2022-05-04 23:09:46 +00:00
{% extends "settings.html" %}
2022-11-21 08:52:22 +00:00
{% block pagetitle %}Security Settings{% endblock %}
2022-05-04 23:09:46 +00:00
{% block content %}
2023-10-29 12:51:00 +00:00
< script defer src = "{{'js/settings_security.js' | asset}}" > < / script >
< div class = "row settings-page" id = "settings-page-security" >
< div class = "col col-lg-8" >
< div class = "settings" >
< section id = "site-settings-email-section" class = "settings-section-section" >
< h5 > Email< / h5 >
< div class = "settings-section rounded" >
< form action = "/settings/security" method = "post" >
< input hidden name = "formkey" value = "{{v|formkey}}" >
< input hidden name = "now" value = "{{now}}" >
< div class = "body" >
< div class = "d-lg-flex" >
< label for = "new-email" class = "w-lg-25" > Email< / label >
< div class = "w-lg-100" >
< input autocomplete = "off" class = "form-control" id = "new_email" { % if v . email % } placeholder = "{{v.email}}" { % else % } placeholder = "Your email" { % endif % } type = "email" name = "new_email" required >
{% if v.email and not v.email_verified %}
< div class = "text-danger mt-1" id = "email-verify-text" > Email not verified. You will not be able to recover your account with this email until you verify it. < u > < button type = "button" data-nonce = "{{g.nonce}}" data-onclick = "postToastSwitch(this,'/verify_email');emailVerifyText()" class = "text-primary font-weight-bold ml-1" > Verify now.< / button > < / u > < / div >
{% elif not v.email %}
< div class = "text-danger mt-1" id = "email-verify-text" > Add an email to secure your account in case you forget your password.< / div >
{% endif %}
< / div >
< / div >
< div class = "d-lg-flex mt-3" >
< label for = "email-password" class = "w-lg-25 d-none" id = "email-password-label" > Password< / label >
< div class = "w-lg-100" >
< input autocomplete = "off" type = "password" class = "form-control mb-2 d-none" id = "email-password" name = "password" required >
< small id = "emailpasswordRequired" class = "form-text font-weight-bold text-danger d-none mt-1" > Password required to update your email.< / small >
< / div >
< / div >
< small id = "emailpasswordRequired" class = "form-text font-weight-bold text-danger d-none mt-1" > Password required to update your email.< / small >
< / div >
< div class = "footer" >
< div class = "d-flex" >
{% if FEATURES['MARSEYBUX'] %}
< button type = "button" class = "btn btn-success" data-nonce = "{{g.nonce}}" data-onclick = "postToastSwitch(this,'/settings/claim_rewards')" > Claim {{patron}} Rewards< / button >
{% endif %}
{% if v.email %}
< input autocomplete = "off" class = "btn btn-primary ml-auto" type = "submit" value = "Update email" >
{% else %}
< input autocomplete = "off" class = "btn btn-primary ml-auto" type = "submit" value = "Add email" >
2022-11-06 06:35:49 +00:00
{% endif %}
< / div >
2023-10-29 12:51:00 +00:00
{% if v.truescore >= TRUESCORE_MINIMUM and DONATE_LINK != DEFAULT_CONFIG_VALUE %}
< div class = "text-small text-muted pl-1 pt-1 pt-sm-3" >
Must be same email as the one you used to donate on < a rel = "nofollow noopener" class = "text-primary no-visited" href = "{{DONATE_LINK}}" > {{DONATE_SERVICE}}< / a >
< / div >
{% endif %}
2022-11-06 06:35:49 +00:00
< / div >
2023-10-29 12:51:00 +00:00
< / form >
< / div >
< / section >
< section id = "site-settings-password-section" class = "settings-section-section" >
< h5 > Password< / h5 >
< div class = "settings-section rounded" >
< form action = "/settings/security" method = "post" data-nonce = "{{g.nonce}}" data-onsubmit = "sendFormXHR(this)" >
< div class = "body" >
< div class = "d-lg-flex" >
< label for = "old_password" class = "mb-0 w-lg-25" > Old Password< / label >
< input autocomplete = "off" class = "form-control mb-2 w-lg-100" id = "old_password" type = "password" name = "old_password" required >
< / div >
< div class = "d-lg-flex mt-5" >
< label for = "new_password" class = "mb-0 w-lg-25" > New Password< / label >
< input autocomplete = "off" class = "form-control w-lg-100" id = "new_password" type = "password" minlength = "8" maxlength = "100" name = "new_password" required >
< small id = "passwordHelpChange" class = "form-text font-weight-bold text-muted d-none mt-1 w-lg-100" > Minimum of 8 characters required.< / small >
< small id = "passwordHelpChangeSuccess" class = "form-text font-weight-bold text-success d-none mt-1 w-lg-100" > Your password meets the requirements.< / small >
< / div >
< div class = "d-lg-flex mt-4" >
< label for = "cnf_password" class = "mb-0 w-lg-25" > Confirm New Password< / label >
< input autocomplete = "off" class = "form-control w-lg-100" id = "cnf_password" type = "password" minlength = "8" maxlength = "100" name = "cnf_password" required >
< small id = "passwordHelpCnf" class = "form-text font-weight-bold text-muted d-none mt-1 w-lg-100" > Passwords do not match.< / small >
< small id = "passwordHelpCnfSuccess" class = "form-text font-weight-bold text-success d-none mt-1 w-lg-100" > Passwords match.< / small >
2022-11-06 06:35:49 +00:00
< / div >
2022-05-04 23:09:46 +00:00
< / div >
2023-10-29 12:51:00 +00:00
< div class = "footer" >
< input hidden name = "formkey" value = "{{v|formkey}}" >
< input hidden name = "now" value = "{{now}}" >
< div class = "d-flex" >
< input autocomplete = "off" class = "btn btn-primary ml-auto" type = "submit" value = "Change Password" >
< / div >
2022-11-06 06:35:49 +00:00
< / div >
2023-10-29 12:51:00 +00:00
< / form >
< / div >
< / section >
< section id = "site-settings-2fa-section" class = "settings-section-section" >
< h5 > Two-Factor Authentication< / h5 >
< div class = "settings-section rounded" >
< div class = "d-lg-flex" >
< div class = "title w-lg-25" >
< label for = "2faToggle" > Use Two-Factor Authentication< / label >
< / div >
< div class = "body w-lg-100 pt-1 pt-lg-3" >
< div class = "custom-control custom-switch" >
< input autocomplete = "off" type = "checkbox" class = "custom-control-input" id = "2faToggle" name = "2faToggle" data-nonce = "{{g.nonce}}" { % if v . mfa_secret % } checked { % endif % } >
< label class = "custom-control-label" for = "2faToggle" > < / label >
2023-08-23 22:02:11 +00:00
< / div >
2023-10-29 12:51:00 +00:00
< span class = "text-small text-muted" > This requires entering a randomly-generated, 6-digit code and your password to login.< / span >
< / div >
2022-11-06 06:35:49 +00:00
< / div >
2023-10-29 12:51:00 +00:00
< / div >
< / section >
< section id = "site-settings-logout-everywhere-section" class = "settings-section-section" >
< h5 > Log Out Everywhere< / h5 >
< form action = "/settings/log_out_all_others" method = "post" data-nonce = "{{g.nonce}}" data-onsubmit = "sendFormXHR(this)" >
< input hidden name = "formkey" value = "{{v|formkey}}" >
2023-01-01 11:36:20 +00:00
< div class = "body" >
2022-11-06 06:35:49 +00:00
< div class = "d-lg-flex" >
2023-10-29 12:51:00 +00:00
< label for = "forcelog-password" class = "w-lg-25" id = "email-password-label" > Password< / label >
< div class = "w-lg-100" >
< input autocomplete = "off" type = "password" class = "form-control mb-2" id = "forcelog-password" name = "password" required >
< / div >
2022-11-06 06:35:49 +00:00
< / div >
2023-10-29 12:51:00 +00:00
< small id = "emailpasswordRequired" class = "form-text mt-1" > This will also invalidate any existing recovery links associated with this account.< / small >
2022-11-06 06:35:49 +00:00
< / div >
< div class = "footer" >
< div class = "d-flex" >
2023-10-29 12:51:00 +00:00
< input autocomplete = "off" class = "btn btn-primary ml-auto" type = "submit" value = "Log out everywhere" >
2022-11-06 06:35:49 +00:00
< / div >
< / div >
< / form >
2023-10-29 12:51:00 +00:00
< / section >
< / div >
< / div >
2022-05-04 23:09:46 +00:00
< / div >
2022-12-04 15:40:32 +00:00
2023-10-29 12:51:00 +00:00
< div class = "modal fade" id = "2faModal" tabindex = "-1" >
< div class = "modal-dialog modal-dialog-centered" >
< div class = "modal-content" >
< div class = "modal-header" >
< h5 class = "modal-title" >
{% if mfa_secret %}
Setup two-step login
{% elif mfa_secret and not v.email %}
Email required for two-step login
{% else %}
Disable two-step login
{% endif %}
< / h5 >
< button type = "button" class = "close" data-bs-dismiss = "modal" >
< span > < i class = "fas fa-times" > < / i > < / span >
< / button >
< / div >
< form action = "/settings/security" method = "post" data-nonce = "{{g.nonce}}" data-onsubmit = "sendFormXHRReload(this)" >
< input hidden name = "formkey" value = "{{v|formkey}}" >
< input hidden name = "2fa_secret" value = "{{mfa_secret}}" >
< div class = "modal-body" >
{% if mfa_secret %}
< p > < span class = "font-weight-bold" > Step 1:< / span > Scan this QR code (or enter the code) using a two-factor authentication app such as Google Authenticator or Authy.< / p >
< div class = "text-center mb-3" >
< img alt = "two-factor QR code" loading = "lazy" class = "img-fluid" width = 175 src = "/2faqr/{{mfa_secret}}" >
< div class = "text-small text-muted mt-1" > Or enter this code: {{mfa_secret}}< / div >
< / div >
< p > < span class = "font-weight-bold" > Step 2:< / span > Enter the six-digit code generated in the authenticator app and your {{SITE_NAME}} account password.< / p >
< label for = "2fa_input" > 6-digit code< / label >
< input autocomplete = "off" type = "text" class = "form-control mb-2" id = "2fa_input" name = "2fa_token" placeholder = "# # # # # #" required >
2022-12-04 15:40:32 +00:00
2023-10-29 12:51:00 +00:00
< label for = "2fa_input_password" > Password< / label >
< input autocomplete = "off" type = "password" class = "form-control mb-2" id = "2fa_input_password" name = "password" data-nonce = "{{g.nonce}}" data-undisable_element = "toggle2faButton" required >
{% set action = "Enable" %}
{% else %}
< div class = "alert alert-warning" >
< i class = "fas fa-info-circle" > < / i >
To disable two-step login, please enter your {{SITE_NAME}} account password and the 6-digit code generated in your authentication app. If you no longer have your two-step device, < a href = "/lost_2fa" > click here< / a > .
< / div >
2022-12-04 15:40:32 +00:00
2023-10-29 12:51:00 +00:00
< label for = "2fa_input_password" > Password< / label >
< input autocomplete = "off" type = "password" class = "form-control mb-2" id = "2fa_input_password" name = "password" required >
2022-12-04 15:40:32 +00:00
2023-10-29 12:51:00 +00:00
< label for = "2fa_input" > 6-digit code< / label >
< input autocomplete = "off" type = "text" class = "form-control mb-2" id = "2fa_input" name = "2fa_remove" placeholder = "# # # # # #" data-nonce = "{{g.nonce}}" data-undisable_element = "toggle2faButton" required >
{% set action = "Disable" %}
{% endif %}
< / div >
< div class = "modal-footer" >
< button type = "button" class = "btn btn-link text-muted" data-bs-dismiss = "modal" > Cancel< / button >
< input autocomplete = "off" id = "toggle2faButton" class = "btn btn-primary" type = "submit" value = "{{action}} two-factor authentication" disabled >
< / div >
< / form >
< / div >
2022-12-04 15:40:32 +00:00
< / div >
< / div >
2023-10-29 12:51:00 +00:00
< div class = "toast error" id = "toast-exile-error" data-bs-animation = "true" data-bs-autohide = "true" data-bs-delay = "5000" >
< div class = "toast-body text-center" >
< i class = "fas fa-exclamation-circle text-danger mr-2" > < / i > < span id = "toast-error-message" > Error. Please try again.< / span >
< / div >
2022-11-06 06:35:49 +00:00
< / div >
2022-10-10 05:22:18 +00:00
{% endblock %}