For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

iaine's avatar
iaine
Icon for Nacreous rankNacreous
Oct 09, 2019

Re: APM SMS OTP Resend Button

Hi

 

I've done something like this in the past. I'm sure there are other ways but this is the method that I used...

 

Create the OTP login process as a Macro. Set this Macro to be able to Loop twice.

 

Create your OTP login Macro - here is a simplified version but hopefully it shows enough detail - I haven't included the SMS/SMTP send for instance...

 

Edit your Login Page and create a new text input field - hopefully you're already not using them all

I used field5 and set both the Post and Session variable name to no_token

 

After the login page, add an Empty item to check to see if the no_token variable has the value of "notoken"

expr {[mcget {session.logon.last.no_token}] == "notoken"}

Make this "No Token Received" branch go to the Loop Ending.

 

Then, you need to go and edit the Login Page of the Macro in advanced customisation.

 

Firstly, change this line

 

// amount of fields

$field_num = 5;

 

...to...

 

// amount of fields

$field_num = 4;

 

This will hide field5 from being displayed on the login screen.

 

Then, add this function

 

function buttonClick(val){

  document.getElementById('no_token').value = val;

  return true;

}

 

I placed this here

 

<? include_customized_page("logout", "session_expired.js"); ?>

var globalRestartOnSubmit = false;

function buttonClick(val){

  document.getElementById('no_token').value = val;

  return true;

}

function sessionTimedOut()

 

Add this line

 

<input type=hidden name='no_token' value='' id='no_token'>

 

I put this line here

 

  </table>

  <input type=hidden name="vhost" value="standard">

  <input type=hidden name='no_token' value='' id='no_token'>

  </form>

 

And lastly, add your button to the login page

 

<td class="credentials_table_unified_cell"><input type=submit value="No Token!" onclick="return buttonClick('notoken')"></td>

 

I put this here but you would probably want to add some text in and move the button to where it looks right.

 

    <td class="credentials_table_unified_cell"><input type=submit class="credentials_input_submit" value="%[logon]"></td>

    <td class="credentials_table_unified_cell"><input type=submit value="No Token!" onclick="return buttonClick('notoken')"></td>

 

....and I think that's all I did...

No RepliesBe the first to reply