diff options
Diffstat (limited to 'classes')
-rw-r--r-- | classes/pref/prefs.php | 10 | ||||
-rw-r--r-- | classes/userhelper.php | 2 |
2 files changed, 8 insertions, 4 deletions
diff --git a/classes/pref/prefs.php b/classes/pref/prefs.php index 512e31453..1eaa99345 100644 --- a/classes/pref/prefs.php +++ b/classes/pref/prefs.php @@ -469,8 +469,8 @@ class Pref_Prefs extends Handler_Protected { <?= \Controls\hidden_tag("method", "otpenable") ?> <fieldset> - <label><?= __("OTP Key:") ?></label> - <input dojoType='dijit.form.ValidationTextBox' disabled='disabled' value="<?= $otp_secret ?>" style='width : 215px'> + <label><?= __("OTP secret:") ?></label> + <code><?= $this->format_otp_secret($otp_secret) ?></code> </fieldset> <!-- TODO: return JSON from the backend call --> @@ -496,7 +496,7 @@ class Pref_Prefs extends Handler_Protected { </fieldset> <fieldset> - <label><?= __("One time password:") ?></label> + <label><?= __("Verification code:") ?></label> <input dojoType='dijit.form.ValidationTextBox' autocomplete='off' required='1' name='otp'> </fieldset> @@ -1518,4 +1518,8 @@ class Pref_Prefs extends Handler_Protected { } return ""; } + + private function format_otp_secret($secret) { + return implode(" ", str_split($secret, 4)); + } } diff --git a/classes/userhelper.php b/classes/userhelper.php index ce26e6c71..0bf67243e 100644 --- a/classes/userhelper.php +++ b/classes/userhelper.php @@ -299,7 +299,7 @@ class UserHelper { if ($user->otp_enabled) { $user->otp_secret = $salt_based_secret; } else { - $user->otp_secret = bin2hex(get_random_bytes(6)); + $user->otp_secret = bin2hex(get_random_bytes(10)); } $user->save(); |