pi-hole · rdwebdesign · Nov 10, 2023 · Oct 30, 2023 · Oct 30, 2023 · Oct 30, 2023
diff --git a/login.lp b/login.lp
@@ -43,21 +43,20 @@ mg.include('scripts/pi-hole/lua/header.lp','r')
                 <form id="loginform">
                     <div class="login-options has-feedback" id="pw-field">
                         <input type="text" id="username" value="pi.hole" autocomplete="username" hidden>
-                        <div class="pwd-field form-group">
+                        <div class="input-group pwd-field form-group">
                             <!-- hidden username input field to help password managers to autfill the password -->
-                            <input type="password" id="loginpw" class="form-control" placeholder="Password" value="" spellcheck="false" autocomplete="current-password" autofocus>
-                            <span class="fa fa-key pwd-field form-control-feedback"></span>
-                        </div>
-                        <div class="form-group hidden" id="totp_input">
-                            <input type="text" id="totp" size="6" maxlen="6" class="form-control totp_token" placeholder="" value="" spellcheck="false" autocomplete="current-password" autofocus>
-                            <span class="fa-solid fa-clock-rotate-left pwd-field form-control-feedback"></span>
+                            <input type="password" class="form-control" placeholder="Password" value="" spellcheck="false" autocomplete="current-password" id="current-password" autofocus required>
+                            <span class="input-group-btn">
+                                <button class="btn btn-default" id="toggle-password" type="button" title="Show password as plain text. Warning: this will display your password on the screen.">
+                                    <span class="fa fa-fw fa-eye field-icon"></span>
+                                </button>
+                            </span>
                         </div>
                     </div>
-                    <!--
-                    <div class="form-group" title="Pi-hole has to set a cookie for the login session to be successful. The cookie will not contain your password nor is it used anywhere outside of you local Pi-hole.">
-                        <input type="checkbox" id="logincookie" checked>
-                        <label for="logincookie">Keep me logged in (uses cookie)</label>
-                    </div> -->
+                    <div class="form-group has-feedback hidden" id="totp_input">
+                        <input type="text" id="totp" size="6" maxlen="6" class="form-control totp_token" placeholder="123456" value="" spellcheck="false" autofocus>
+                        <span class="fa fa-clock-rotate-left pwd-field form-control-feedback"></span>
+                    </div>
                     <div class="form-group">
                         <button type="submit" class="btn btn-primary form-control"><i class="fas fa-sign-in-alt"></i>&nbsp;&nbsp;&nbsp;Log in (uses cookie)</button>
                     </div>

diff --git a/scripts/pi-hole/js/login.js b/scripts/pi-hole/js/login.js
@@ -87,21 +87,42 @@ $("#loginform").submit(function (e) {
     return;
   }*/
 
-  doLogin($("#loginpw").val());
+  doLogin($("#current-password").val());
 });
 
 // Trigger keyup event when pasting into the TOTP code input field
 $("#totp").on("paste", function (e) {
   $(e.target).keyup();
 });
 
+// Submit form when TOTP code is entered and password is already filled
 $("#totp").on("keyup", function () {
-  var code = $(this).val();
-  if (code.length === 6) {
+  const code = $(this).val();
+  const password = $("#current-password").val();
+  if (code.length === 6 && password.length > 0) {
     $("#loginform").submit();
   }
 });
 
+// Toggle password visibility button
+$("#toggle-password").on("click", function () {
+  // Toggle font-awesome classes to change the svg icon on the button
+  $("svg", this).toggleClass("fa-eye fa-eye-slash");
+
+  // Password field
+  var $pwd = $("#current-password");
+  if ($pwd.attr("type") === "password") {
+    $pwd.attr("type", "text");
+    $pwd.attr("title", "Hide password");
+  } else {
+    $pwd.attr("type", "password");
+    $pwd.attr(
+      "title",
+      "Show password as plain text. Warning: this will display your password on the screen"
+    );
+  }
+});
+
 function showDNSfailure() {
   $("#dns-failure-label").show();
   $("#login-box").addClass("error-box");
@@ -118,8 +139,11 @@ $(function () {
     })
     .fail(function (xhr) {
       const session = xhr.responseJSON.session;
-      // If TOPT is enabled, show the input field
-      if (session.totp === true) $("#totp_input").removeClass("hidden");
+      // If TOPT is enabled, show the input field and add the required attribute
+      if (session.totp === true) {
+        $("#totp_input").removeClass("hidden");
+        $("#totp").attr("required", "required");
+      }
     });
 
   // Get information about HTTPS port and DNS status