- Email 2FA is now optional and disabled by default.
Existing and new accounts default to 2FA off. Registration signs users in directly. Users can enable it under My Account. Administrators can manage it under Users & Staff. Verified password-only and opted-in email-code login flows. PHP/JavaScript checks and browser console passed.
This commit is contained in:
@@ -28,7 +28,7 @@
|
||||
<input type="number" name="captcha" required inputmode="numeric" autocomplete="off">
|
||||
</label>
|
||||
<button class="button button-large button-block" type="submit">Continue Securely</button>
|
||||
<p class="form-footnote">We will email a six-digit verification code after your password is accepted.</p>
|
||||
<p class="form-footnote">Email verification is requested only when optional email 2FA is enabled for your account.</p>
|
||||
<p class="auth-switch">New here? <a href="<?= e(url('/register')) ?>">Create an account</a></p>
|
||||
</form>
|
||||
</div>
|
||||
|
||||
@@ -5,7 +5,7 @@
|
||||
<h1>Faster pickup starts here.</h1>
|
||||
<p>Create an account to keep your contact details, see order history, and hear about new specials.</p>
|
||||
<ul class="check-list">
|
||||
<li>Email verification protects your account</li>
|
||||
<li>Optional email 2FA can be enabled from My Account</li>
|
||||
<li>Newsletter preferences stay in your control</li>
|
||||
<li>Your payment details are handled by Square, not stored here</li>
|
||||
</ul>
|
||||
|
||||
@@ -4,7 +4,7 @@
|
||||
<?= csrf_field() ?>
|
||||
<div class="verification-icon">6</div>
|
||||
<div>
|
||||
<span class="eyebrow">One more step</span>
|
||||
<span class="eyebrow">Email security check</span>
|
||||
<h1>Check your email</h1>
|
||||
<p>Enter the six-digit code we sent you. It is valid for 10 minutes.</p>
|
||||
</div>
|
||||
|
||||
Reference in New Issue
Block a user