index.html

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
	<head>
		<meta charset="UTF-8">
		<meta name="viewport" content="width=device-width, initial-scale=1.0">
		<title>Offline TOTP 2-Factor Authentication</title>
		<link rel="manifest" href="manifest.json">
		<meta name="theme-color" content="#0275d8">
		<link href="src/bootstrap.min.css" rel="stylesheet">
		<script src="src/jquery.min.js"></script>
		<script src="src/tether.min.js"></script>
		<script src="src/bootstrap.min.js"></script>
		<script src="src/qrcode.min.js"></script>
		<style>
			html {
				position: relative;
				min-height: 100%;
			}
			body {
				margin-bottom: 6em;
			}
			.footer {
				position: absolute;
				bottom: 3em;
				width: 100%;
				height: 3em;
				line-height: 1em;
			}
		</style>
		
		<script>
			$(document).ready (function(){
				$(".alert").hide();
			});

			function onload(){
				codes = JSON.parse(localStorage.getItem("allCodes"));
				if(codes !== null){
					$.each(codes, function(i,v){
						addKeyHTML(v["name"], v["secret"]);
					});
				}
				$(function(){$('[data-toggle="tooltip"]').tooltip();});
				setInterval(refresh, 100);
			}
			
			// Given a secret key "K" and a timestamp "t" (in 30s units since the
			// beginning of the epoch), return a TOTP code.
			function totp(K,t){
				function sha1(C){
					function L(x,b){return x<<b|x>>>32-b;}
					var l=C.length,D=C.concat([1<<31]),V=0x67452301,W=0x88888888,
					Y=271733878,X=Y^W,Z=0xC3D2E1F0;W^=V;
					do D.push(0);while(D.length+1&15);D.push(32*l);
					while (D.length){
					var E=D.splice(0,16),a=V,b=W,c=X,d=Y,e=Z,f,k,i=12;
					function I(x){var t=L(a,5)+f+e+k+E[x];e=d;d=c;c=L(b,30);b=a;a=t;}
					for(;++i<77;)E.push(L(E[i]^E[i-5]^E[i-11]^E[i-13],1));
					k=0x5A827999;for(i=0;i<20;I(i++))f=b&c|~b&d;
					k=0x6ED9EBA1;for(;i<40;I(i++))f=b^c^d;
					k=0x8F1BBCDC;for(;i<60;I(i++))f=b&c|b&d|c&d;
					k=0xCA62C1D6;for(;i<80;I(i++))f=b^c^d;
					V+=a;W+=b;X+=c;Y+=d;Z+=e;}
					return[V,W,X,Y,Z];
				}
				var k=[],l=[],i=0,j=0,c=0;
				for (;i<K.length;){
				c=c*32+'ABCDEFGHIJKLMNOPQRSTUVWXYZ234567'.
				indexOf(K.charAt(i++).toUpperCase());
				if((j+=5)>31)k.push(Math.floor(c/(1<<(j-=32)))),c&=31;}
				j&&k.push(c<<(32-j));
				for(i=0;i<16;++i)l.push(0x6A6A6A6A^(k[i]=k[i]^0x5C5C5C5C));
				var s=sha1(k.concat(sha1(l.concat([0,t])))),o=s[4]&0xF;
				return ((s[o>>2]<<8*(o&3)|(o&3?s[(o>>2)+1]>>>8*(4-o&3):0))&-1>>>1)%1000000;
			}
			
			var lastepochseconds;
			var lasttimestamp;

			function refresh(){
				var e = Math.floor(new Date().getTime()/1000);
				var t = Math.floor(e/30);
				var en = new Date().getTime()/1000;
				
				var rem = 30-(en-(t*30));
				var percent = (rem/30)*100;
				$(".progress-bar").width(percent+"%");
				$(".progress-bar").attr("aria-valuenow", percent);
				$("#countdown").text(Math.round(rem));

				// If TOTP code has changed (either because of user edits, or
				// because of elapsed time), update the user interface.
				if (e != lastepochseconds || t != lasttimestamp) {
					lastepochseconds = e;
					lasttimestamp = t;

					$("#authenticator-group").find("tr").each(function(){
						var secret = $(this).data("key");
						if(!(secret == null || secret == "")){
							$(this).find(".code-field").html(addNBSP(runTOTP(secret)));
						}
					});
				}
			}
			
			function runTOTP(k){
				var e = Math.floor(new Date().getTime()/1000);
				var t = Math.floor(e/30);
				k = k.replace(/[^ABCDEFGHIJKLMNOPQRSTUVWXYZ234567]/gi, '');
				var code = totp(k,t);
				code = "" + code; // convert to string
				while(code.length < 6) {
					code = "0" + code;
				}
				return code;
			}
			
			function addNBSP(c){
				return c.substring(0, 3) + "&nbsp;" + c.substring(3, 6);
			}
			
			function addKey(){
				var name = $("#name").val()
				var secret = $("#secret").val();
				addKeyHTML(name, secret);
			}
			
			function copyCode(e){
				var textArea = document.createElement("textarea");
				textArea.style.position = 'fixed';
				textArea.style.top = 0;
				textArea.style.left = 0;
				textArea.style.width = '1px';
				textArea.style.height = '1px';
				textArea.style.padding = 0;
				textArea.style.border = 'none';
				textArea.style.outline = 'none';
				textArea.style.boxShadow = 'none';
				textArea.style.background = 'transparent';
				textArea.style.resize = 'none';
				
				textArea.value = runTOTP($(e).data("key"));
				document.body.appendChild(textArea);
				textArea.select();
				try{
					document.execCommand('copy');
					$(".alert").alert();
					$(".alert-text").text("Copy Successful!");
					$(".alert").fadeTo(3000, 500).slideUp(500, function(){$(".alert").slideUp(500);});
				} 
				catch(err){console.log(err);}
			}
			
			function addKeyHTML(name, secret){
				if(!alreadyInTable(name, secret)){
					$("#authenticator-group").append("<tr data-toggle='tooltip' title='Click to copy' data-name='"+name+"' data-key='"+secret+"' onclick='copyCode(this)'><td>"+name+"</td><td class='code-field'>"+addNBSP(runTOTP(secret))+"</td></tr>");
				}
				if(!alreadyInStorage(name, secret)){
					addToStorage(name, secret);
				}
				$(function(){$('[data-toggle="tooltip"]').tooltip();});
			}
			
			function alreadyInTable(name, secret){
				var returner = false;
				$("#authenticator-group").find("tr").each(function(){
					if(secret == $(this).data("key")){
						returner = true;
					}
				});
				return returner;
			}
			
			function alreadyInStorage(name, secret){
				codes = JSON.parse(localStorage.getItem("allCodes"));
				if(codes == null){
					return false;
				}
				var returner = false;
				$.each(codes, function(i,v){
					if(v["secret"] == secret){
						returner = true;
					}
				});
				return returner;
			}
			
			function addToStorage(name, secret){
				var codes = JSON.parse(localStorage.getItem("allCodes"));
				if(codes == null){
					codes = [];
				}
				codes.push({"secret":secret, "name":name});
				localStorage.setItem("allCodes", JSON.stringify(codes));
			}
			
			function exportCode(){
				$("#import-export").val(localStorage.getItem("allCodes"));
				$("#import-export").select();
			}
			
			function importCode(){
				try{
					var codes = JSON.parse($("#import-export").val());
					$.each(codes, function(i,v){
						addKeyHTML(v["name"], v["secret"]);
					});
				}
				catch(e){
					alert("Import error!\nInvalid JSON.");
					console.log(e);
				}
			}
			
			function qrCallback(a){
				if(a.indexOf("error decoding QR") > -1){
					alert("Could not decode QR code, sorry");
					return;
				}
				var html="<br>";
				html+="<b>"+a+"</b><br><br>";
				document.getElementById("result").innerHTML=html;
				var findName = /totp\/([^?]+).*[?&]secret=(.*)/gi
				var findSecret = /totp\/[^?]+.*[?&]secret=([^?^&]+)/gi
				var name = decodeURIComponent(findName.exec(a)[1]);
				var secret = findSecret.exec(a)[1];
				addKeyHTML(name, secret);
			}
			
			function handleFiles(f){
				for(var i =0;i<f.length;i++){
					var reader = new FileReader();
					reader.onload = (function(theFile) {
						return function(e) {
							qrcode.decode(e.target.result);
						};
					})(f[i]);
					reader.readAsDataURL(f[i]);	
				}
			}
			
			qrcode.callback = qrCallback;
		</script>
	</head>
	<body onpageshow="onload()">
		<div class="container-fluid">
			<div class="alert alert-success alert-dismissible" role="alert">
				<button type="button" class="close" data-dismiss="alert" aria-label="Close">
					<span aria-hidden="true">&times;</span>
				</button>
				<div class="alert-text"></div>
			</div>
			<div class="row">
				<div class="col-md-4 mt-5">
					<h1 class="display-4">Offline 2FA</h1>
					<form name="input-keys" class="form-inline" onsubmit="addKey()" action="javascript:void(0);">
						<input type="text" placeholder="Name" id="name" class="form-control mb-2 mr-sm-2 mb-sm-0"></input>
						<input type="text" placeholder="Enter Secret Key"  id="secret" class="form-control mb-2 mr-sm-2 mb-sm-0"></input>
						<button type="submit" class="btn btn-success">Add</button>
					</form>
					<h4 class="pt-5">QR Code Entry</h4>
					<input type="file" onchange="handleFiles(this.files)">
					<div id="result"></div>
					<h4 class="pt-5">Import/Export</h1>
					<div class="form-group form-inline">
						<input type="text" placeholder="" id="import-export" class="form-control mb-2 mr-sm-2 mb-sm-0"></input>
						<button class="form-control btn btn-success mr-sm-2 mr-sm-0" onclick="importCode()">Import</button>
						<button class="form-control btn btn-info mr-sm-2 mr-sm-0" onclick="exportCode()">Export</button>
					</div>
				</div>
				<div class="col-md-8 mt-5">
					<table class="table" id="authenticator-group">
						<thead>
							<tr>
								<th>Site</th>
								<th>Code</th>
							</tr>
						</thead>
					</table>
				</div>
			</div>
		</div>
		<footer class="footer">
			<div class="container-fluid">
				<h1 class="display-5 d-flex justify-content-center" id="countdown">30</h1>
				<div class="progress">
					<div class="progress-bar" role="progressbar" aria-valuenow="0" aria-valuemin="0" aria-valuemax="100" style="height:1em"></div>
				</div>
			</div>
		</footer>
		<script>
		if ('serviceWorker' in navigator) {
			window.addEventListener('load', function() {
				navigator.serviceWorker.register('sw.js').then(function(registration) {
					// Registration was successful
					console.log('ServiceWorker registration successful with scope: ', registration.scope);
				}).catch(function(err) {
					// registration failed :(
					console.log('ServiceWorker registration failed: ', err);
				});
			});
		}
		</script>
	</body>
</html>