diff options
| author |  tobi <31960611+tsmethurst@users.noreply.github.com> | 2025-04-07 16:14:41 +0200 |
|---|---|---|
| committer |  GitHub <noreply@github.com> | 2025-04-07 16:14:41 +0200 |
| commit | 365b5753419238bb96bc3f9b744d380ff20cbafc (patch) | |
| tree | 6b8e8b605c4cddeb6e3bc0f574ffbc856657e56c /web/template | |
| parent | [bugfix] Don't assume `"manuallyApprovesFollowers": true` if not set (#3978) (diff) | |
| download | gotosocial-365b5753419238bb96bc3f9b744d380ff20cbafc.tar.xz | |
[feature] add TOTP two-factor authentication (2FA) (#3960)
* [feature] add TOTP two-factor authentication (2FA)
* use byteutil.S2B to avoid allocations when comparing + generating password hashes
* don't bother with string conversion for consts
* use io.ReadFull
* use MustGenerateSecret for backup codes
* rename util functions
Diffstat (limited to 'web/template')
| -rw-r--r-- | web/template/2fa.tmpl | 46 |
1 files changed, 46 insertions, 0 deletions
diff --git a/web/template/2fa.tmpl b/web/template/2fa.tmpl new file mode 100644 index 000000000..d5442c773 --- /dev/null +++ b/web/template/2fa.tmpl @@ -0,0 +1,46 @@ +{{- /* +// GoToSocial +// Copyright (C) GoToSocial Authors admin@gotosocial.org +// SPDX-License-Identifier: AGPL-3.0-or-later +// +// This program is free software: you can redistribute it and/or modify +// it under the terms of the GNU Affero General Public License as published by +// the Free Software Foundation, either version 3 of the License, or +// (at your option) any later version. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU Affero General Public License for more details. +// +// You should have received a copy of the GNU Affero General Public License +// along with this program. If not, see <http://www.gnu.org/licenses/>. +*/ -}} + +{{- with . }} +<main> + <section class="with-form" aria-labelledby="two-factor"> + <h2 id="two-factor">2FA Code Required</h2> + <form action="/auth/2fa" method="POST"> + <p>Hi <b>{{- .user -}}</b>!</p> + <p> + You have enabled two-factor authentication for your account. + To continue signing in, please enter a code from your authenticator app. + </p> + <p> + If you have lost access to your authenticator app, you can enter one of your backup/recovery + codes into the form instead to bypass 2FA. Once you have used a code, it cannot be used again. + </p> + <div class="labelinput"> + <label for="code">Code</label> + <input + name="code" + required + placeholder="Please enter a code from your authenticator app, or a one-time backup/recovery code" + > + </div> + <button type="submit" class="btn btn-success">Submit</button> + </form> + </section> +</main> +{{- end }}
\ No newline at end of file |