo management/cli.py user make-admin me@{{hostname}}</pre>
  {% endif %}
  <hr>
</div>
</div>
{% endif %}

<p class="subtitle">Log in here for your Mail-in-a-Box control panel.</p>

<div class="login">
  <form id="loginForm" class="form-horizontal" role="form" onsubmit="do_login(); return false;" method="get">
    <div class="form-group">
      <label for="inputEmail3" class="col-sm-3 control-label">Email</label>
      <div class="col-sm-12">
        <input name="email" type="email" class="form-control" id="loginEmail" placeholder="Email">
      </div>
    </div>
    <div class="form-group">
      <label for="inputPassword3" class="col-sm-3 control-label">Password</label>
      <div class="col-sm-12">
        <input name="password" type="password" class="form-control" id="loginPassword" placeholder="Password">
      </div>
    </div>
    <div class="form-group" id="loginOtp">
      <label for="loginOtpInput" class="col-sm-3 control-label">Code</label>
      <div class="col-sm-12">
          <input type="text" class="form-control" id="loginOtpInput" placeholder="6-digit code">
          <div class="help-block" style="margin-top: 5px; font-size: 90%">Enter the six-digit code generated by your two factor authentication app.</div>
      </div>
    </div>
    <div class="form-group">
      <div class="col-sm-offset-3 col-sm-9">
        <div class="checkbox">
          <label>
            <input name='remember' type="checkbox" id="loginRemember"> Remember me
          </label>
        </div>
      </div>
    </div>
    <div class="form-group">
      <div class="col-sm-offset-3 col-sm-9">
        <button type="submit" class="btn btn-default">Sign in</button>
      </div>
    </div>
  </form>
</div>

<script>
function do_login() {
  if ($('#loginEmail').val() == "") {
    show_modal_error("Login Failed", "Enter your email address.", function() {
      $('#loginEmail').focus();
    });
    return false;
  }

  if ($('#loginPassword').val() == "") {
    show_modal_error("Login Failed", "Enter your email password.", function() {
        $('#loginPassword').focus();
    });
    return false;
  }

  // Exchange the email address & password for an API key.
  api_credentials = [$('#loginEmail').val(), $('#loginPassword').val()]

  api(
  "/me",
  "GET",
  {},
  function(response) {
    // This API call always succeeds. It returns a JSON object indicating
    // whether the request was authenticated or not.
    if (response.status != 'ok') {
      if (response.status === 'missing-totp-token' || (response.status === 'invalid' && response.reason == 'invalid-totp-token')) {
        $('#loginForm').addClass('is-twofactor');
        if (response.reason === "invalid-totp-token") {
          show_modal_error("Login Failed", "Incorrect two factor authentication token.");
        } else {
          setTimeout(() => {
              $('#loginOtpInput').focus();
          });
        }
      } else {
        $('#loginForm').removeClass('is-twofactor');

        // Show why the login failed.
        show_modal_error("Login Failed", response.reason)

        // Reset any saved credentials.
        do_logout();
      }
    } else if (!("api_key" in response)) {
      // Login succeeded but user might not be authorized!
      show_modal_error("Login Failed", "You are not an administrator on this system.")

      // Reset any saved credentials.
      do_logout();

    } else {
      // Login succeeded.

      // Save the new credentials.
      api_credentials = [response.email, response.api_key];

      // Try to wipe the username/password information.
      $('#loginEmail').val('');
      $('#loginPassword').val('');
      $('#loginOtpInput').val('');
      $('#loginForm').removeClass('is-twofactor');

      // Remember the credentials.
      if (typeof localStorage != 'undefined' && typeof sessionStorage != 'undefined') {
        if ($('#loginRemember').val()) {
          localStorage.setItem("miab-cp-credentials", api_credentials.join(":"));
          sessionStorage.removeItem("miab-cp-credentials");
        } else {
          localStorage.removeItem("miab-cp-credentials");
          sessionStorage.setItem("miab-cp-credentials", api_credentials.join(":"));
        }
      }

      // Open the next panel the user wants to go to. Do this after the XHR response
      // is over so that we don't start a new XHR request while this one is finishing,
      // which confuses the loading indicator.
      setTimeout(function() { show_panel(!switch_back_to_panel || switch_back_to_panel == "login" ? 'system_status' : switch_back_to_panel) }, 300);
    }
  },
  undefined,
  {
    'x-auth-token': $('#loginOtpInput').val()
  });
}

function show_login() {
  $('#loginForm').removeClass('is-twofactor');
  $('#loginOtpInput').val('');
  $('#loginEmail,#loginPassword').each(function() {
    var input = $(this);
    if (!$.trim(input.val())) {
      input.focus();
      return false;
    }
  });
}
</script>
implement two factor check during login 2020-09-02 15:23:32 +00:00			`<style>`
			`.title {`
			`margin: 1em;`
			`text-align: center;`
			`}`

			`.subtitle {`
			`margin: 2em;`
			`text-align: center;`
			`}`

			`.login {`
			`margin: 0 auto;`
			`max-width: 32em;`
			`}`

			`.login #loginOtp {`
			`display: none;`
			`}`

Autofocus otp input when logging in, update layout 2020-09-02 18:30:08 +00:00			`#loginForm.is-twofactor #loginOtp {`
implement two factor check during login 2020-09-02 15:23:32 +00:00			`display: block`
			`}`
			`</style>`

			`<h1 class="title">{{hostname}}</h1>`
if there are no admins when trying to access the control panel, tell the user how to make an admin from SSH 2014-08-26 11:31:45 +00:00
if there are no users at all the warning on the control panel login screen was incorrect 2015-04-28 11:11:41 +00:00			`{% if no_users_exist or no_admins_exist %}`
admin: there is no need to make each panel a separate bootstrap container * also fixes the footer alignment to be within a container rather than a container-fluid * this changed the width of the login form slightly, so am cleaning that up too see #244 2014-10-21 10:56:52 +00:00			`<div class="row">`
if there are no admins when trying to access the control panel, tell the user how to make an admin from SSH 2014-08-26 11:31:45 +00:00			`<div class="col-md-offset-2 col-md-8">`
if there are no users at all the warning on the control panel login screen was incorrect 2015-04-28 11:11:41 +00:00			`{% if no_users_exist %}`
			`<p class="text-danger">There are no users on this system! To make an administrative user,`
			`log into this machine using SSH (like when you first set it up) and run:</p>`
			`<pre>cd mailinabox`
Rename tools/mail.py to management/cli.py 2020-10-29 19:10:11 +00:00			`sudo management/cli.py user add me@{{hostname}}`
			`sudo management/cli.py user make-admin me@{{hostname}}</pre>`
if there are no users at all the warning on the control panel login screen was incorrect 2015-04-28 11:11:41 +00:00			`{% else %}`
if there are no admins when trying to access the control panel, tell the user how to make an admin from SSH 2014-08-26 11:31:45 +00:00			`<p class="text-danger">There are no administrative users on this system! To make an administrative user,`
			`log into this machine using SSH (like when you first set it up) and run:</p>`
			`<pre>cd mailinabox`
Rename tools/mail.py to management/cli.py 2020-10-29 19:10:11 +00:00			`sudo management/cli.py user make-admin me@{{hostname}}</pre>`
if there are no users at all the warning on the control panel login screen was incorrect 2015-04-28 11:11:41 +00:00			`{% endif %}`
if there are no admins when trying to access the control panel, tell the user how to make an admin from SSH 2014-08-26 11:31:45 +00:00			`<hr>`
			`</div>`
Add missing login form method to keep LastPass happy (#1565) 2019-05-12 12:10:34 +00:00			`</div>`
if there are no admins when trying to access the control panel, tell the user how to make an admin from SSH 2014-08-26 11:31:45 +00:00			`{% endif %}`

implement two factor check during login 2020-09-02 15:23:32 +00:00			`<p class="subtitle">Log in here for your Mail-in-a-Box control panel.</p>`
web-based administrative UI closes #19 2014-08-17 22:43:57 +00:00
implement two factor check during login 2020-09-02 15:23:32 +00:00			`<div class="login">`
			`<form id="loginForm" class="form-horizontal" role="form" onsubmit="do_login(); return false;" method="get">`
web-based administrative UI closes #19 2014-08-17 22:43:57 +00:00			`<div class="form-group">`
admin: there is no need to make each panel a separate bootstrap container * also fixes the footer alignment to be within a container rather than a container-fluid * this changed the width of the login form slightly, so am cleaning that up too see #244 2014-10-21 10:56:52 +00:00			`<label for="inputEmail3" class="col-sm-3 control-label">Email</label>`
v0.51 (November 14, 2020) Software updates: * Upgraded Nextcloud from 17.0.6 to 20.0.1 (with Contacts from 3.3.0 to 3.4.1 and Calendar from 2.0.3 to 2.1.2) * Upgraded Roundcube to version 1.4.9. Mail: * The MTA-STA max_age value was increased to the normal one week. Control Panel: * Two-factor authentication can now be enabled for logins to the control panel. However, keep in mind that many online services (including domain name registrars, cloud server providers, and TLS certificate providers) may allow an attacker to take over your account or issue a fraudulent TLS certificate with only access to your email address, and this new two-factor authentication does not protect access to your inbox. It therefore remains very important that user accounts with administrative email addresses have strong passwords. * TLS certificate expiry dates are now shown in ISO8601 format for clarity. -----BEGIN PGP SIGNATURE----- iQFDBAABCgAtFiEEX0wOcxPM10RpOyrquSBB9MEL3YEFAl+v8k4PHGp0QG9jY2Ft cy5pbmZvAAoJELkgQfTBC92BMYUIAJTD1iKzY1SoDNSp8JMPn2sWusOnJNrnvYEV vsrBM4AzwJv3DIZKSkYCitbTQW2FsTcjF6Jl5PCavEmAGe55AIKAPM/52Uq6jqDE aR8EZvI9ca1i7yR7DOHEI043QSPmp/iCFD48vvmKgN/LZy67TaHaOlGJbc3nfpk0 y7ejMpF/6RP6ik4snnRQoWTFShaOpB9WcEVnUO7CHZdWcpSCZ55c9yi6A6ExGk7e 97R5+JN1MgOdZ6rzWZuMWiz7EZ/Ew4jYLZpOwg8qJm0HNbYJ6+/xxsQBwaQzyBw3 TsTl4GmunNPfoNrmKdJeLy0sBwiVBv/rysjWjim5v8jAYBoKoUQ= =2oRU -----END PGP SIGNATURE----- gpgsig -----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEAKK/toPAcMkE+dinLzJ3OKPArjoFAl+xc7sACgkQLzJ3OKPA rjo6Zw//eYyTBlfQfFHIsLYKxJbwh6fDrIG6/Za6898cPhkJ/ugBeJlNEyT/EjpU MvtIgEU9xbG/tjsnQXsgAXJ6s7ZWm1QB5D+wqUIEeAFUn5IkCnXo0wPZJhSTNZhD 4InnWsicYZj/ByuSH179xHyTAx2uYDBbPT4HjUlzIsaopvWOKLvAfzY3r42AiNvZ e79MhKbtOs9kDkrB2LULRzz6WzJDKb11fJccf7UaBerwFvOarMr8hSpOysK0ocHk H0wbrGxjb8iBjczVP4OFh36satQ5l4B1W+QVIxZG9ufVAOe3dhv8HngaHqAVyUgF gWjDYTnL/anoMMew+kbn2sjeKH6m2ZA+u9g+mDyMGSECVVYhkpOpcbPjZlmlNAQN C5BHmHltIg90uicrhzEEPFDBR1JF7JrYO42EwnOWMwjhzRkH2cepVw86lDr+pbrH s3hvoWiFFt7cs5ShCpgZDL20ey1e+9wL6b72Qlo7ls7MK3vfZvLPxJLpTi+bnymD CNt82Mjpu3BrhjCIGp+px9E2JU/7wUwqyUbgWFtyqxCdJOZXA4ZXVtDs5pQFzhug G+Z1HxFmhxck17SD0uHhXJKRD8IRttnO5sBESJaLNB4Ws/KspHVPePNskB/1XSfr pFOqikZsoKOICZnpd/eTnUlciqFygqvB0WuFsJNttQN2dBpJViA= =ZMFZ -----END PGP SIGNATURE----- Merge upstream v0.51 2020-11-15 18:30:19 +00:00			`<div class="col-sm-12">`
web-based administrative UI closes #19 2014-08-17 22:43:57 +00:00			`<input name="email" type="email" class="form-control" id="loginEmail" placeholder="Email">`
			`</div>`
			`</div>`
			`<div class="form-group">`
admin: there is no need to make each panel a separate bootstrap container * also fixes the footer alignment to be within a container rather than a container-fluid * this changed the width of the login form slightly, so am cleaning that up too see #244 2014-10-21 10:56:52 +00:00			`<label for="inputPassword3" class="col-sm-3 control-label">Password</label>`
v0.51 (November 14, 2020) Software updates: * Upgraded Nextcloud from 17.0.6 to 20.0.1 (with Contacts from 3.3.0 to 3.4.1 and Calendar from 2.0.3 to 2.1.2) * Upgraded Roundcube to version 1.4.9. Mail: * The MTA-STA max_age value was increased to the normal one week. Control Panel: * Two-factor authentication can now be enabled for logins to the control panel. However, keep in mind that many online services (including domain name registrars, cloud server providers, and TLS certificate providers) may allow an attacker to take over your account or issue a fraudulent TLS certificate with only access to your email address, and this new two-factor authentication does not protect access to your inbox. It therefore remains very important that user accounts with administrative email addresses have strong passwords. * TLS certificate expiry dates are now shown in ISO8601 format for clarity. -----BEGIN PGP SIGNATURE----- iQFDBAABCgAtFiEEX0wOcxPM10RpOyrquSBB9MEL3YEFAl+v8k4PHGp0QG9jY2Ft cy5pbmZvAAoJELkgQfTBC92BMYUIAJTD1iKzY1SoDNSp8JMPn2sWusOnJNrnvYEV vsrBM4AzwJv3DIZKSkYCitbTQW2FsTcjF6Jl5PCavEmAGe55AIKAPM/52Uq6jqDE aR8EZvI9ca1i7yR7DOHEI043QSPmp/iCFD48vvmKgN/LZy67TaHaOlGJbc3nfpk0 y7ejMpF/6RP6ik4snnRQoWTFShaOpB9WcEVnUO7CHZdWcpSCZ55c9yi6A6ExGk7e 97R5+JN1MgOdZ6rzWZuMWiz7EZ/Ew4jYLZpOwg8qJm0HNbYJ6+/xxsQBwaQzyBw3 TsTl4GmunNPfoNrmKdJeLy0sBwiVBv/rysjWjim5v8jAYBoKoUQ= =2oRU -----END PGP SIGNATURE----- gpgsig -----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEAKK/toPAcMkE+dinLzJ3OKPArjoFAl+xc7sACgkQLzJ3OKPA rjo6Zw//eYyTBlfQfFHIsLYKxJbwh6fDrIG6/Za6898cPhkJ/ugBeJlNEyT/EjpU MvtIgEU9xbG/tjsnQXsgAXJ6s7ZWm1QB5D+wqUIEeAFUn5IkCnXo0wPZJhSTNZhD 4InnWsicYZj/ByuSH179xHyTAx2uYDBbPT4HjUlzIsaopvWOKLvAfzY3r42AiNvZ e79MhKbtOs9kDkrB2LULRzz6WzJDKb11fJccf7UaBerwFvOarMr8hSpOysK0ocHk H0wbrGxjb8iBjczVP4OFh36satQ5l4B1W+QVIxZG9ufVAOe3dhv8HngaHqAVyUgF gWjDYTnL/anoMMew+kbn2sjeKH6m2ZA+u9g+mDyMGSECVVYhkpOpcbPjZlmlNAQN C5BHmHltIg90uicrhzEEPFDBR1JF7JrYO42EwnOWMwjhzRkH2cepVw86lDr+pbrH s3hvoWiFFt7cs5ShCpgZDL20ey1e+9wL6b72Qlo7ls7MK3vfZvLPxJLpTi+bnymD CNt82Mjpu3BrhjCIGp+px9E2JU/7wUwqyUbgWFtyqxCdJOZXA4ZXVtDs5pQFzhug G+Z1HxFmhxck17SD0uHhXJKRD8IRttnO5sBESJaLNB4Ws/KspHVPePNskB/1XSfr pFOqikZsoKOICZnpd/eTnUlciqFygqvB0WuFsJNttQN2dBpJViA= =ZMFZ -----END PGP SIGNATURE----- Merge upstream v0.51 2020-11-15 18:30:19 +00:00			`<div class="col-sm-12">`
web-based administrative UI closes #19 2014-08-17 22:43:57 +00:00			`<input name="password" type="password" class="form-control" id="loginPassword" placeholder="Password">`
			`</div>`
			`</div>`
Reorganize MFA front-end and add label column 2020-09-27 12:31:23 +00:00			`<div class="form-group" id="loginOtp">`
			`<label for="loginOtpInput" class="col-sm-3 control-label">Code</label>`
v0.51 (November 14, 2020) Software updates: * Upgraded Nextcloud from 17.0.6 to 20.0.1 (with Contacts from 3.3.0 to 3.4.1 and Calendar from 2.0.3 to 2.1.2) * Upgraded Roundcube to version 1.4.9. Mail: * The MTA-STA max_age value was increased to the normal one week. Control Panel: * Two-factor authentication can now be enabled for logins to the control panel. However, keep in mind that many online services (including domain name registrars, cloud server providers, and TLS certificate providers) may allow an attacker to take over your account or issue a fraudulent TLS certificate with only access to your email address, and this new two-factor authentication does not protect access to your inbox. It therefore remains very important that user accounts with administrative email addresses have strong passwords. * TLS certificate expiry dates are now shown in ISO8601 format for clarity. -----BEGIN PGP SIGNATURE----- iQFDBAABCgAtFiEEX0wOcxPM10RpOyrquSBB9MEL3YEFAl+v8k4PHGp0QG9jY2Ft cy5pbmZvAAoJELkgQfTBC92BMYUIAJTD1iKzY1SoDNSp8JMPn2sWusOnJNrnvYEV vsrBM4AzwJv3DIZKSkYCitbTQW2FsTcjF6Jl5PCavEmAGe55AIKAPM/52Uq6jqDE aR8EZvI9ca1i7yR7DOHEI043QSPmp/iCFD48vvmKgN/LZy67TaHaOlGJbc3nfpk0 y7ejMpF/6RP6ik4snnRQoWTFShaOpB9WcEVnUO7CHZdWcpSCZ55c9yi6A6ExGk7e 97R5+JN1MgOdZ6rzWZuMWiz7EZ/Ew4jYLZpOwg8qJm0HNbYJ6+/xxsQBwaQzyBw3 TsTl4GmunNPfoNrmKdJeLy0sBwiVBv/rysjWjim5v8jAYBoKoUQ= =2oRU -----END PGP SIGNATURE----- gpgsig -----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEAKK/toPAcMkE+dinLzJ3OKPArjoFAl+xc7sACgkQLzJ3OKPA rjo6Zw//eYyTBlfQfFHIsLYKxJbwh6fDrIG6/Za6898cPhkJ/ugBeJlNEyT/EjpU MvtIgEU9xbG/tjsnQXsgAXJ6s7ZWm1QB5D+wqUIEeAFUn5IkCnXo0wPZJhSTNZhD 4InnWsicYZj/ByuSH179xHyTAx2uYDBbPT4HjUlzIsaopvWOKLvAfzY3r42AiNvZ e79MhKbtOs9kDkrB2LULRzz6WzJDKb11fJccf7UaBerwFvOarMr8hSpOysK0ocHk H0wbrGxjb8iBjczVP4OFh36satQ5l4B1W+QVIxZG9ufVAOe3dhv8HngaHqAVyUgF gWjDYTnL/anoMMew+kbn2sjeKH6m2ZA+u9g+mDyMGSECVVYhkpOpcbPjZlmlNAQN C5BHmHltIg90uicrhzEEPFDBR1JF7JrYO42EwnOWMwjhzRkH2cepVw86lDr+pbrH s3hvoWiFFt7cs5ShCpgZDL20ey1e+9wL6b72Qlo7ls7MK3vfZvLPxJLpTi+bnymD CNt82Mjpu3BrhjCIGp+px9E2JU/7wUwqyUbgWFtyqxCdJOZXA4ZXVtDs5pQFzhug G+Z1HxFmhxck17SD0uHhXJKRD8IRttnO5sBESJaLNB4Ws/KspHVPePNskB/1XSfr pFOqikZsoKOICZnpd/eTnUlciqFygqvB0WuFsJNttQN2dBpJViA= =ZMFZ -----END PGP SIGNATURE----- Merge upstream v0.51 2020-11-15 18:30:19 +00:00			`<div class="col-sm-12">`
Reorganize MFA front-end and add label column 2020-09-27 12:31:23 +00:00			`<input type="text" class="form-control" id="loginOtpInput" placeholder="6-digit code">`
			`<div class="help-block" style="margin-top: 5px; font-size: 90%">Enter the six-digit code generated by your two factor authentication app.</div>`
			`</div>`
			`</div>`
web-based administrative UI closes #19 2014-08-17 22:43:57 +00:00			`<div class="form-group">`
admin: there is no need to make each panel a separate bootstrap container * also fixes the footer alignment to be within a container rather than a container-fluid * this changed the width of the login form slightly, so am cleaning that up too see #244 2014-10-21 10:56:52 +00:00			`<div class="col-sm-offset-3 col-sm-9">`
web-based administrative UI closes #19 2014-08-17 22:43:57 +00:00			`<div class="checkbox">`
			`<label>`
			`<input name='remember' type="checkbox" id="loginRemember"> Remember me`
			`</label>`
			`</div>`
			`</div>`
			`</div>`
			`<div class="form-group">`
admin: there is no need to make each panel a separate bootstrap container * also fixes the footer alignment to be within a container rather than a container-fluid * this changed the width of the login form slightly, so am cleaning that up too see #244 2014-10-21 10:56:52 +00:00			`<div class="col-sm-offset-3 col-sm-9">`
web-based administrative UI closes #19 2014-08-17 22:43:57 +00:00			`<button type="submit" class="btn btn-default">Sign in</button>`
			`</div>`
			`</div>`
			`</form>`
			`</div>`

			`<script>`
			`function do_login() {`
			`if ($('#loginEmail').val() == "") {`
Focus on fields in the login form This just makes life a little easier... Squashed the following commits: * Use $.trim() for better browser support 2015-08-27 20:06:14 +00:00			`show_modal_error("Login Failed", "Enter your email address.", function() {`
Autofocus otp input when logging in, update layout 2020-09-02 18:30:08 +00:00			`$('#loginEmail').focus();`
Focus on fields in the login form This just makes life a little easier... Squashed the following commits: * Use $.trim() for better browser support 2015-08-27 20:06:14 +00:00			`});`
web-based administrative UI closes #19 2014-08-17 22:43:57 +00:00			`return false;`
			`}`
Autofocus otp input when logging in, update layout 2020-09-02 18:30:08 +00:00
web-based administrative UI closes #19 2014-08-17 22:43:57 +00:00			`if ($('#loginPassword').val() == "") {`
Focus on fields in the login form This just makes life a little easier... Squashed the following commits: * Use $.trim() for better browser support 2015-08-27 20:06:14 +00:00			`show_modal_error("Login Failed", "Enter your email password.", function() {`
			`$('#loginPassword').focus();`
			`});`
web-based administrative UI closes #19 2014-08-17 22:43:57 +00:00			`return false;`
			`}`

			`// Exchange the email address & password for an API key.`
			`api_credentials = [$('#loginEmail').val(), $('#loginPassword').val()]`

			`api(`
			`"/me",`
			`"GET",`
implement two factor check during login 2020-09-02 15:23:32 +00:00			`{},`
			`function(response) {`
web-based administrative UI closes #19 2014-08-17 22:43:57 +00:00			`// This API call always succeeds. It returns a JSON object indicating`
			`// whether the request was authenticated or not.`
implement two factor check during login 2020-09-02 15:23:32 +00:00			`if (response.status != 'ok') {`
Reorganize MFA front-end and add label column 2020-09-27 12:31:23 +00:00			`if (response.status === 'missing-totp-token' \|\| (response.status === 'invalid' && response.reason == 'invalid-totp-token')) {`
Autofocus otp input when logging in, update layout 2020-09-02 18:30:08 +00:00			`$('#loginForm').addClass('is-twofactor');`
Reorganize MFA front-end and add label column 2020-09-27 12:31:23 +00:00			`if (response.reason === "invalid-totp-token") {`
			`show_modal_error("Login Failed", "Incorrect two factor authentication token.");`
			`} else {`
			`setTimeout(() => {`
			`$('#loginOtpInput').focus();`
			`});`
			`}`
implement two factor check during login 2020-09-02 15:23:32 +00:00			`} else {`
Autofocus otp input when logging in, update layout 2020-09-02 18:30:08 +00:00			`$('#loginForm').removeClass('is-twofactor');`
Reorganize MFA front-end and add label column 2020-09-27 12:31:23 +00:00
implement two factor check during login 2020-09-02 15:23:32 +00:00			`// Show why the login failed.`
			`show_modal_error("Login Failed", response.reason)`

			`// Reset any saved credentials.`
			`do_logout();`
			`}`
split management daemon authorization from authentication and use 'doveadm pw' rather than 'doveadm auth test' so that it is decoupled from dovecot's login mechanism This was done to pave the way for two-factor authentication, but that's still a ways off. 2014-11-30 15:43:07 +00:00			`} else if (!("api_key" in response)) {`
			`// Login succeeded but user might not be authorized!`
			`show_modal_error("Login Failed", "You are not an administrator on this system.")`

			`// Reset any saved credentials.`
			`do_logout();`

web-based administrative UI closes #19 2014-08-17 22:43:57 +00:00			`} else {`
			`// Login succeeded.`

			`// Save the new credentials.`
/admin login now issues a user-specific key for future calls (rather than providing the system-wide API key or passing the password on each request) 2014-12-01 19:20:46 +00:00			`api_credentials = [response.email, response.api_key];`
web-based administrative UI closes #19 2014-08-17 22:43:57 +00:00
			`// Try to wipe the username/password information.`
			`$('#loginEmail').val('');`
			`$('#loginPassword').val('');`
implement two factor check during login 2020-09-02 15:23:32 +00:00			`$('#loginOtpInput').val('');`
Autofocus otp input when logging in, update layout 2020-09-02 18:30:08 +00:00			`$('#loginForm').removeClass('is-twofactor');`
web-based administrative UI closes #19 2014-08-17 22:43:57 +00:00
			`// Remember the credentials.`
			`if (typeof localStorage != 'undefined' && typeof sessionStorage != 'undefined') {`
			`if ($('#loginRemember').val()) {`
			`localStorage.setItem("miab-cp-credentials", api_credentials.join(":"));`
			`sessionStorage.removeItem("miab-cp-credentials");`
			`} else {`
			`localStorage.removeItem("miab-cp-credentials");`
			`sessionStorage.setItem("miab-cp-credentials", api_credentials.join(":"));`
			`}`
			`}`

delay an ajax call to see if this fixes the problem of the loading indicator not going away after showing the user a panel after login 2014-10-11 16:41:42 +00:00			`// Open the next panel the user wants to go to. Do this after the XHR response`
			`// is over so that we don't start a new XHR request while this one is finishing,`
			`// which confuses the loading indicator.`
When previous panel was login, move to system_status 2016-02-20 17:42:28 +00:00			`setTimeout(function() { show_panel(!switch_back_to_panel \|\| switch_back_to_panel == "login" ? 'system_status' : switch_back_to_panel) }, 300);`
web-based administrative UI closes #19 2014-08-17 22:43:57 +00:00			`}`
implement two factor check during login 2020-09-02 15:23:32 +00:00			`},`
			`undefined,`
			`{`
			`'x-auth-token': $('#loginOtpInput').val()`
			`});`
web-based administrative UI closes #19 2014-08-17 22:43:57 +00:00			`}`

Focus on fields in the login form This just makes life a little easier... Squashed the following commits: * Use $.trim() for better browser support 2015-08-27 20:06:14 +00:00			`function show_login() {`
Autofocus otp input when logging in, update layout 2020-09-02 18:30:08 +00:00			`$('#loginForm').removeClass('is-twofactor');`
implement two factor check during login 2020-09-02 15:23:32 +00:00			`$('#loginOtpInput').val('');`
Focus on fields in the login form This just makes life a little easier... Squashed the following commits: * Use $.trim() for better browser support 2015-08-27 20:06:14 +00:00			`$('#loginEmail,#loginPassword').each(function() {`
			`var input = $(this);`
			`if (!$.trim(input.val())) {`
			`input.focus();`
			`return false;`
			`}`
			`});`
			`}`
web-based administrative UI closes #19 2014-08-17 22:43:57 +00:00			`</script>`