mirror of
				https://github.com/mail-in-a-box/mailinabox.git
				synced 2025-10-24 17:50:54 +00:00 
			
		
		
		
	thanks @downtownallday * this invalidates all user_keys after TOTP status is changed for user * after changing TOTP state, a login is required * due to the forced login, we can't and don't need to store the code used for setup in `mru_code`
		
			
				
	
	
		
			181 lines
		
	
	
		
			5.4 KiB
		
	
	
	
		
			HTML
		
	
	
	
	
	
			
		
		
	
	
			181 lines
		
	
	
		
			5.4 KiB
		
	
	
	
		
			HTML
		
	
	
	
	
	
| <style>
 | |
|   .title {
 | |
|     margin: 1em;
 | |
|     text-align: center;
 | |
|   }
 | |
| 
 | |
|   .subtitle {
 | |
|     margin: 2em;
 | |
|     text-align: center;
 | |
|   }
 | |
| 
 | |
|   .login {
 | |
|     margin: 0 auto;
 | |
|     max-width: 32em;
 | |
|   }
 | |
| 
 | |
|   .login #loginOtp {
 | |
|     display: none;
 | |
|   }
 | |
| 
 | |
|   #loginForm.is-twofactor #loginOtp {
 | |
|     display: block
 | |
|   }
 | |
| </style>
 | |
| 
 | |
| <h1 class="title">{{hostname}}</h1>
 | |
| 
 | |
| {% if no_users_exist or no_admins_exist %}
 | |
| <div class="row">
 | |
| <div class="col-md-offset-2 col-md-8">
 | |
|   {% if no_users_exist %}
 | |
|   <p class="text-danger">There are no users on this system! To make an administrative user,
 | |
|   log into this machine using SSH (like when you first set it up) and run:</p>
 | |
|   <pre>cd mailinabox
 | |
| sudo tools/mail.py user add me@{{hostname}}
 | |
| sudo tools/mail.py user make-admin me@{{hostname}}</pre>
 | |
|   {% else %}
 | |
|   <p class="text-danger">There are no administrative users on this system! To make an administrative user,
 | |
|   log into this machine using SSH (like when you first set it up) and run:</p>
 | |
|   <pre>cd mailinabox
 | |
| sudo tools/mail.py user make-admin me@{{hostname}}</pre>
 | |
|   {% endif %}
 | |
|   <hr>
 | |
| </div>
 | |
| </div>
 | |
| {% endif %}
 | |
| 
 | |
| <p class="subtitle">Log in here for your Mail-in-a-Box control panel.</p>
 | |
| 
 | |
| <div class="login">
 | |
|   <form id="loginForm" class="form-horizontal" role="form" onsubmit="do_login(); return false;" method="get">
 | |
|     <div class="form-group">
 | |
|       <label for="inputEmail3" class="col-sm-3 control-label">Email</label>
 | |
|       <div class="col-sm-9">
 | |
|         <input name="email" type="email" class="form-control" id="loginEmail" placeholder="Email">
 | |
|       </div>
 | |
|     </div>
 | |
|     <div class="form-group">
 | |
|       <label for="inputPassword3" class="col-sm-3 control-label">Password</label>
 | |
|       <div class="col-sm-9">
 | |
|         <input name="password" type="password" class="form-control" id="loginPassword" placeholder="Password">
 | |
|       </div>
 | |
|     </div>
 | |
|     <div class="form-group">
 | |
|       <div class="col-sm-offset-3 col-sm-9">
 | |
|         <div class="checkbox">
 | |
|           <label>
 | |
|             <input name='remember' type="checkbox" id="loginRemember"> Remember me
 | |
|           </label>
 | |
|         </div>
 | |
|       </div>
 | |
|     </div>
 | |
|     <div class="form-group" id="loginOtp">
 | |
|         <div class="col-sm-offset-3 col-sm-9">
 | |
|           <label for="loginOtpInput" class="control-label">Two-Factor Code</label>
 | |
|           <input type="text" class="form-control" id="loginOtpInput" placeholder="6-digit code">
 | |
|         </div>
 | |
|     </div>
 | |
|     <div class="form-group">
 | |
|       <div class="col-sm-offset-3 col-sm-9">
 | |
|         <button type="submit" class="btn btn-default">Sign in</button>
 | |
|       </div>
 | |
|     </div>
 | |
|   </form>
 | |
| </div>
 | |
| 
 | |
| <script>
 | |
| function do_login() {
 | |
|   if ($('#loginEmail').val() == "") {
 | |
|     show_modal_error("Login Failed", "Enter your email address.", function() {
 | |
|       $('#loginEmail').focus();
 | |
|     });
 | |
|     return false;
 | |
|   }
 | |
| 
 | |
|   if ($('#loginPassword').val() == "") {
 | |
|     show_modal_error("Login Failed", "Enter your email password.", function() {
 | |
|         $('#loginPassword').focus();
 | |
|     });
 | |
|     return false;
 | |
|   }
 | |
| 
 | |
|   // Exchange the email address & password for an API key.
 | |
|   api_credentials = [$('#loginEmail').val(), $('#loginPassword').val()]
 | |
| 
 | |
|   api(
 | |
|   "/me",
 | |
|   "GET",
 | |
|   {},
 | |
|   function(response) {
 | |
|     // This API call always succeeds. It returns a JSON object indicating
 | |
|     // whether the request was authenticated or not.
 | |
|     if (response.status != 'ok') {
 | |
|       if (response.status === 'missing_token' && !$('#loginForm').hasClass('is-twofactor')) {
 | |
|         $('#loginForm').addClass('is-twofactor');
 | |
|         setTimeout(() => {
 | |
|             $('#loginOtpInput').focus();
 | |
|         });
 | |
|       } else {
 | |
|         $('#loginForm').removeClass('is-twofactor');
 | |
|         // Show why the login failed.
 | |
|         show_modal_error("Login Failed", response.reason)
 | |
| 
 | |
|         // Reset any saved credentials.
 | |
|         do_logout();
 | |
|       }
 | |
|     } else if (!("api_key" in response)) {
 | |
|       // Login succeeded but user might not be authorized!
 | |
|       show_modal_error("Login Failed", "You are not an administrator on this system.")
 | |
| 
 | |
|       // Reset any saved credentials.
 | |
|       do_logout();
 | |
| 
 | |
|     } else {
 | |
|       // Login succeeded.
 | |
| 
 | |
|       // Save the new credentials.
 | |
|       api_credentials = [response.email, response.api_key];
 | |
| 
 | |
|       // Try to wipe the username/password information.
 | |
|       $('#loginEmail').val('');
 | |
|       $('#loginPassword').val('');
 | |
|       $('#loginOtpInput').val('');
 | |
|       $('#loginForm').removeClass('is-twofactor');
 | |
| 
 | |
|       // Remember the credentials.
 | |
|       if (typeof localStorage != 'undefined' && typeof sessionStorage != 'undefined') {
 | |
|         if ($('#loginRemember').val()) {
 | |
|           localStorage.setItem("miab-cp-credentials", api_credentials.join(":"));
 | |
|           sessionStorage.removeItem("miab-cp-credentials");
 | |
|         } else {
 | |
|           localStorage.removeItem("miab-cp-credentials");
 | |
|           sessionStorage.setItem("miab-cp-credentials", api_credentials.join(":"));
 | |
|         }
 | |
|       }
 | |
| 
 | |
|       // Open the next panel the user wants to go to. Do this after the XHR response
 | |
|       // is over so that we don't start a new XHR request while this one is finishing,
 | |
|       // which confuses the loading indicator.
 | |
|       setTimeout(function() { show_panel(!switch_back_to_panel || switch_back_to_panel == "login" ? 'system_status' : switch_back_to_panel) }, 300);
 | |
|     }
 | |
|   },
 | |
|   undefined,
 | |
|   {
 | |
|     'x-auth-token': $('#loginOtpInput').val()
 | |
|   });
 | |
| }
 | |
| 
 | |
| function show_login() {
 | |
|   $('#loginForm').removeClass('is-twofactor');
 | |
|   $('#loginOtpInput').val('');
 | |
|   $('#loginEmail,#loginPassword').each(function() {
 | |
|     var input = $(this);
 | |
|     if (!$.trim(input.val())) {
 | |
|       input.focus();
 | |
|       return false;
 | |
|     }
 | |
|   });
 | |
| }
 | |
| </script>
 |