X-Git-Url: http://git.pjr.cc/?a=blobdiff_plain;f=authserver%2Fwww%2Fadmin.php;h=7f2c8a39f3efe3a38a5242b674efc8e41d9e1cd2;hb=c3c37cd9f486175adf0351de80c19efd02892ca6;hp=b35a2270771e46b07f6aa79856423daf78654d73;hpb=d4590a3f34021216c9da29786922fddaf804d113;p=ga4php.git

diff --git a/authserver/www/admin.php b/authserver/www/admin.php
index b35a227..7f2c8a3 100644
--- a/authserver/www/admin.php
+++ b/authserver/www/admin.php
@@ -35,7 +35,10 @@ On this page, you create users and manage their tokens and passwords. A few note
 <li> Passwords are *ONLY* for this page, if you assign a password to a user they can login here
 and edit anyone, including you
 <li> OTK/One-Time-Keys are the QRcode for provisioning a GA token, it can only be viewed once
-and once viewed is deleted. If you need a new one, you need to delete the user and re-create.
+and once viewed is deleted. If you need a new one, you need to re-create a key.
+<li> TOTP tokens are time based tokens that change every 30 seconds, HOTP tokens are event tokens
+that change everytime they are used or generated
+<li> In the OTK, the "Get (User URL)" link is a link you can send to a user to retrieve their key
 	<?php 
 } 
 
@@ -53,9 +56,25 @@ if(isset($_REQUEST["edituser"])) {
 </table>
 <input type="submit" value="Update">
 </form>
+<?php
+if($myAC->getUserTokenType($username)=="HOTP") {
+?> 
+<form method="post" action="?action=synctoken&username=<?php echo $username?>">
+<h3>Resync Tokens</h3>
+<table>
+<tr><td>Token One</td><td><input type="text" name="tokenone"></td></tr>
+<tr><td>Token Two</td><td><input type="text" name="tokentwo"></td></tr>
+</table>
+<input type="submit" value="Sync">
+</form>
+<?php
+}
+?> 
+
 <form method="post" action="?action=customtoken&username=<?php echo $username ?>">
-<h3>Custom Tokens - doesnt work yet</h3><br>
-For assiging in a user-created or hardware tokens<br>
+<h3>Custom Tokens</h3><br>
+For assiging in a user-created or hardware tokens.<br>
+If you assign a token this way, any previous token is removed and forever gone.<br>
 Token Key (hex) <input type="text" name="tokenkey"><br>
 Token Type 
 <select name="tokentype">
@@ -81,12 +100,16 @@ foreach($users as $user) {
 	if($user["haspass"]) $haspass = "Yes <a href=\"?action=deletepass&username=$username\">Delete Password</a>";
 	else $haspass = "No";
 	
-	if($user["hastoken"]) $hastoken = "Yes <a href=\"?action=recreatehotptoken&username=$username\">Re-Create (hotp)</a> <a href=\"?action=recreatetotptoken&username=$username\">Re-Create (totp)</a> <a href=\"?action=deletetoken&username=$username\">Delete</a>";
-	else $hastoken = "No <a href=\"?action=recreatehotptoken&username=$username\">Create (hotp)</a> <a href=\"?action=recreatetotptoken&username=$username\">Create (totp)</a>";
-	
-	if($user["otk"]!="") $otk = "<a href=\"?action=getotk&username=$username&otk=".$user["otk"]."\">Get</a>";
+	if($user["otk"]=="deleted") $otk = "OTK Was Not Picked Up";
+	else if($user["otk"]!="") $otk = "<a href=\"?action=getotk&username=$username&otk=".$user["otk"]."\">Get (admin)</a> <a href=\"index.php?gettoken&username=$username&otkid=".$user["otk"]."\">Get (User URL)</a>";
 	else $otk = "Already Claimed";
 	
+	if($user["hastoken"]) $hastoken = "Yes <a href=\"?action=recreatehotptoken&username=$username\">Re-Create (HOTP)</a> <a href=\"?action=recreatetotptoken&username=$username\">Re-Create (TOTP)</a> <a href=\"?action=deletetoken&username=$username\">Delete</a>";
+	else {
+		$hastoken = "No <a href=\"?action=recreatehotptoken&username=$username\">Create (HOTP)</a> <a href=\"?action=recreatetotptoken&username=$username\">Create (TOTP)</a>";
+		if($user["otk"]!="deleted")$otk = "No Token Exists";
+	}
+	
 	$delete = "<a href=\"?action=delete&username=$username\">Delete</a>";
 	
 	echo "<tr>";
@@ -95,7 +118,7 @@ foreach($users as $user) {
 }
 ?>
 </table><br>
-<form method="post" action="?action=createuser">Create User(s) - Enter a comma seperated list of names: <input type="text" name="username" size="120"> <input type="submit" value="Create"></form>
+<form method="post" action="?action=createuser">Create User(s) - Enter a comma seperated list of usernames: <input type="text" name="username" size="120"> <input type="submit" value="Create"></form>
 
 <?php