<% local data = {} if _SESSION["admin"] ~= nil then local secretcode = _POST["secretcode"] or nil local digitalcode = _POST["digitalcode"] or nil c_Output(secretcode) c_Output(digitalcode) if _SESSION["logined"] ~= nil then rawset(data,"code","0") print(json.encode(data)) else if secretcode ~= nil and digitalcode~= nil then local enableTwoFactor, twoFactorCode = c_GetAdminSecretCode(_SESSION["admin"]) if secretcode == "" then if enableTwoFactor ~= nil and enableTwoFactor == true then if twoFactorCode ~= nil and twoFactorCode ~= "" and c_TotpCode(twoFactorCode) == digitalcode and _SESSION["logintime"] ~= nil and (os.time() - tonumber(_SESSION["logintime"])) >= 2 then rawset(_SESSION,"logined","true") SessionModule.save(_SESSION_ID) c_AddAdminLog("administrator '".._SESSION["admin"].."' logged in ok! (IP:".._REMOTE_IP..")",ADMIN_LOG_OK) rawset(data,"code","0") print(json.encode(data)) else rawset(data,"code","-1") print(json.encode(data)) end else rawset(data,"code","0") print(json.encode(data)) end else if enableTwoFactor ~= nil and enableTwoFactor == true and twoFactorCode ~= nil and twoFactorCode == "" then local totp_randomkey = _SESSION["totp_randomkey"] or secretcode if c_TotpCode(totp_randomkey) == digitalcode and _SESSION["logintime"] ~= nil and string.len(totp_randomkey) == 16 and (os.time() - tonumber(_SESSION["logintime"])) >= 2 then c_ChangeAdminSecretCode(_SESSION["admin"], totp_randomkey) rawset(_SESSION,"logined","true") rawset(_SESSION,"totp_randomkey","") SessionModule.save(_SESSION_ID) c_AddAdminLog("administrator '".._SESSION["admin"].."' logged in ok! (IP:".._REMOTE_IP..")",ADMIN_LOG_OK) c_AddAdminLog("administrator '".._SESSION["admin"].."' updated the TOTP secret code.",ADMIN_LOG_OK) rawset(data,"code","0") print(json.encode(data)) else rawset(data,"code","-2") print(json.encode(data)) end end end end end else rawset(data,"code","-3") print(json.encode(data)) end %>