4 * Multi-Factor Authentication Management
7 * @link http://www.open-emr.org
8 * @author Rod Roark <rod@sunsetsystems.com>
9 * @author Brady Miller <brady.g.miller@gmail.com>
10 * @copyright Copyright (c) 2018 Rod Roark <rod@sunsetsystems.com>
11 * @copyright Copyright (c) 2018-2019 Brady Miller <brady.g.miller@gmail.com>
12 * @license https://github.com/openemr/openemr/blob/master/LICENSE CNU General Public License 3
15 require_once("../globals.php");
16 require_once("$srcdir/options.inc.php");
18 use OpenEMR\Common\Csrf\CsrfUtils
;
19 use OpenEMR\Core\Header
;
20 use OpenEMR\OeUI\OemrUI
;
22 function writeRow($method, $name, $allowEdit = false)
24 echo " <tr><td> ";
26 echo '<i class="fa fa-exclamation-circle oe-text-orange" aria-hidden="true"></i>' . ' ' . text($method);
30 echo " </td><td> ";
32 echo " </td><td>";
34 echo "<button type='button' class='btn btn-secondary btn-search' onclick='editclick(" . attr_js($method) . ")'>" . xlt('View') . "</button>  ";
37 echo "<button type='button' class='btn btn-secondary btn-delete' onclick='delclick(" . attr_js($method) . ", " .
38 attr_js($name) . ")'>" . xlt('Delete') . "</button>";
43 $userid = $_SESSION['authUserID'];
44 $user_name = getUserIDInfo($userid);
45 $user_full_name = $user_name['fname'] . " " . $user_name['lname'];
47 if (!empty($_POST['form_delete_method'])) {
48 if (!CsrfUtils
::verifyCsrfToken($_POST["csrf_token_form"])) {
49 CsrfUtils
::csrfNotVerified();
51 // Delete the indicated MFA instance.
53 "DELETE FROM login_mfa_registrations WHERE user_id = ? AND method = ? AND name = ?",
54 array($userid, $_POST['form_delete_method'], $_POST['form_delete_name'])
56 $message = xl('Delete successful.');
62 <?php Header
::setupHeader(); ?
>
64 <title
><?php
echo xlt('Manage Multi Factor Authentication'); ?
></title
>
67 function delclick(mfamethod
, mfaname
) {
68 var f
= document
.forms
[0];
69 f
.form_delete_method
.value
= mfamethod
;
70 f
.form_delete_name
.value
= mfaname
;
75 function editclick(method
) {
77 if (method
== 'TOTP') {
78 window
.location
.href
= 'mfa_totp.php?action=reg1';
81 alert(<?php
echo xlj('Not yet implemented.'); ?
>);
85 function addclick(sel
) {
88 if (sel
.value
== 'U2F') {
89 window
.location
.href
= 'mfa_u2f.php?action=reg1';
90 } else if (sel
.value
== 'TOTP') {
91 window
.location
.href
= 'mfa_totp.php?action=reg1';
94 alert(<?php
echo xlj('Not yet implemented.'); ?
>);
97 sel
.selectedIndex
= 0;
102 $arrOeUiSettings = array(
103 'heading_title' => xl('Manage Multi Factor Authentication'),
104 'include_patient_name' => false,
105 'expandable' => false,
106 'expandable_files' => array(),//all file names need suffix _xpd
107 'action' => "",//conceal, reveal, search, reset, link or back
108 'action_title' => "",
109 'action_href' => "",//only for actions - reset, link or back
110 'show_help_icon' => true,
111 'help_file_name' => "mfa_help.php"
113 $oemr_ui = new OemrUI($arrOeUiSettings);
116 <body
class="body_top">
117 <div id
="container_div" class="<?php echo $oemr_ui->oeContainer();?>">
119 <div
class="col-sm-12">
120 <?php
echo $oemr_ui->pageHeading() . "\r\n"; ?
>
124 <div
class="col-sm-12">
127 <div id
="display_msg" class="alert alert-danger" style
="font-size:100%; font-weight:700"><?php
echo text($message); ?
></div
>
134 <div
class="col-sm-12">
135 <form method
='post' action
='mfa_registrations.php' onsubmit
='return top.restoreSession()'>
136 <input type
="hidden" name
="csrf_token_form" value
="<?php echo attr(CsrfUtils::collectCsrfToken()); ?>" />
139 <legend
><?php
echo xlt('Current Authentication Method for') . " " . text($user_full_name); ?
></legend
>
140 <table
class='table'>
142 <th align
='left'> 
;<?php
echo xlt('Method'); ?
> 
;</th
>
143 <th align
='left'> 
;<?php
echo xlt('Key Name'); ?
> 
;</th
>
144 <th align
='left'> 
;<?php
echo xlt('Action'); ?
> 
;</th
>
147 $res = sqlStatement("SELECT name, method FROM login_mfa_registrations WHERE " .
148 "user_id = ? ORDER BY method, name", array($userid));
149 $disableNewTotp = false;
150 if (sqlNumRows($res)) {
151 while ($row = sqlFetchArray($res)) {
152 if ($row['method'] == "TOTP") {
153 $disableNewTotp = true;
154 writeRow($row['method'], $row['name'], true);
156 writeRow($row['method'], $row['name']);
160 writeRow(xl("No method enabled"), '');
168 <legend
><?php
echo xlt('Select/Add New Authentication Method for') . " " . text($user_full_name); ?
></legend
>
169 <div
class='col-sm-4 offset-sm-4'>
170 <select name
='form_add' onchange
='addclick(this)'class='col-sm-12'>
171 <option value
=''><?php
echo xlt('Add New...'); ?
></option
>
172 <option value
='U2F'><?php
echo xlt('U2F USB Device'); ?
></option
>
174 <?php
echo ($disableNewTotp) ?
'title="' . xla('Only one TOTP Key can be set up per user') . '"' : ''; ?
>
175 <?php
echo ($disableNewTotp) ?
'disabled' : ''; ?
>>
176 <?php
echo xlt('TOTP Key'); ?
>
180 <input type
='hidden' name
='form_delete_method' value
='' />
181 <input type
='hidden' name
='form_delete_name' value
='' />
188 </div
><!--end of container div
-->
189 <?php
$oemr_ui->oeBelowContainerDiv();?
>