<%
include("language.html")
local mainpage = "main.html"
local loginpage = "admin_login.html"
if _SESSION["admin"] ~= nil then
local secretcode = _POST["secretcode"] or nil
local digitalcode = _POST["digitalcode"] or nil
if _SESSION["logined"] ~= nil then
print("")
else
if secretcode ~= nil and digitalcode~= nil then
local enableTwoFactor, twoFactorCode = c_GetAdminSecretCode(_SESSION["admin"])
if secretcode == "" then
if enableTwoFactor ~= nil and enableTwoFactor == true then
if twoFactorCode ~= nil and twoFactorCode ~= "" and c_TotpCode(twoFactorCode) == digitalcode and _SESSION["logintime"] ~= nil and (os.time() - tonumber(_SESSION["logintime"])) >= 2 then
rawset(_SESSION,"logined","true")
SessionModule.save(_SESSION_ID)
c_AddAdminLog("administrator '".._SESSION["admin"].."' logged in ok! (IP:".._REMOTE_IP..")",ADMIN_LOG_OK)
print("")
else
print("")
end
else
print("")
end
else
if enableTwoFactor ~= nil and enableTwoFactor == true and twoFactorCode ~= nil and twoFactorCode == "" then
local totp_randomkey = _SESSION["totp_randomkey"] or secretcode
if c_TotpCode(totp_randomkey) == digitalcode and _SESSION["logintime"] ~= nil and string.len(totp_randomkey) == 16 and (os.time() - tonumber(_SESSION["logintime"])) >= 2 then
c_ChangeAdminSecretCode(_SESSION["admin"], totp_randomkey)
rawset(_SESSION,"logined","true")
rawset(_SESSION,"totp_randomkey","")
SessionModule.save(_SESSION_ID)
c_AddAdminLog("administrator '".._SESSION["admin"].."' logged in ok! (IP:".._REMOTE_IP..")",ADMIN_LOG_OK)
c_AddAdminLog("administrator '".._SESSION["admin"].."' updated the TOTP secret code.",ADMIN_LOG_OK)
print("")
else
print("")
end
end
end
end
end
else
print("")
end
%>