Good progress on 2FA/OTP config: Most of email register lifecycle complete

www/otp_register.template.html

@@ -5,33 +5,23 @@
         <title>Enable 2FA/OTP — ENiGMA½ BBS</title>
         <meta name="description" content="Enable 2-Factor Authentication via One-Time-Password">
 		<meta name="viewport" content="width=device-width, initial-scale=1">
-		<script>
-			window.onload = function() {
-				//document.getElementById('password').onchange			= validatePassword;
-				//document.getElementById('confirm_password').onchange	= validatePassword;
-			}
-
-            /*
-			function validatePassword() {
-				var pw 		= document.getElementById('password');
-				var confirm	= document.getElementById('confirm_password');
-
-				if(pw.value !== confirm.value) {
-					confirm.setCustomValidity('Passwords must match!');
-				} else {
-					confirm.setCustomValidity('');
-				}
-            }
-            */
-		</script>
 	</head>
 	<body>
-	<form action="%POST_URL%" method="post">        
-        <legend>Enable One-Time-Password</legend>
-        <input type="text" placeholder="One Time Password" id="otp" name="otp" required>
-        <input type="hidden" value="%TOKEN%" name="token">
-        <input type="hidden" value="%OTP_TYPE%" name="otpType">
-		<button type="submit">Confirm</button>
-	</form>
+        <p>
+            Your OTP secret:<br>
+            <b>%SECRET%</b>
+        </p>
+        <p>
+            QR Code:<br>
+            <img src="%QR_IMG_DATA%"/>
+        </p>
+        <form action="%POST_URL%" method="post">
+            <legend>Confirm One-Time-Password to continue:</legend>
+            <input type="text" placeholder="One Time Password" id="otp" name="otp" required>
+            <input type="hidden" value="%TOKEN%" name="token">
+            <input type="hidden" value="%OTP_TYPE%" name="otpType">
+            <input type="hidden" value="%SECRET%" name="secret">
+            <button type="submit">Confirm</button>
+        </form>
 	</body>
 </html>