mirror/Part-DB.Part-DB-server
1
0
Fork 1
mirror of https://github.com/Part-DB/Part-DB-server.git synced 2025-06-28 20:50:06 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

Allow to disable the google authenticator 2fa.

Browse source
This commit is contained in:
Jan Böhmer 2019-12-26 12:46:44 +01:00
parent 8c5cf6f9e0
commit 8add8c919d
4 changed files with 133 additions and 84 deletions
Download patch file Download diff file Expand all files Collapse all files

25
src/Controller/UserController.php
View file

@ -25,7 +25,7 @@ use App\Entity\Attachments\AttachmentType;
use App\Entity\Attachments\UserAttachment; use App\Entity\Attachments\UserAttachment;
use App\Entity\UserSystem\User; use App\Entity\UserSystem\User;
use App\Form\Permissions\PermissionsType; use App\Form\Permissions\PermissionsType;
use App\Form\TFASettingsType; use App\Form\TFAGoogleSettingsType;
use App\Form\UserAdminForm; use App\Form\UserAdminForm;
use App\Form\UserSettingsType; use App\Form\UserSettingsType;
use App\Services\EntityExporter; use App\Services\EntityExporter;
@ -240,18 +240,26 @@ class UserController extends AdminPages\BaseAdminController
} }
//Handle 2FA things //Handle 2FA things
$tfa_form = $this->createForm(TFASettingsType::class, $user); $google_form = $this->createForm(TFAGoogleSettingsType::class, $user);
$tfa_form->handleRequest($request); $google_enabled = $user->isGoogleAuthenticatorEnabled();
if (!$user->getGoogleAuthenticatorSecret()) { if (!$form->isSubmitted() && !$google_enabled) {
$user->setGoogleAuthenticatorSecret($googleAuthenticator->generateSecret()); $user->setGoogleAuthenticatorSecret($googleAuthenticator->generateSecret());
$tfa_form->setData($user); $google_form->get('googleAuthenticatorSecret')->setData($user->getGoogleAuthenticatorSecret());
} }
$google_form->handleRequest($request);
if ($tfa_form->isSubmitted() && $tfa_form->isValid()) { if($google_form->isSubmitted() && $google_form->isValid()) {
if (!$google_enabled) {
//Save 2FA settings (save secrets) //Save 2FA settings (save secrets)
$user->setGoogleAuthenticatorSecret($tfa_form->get('googleAuthenticatorSecret')->getData()); $user->setGoogleAuthenticatorSecret($google_form->get('googleAuthenticatorSecret')->getData());
$em->flush(); $em->flush();
$this->addFlash('success', 'user.settings.2fa.google.activated'); $this->addFlash('success', 'user.settings.2fa.google.activated');
} elseif ($google_enabled) {
//Remove secret to disable google authenticator
$user->setGoogleAuthenticatorSecret(null);
$em->flush();
$this->addFlash('success', 'user.settings.2fa.google.disabled');
}
} }
@ -264,8 +272,9 @@ class UserController extends AdminPages\BaseAdminController
'pw_form' => $pw_form->createView(), 'pw_form' => $pw_form->createView(),
'page_need_reload' => $page_need_reload, 'page_need_reload' => $page_need_reload,
'tfa_form' => $tfa_form->createView(), 'google_form' => $google_form->createView(),
'tfa_google' => [ 'tfa_google' => [
'enabled' => $google_enabled,
'qrContent' => $googleAuthenticator->getQRContent($user), 'qrContent' => $googleAuthenticator->getQRContent($user),
'secret' => $user->getGoogleAuthenticatorSecret(), 'secret' => $user->getGoogleAuthenticatorSecret(),
'username' => $user->getGoogleAuthenticatorUsername() 'username' => $user->getGoogleAuthenticatorUsername()

77
src/Form/TFAGoogleSettingsType.php Normal file
View file

@ -0,0 +1,77 @@
<?php
namespace App\Form;
use App\Entity\UserSystem\User;
use App\Validator\Constraints\ValidGoogleAuthCode;
use Symfony\Component\Form\AbstractType;
use Symfony\Component\Form\Extension\Core\Type\HiddenType;
use Symfony\Component\Form\Extension\Core\Type\ResetType;
use Symfony\Component\Form\Extension\Core\Type\SubmitType;
use Symfony\Component\Form\Extension\Core\Type\TextType;
use Symfony\Component\Form\FormBuilderInterface;
use Symfony\Component\Form\FormEvent;
use Symfony\Component\Form\FormEvents;
use Symfony\Component\OptionsResolver\OptionsResolver;
use Symfony\Contracts\Translation\TranslatorInterface;
class TFAGoogleSettingsType extends AbstractType
{
protected $translator;
public function __construct(TranslatorInterface $translator)
{
$this->translator = $translator;
}
public function buildForm(FormBuilderInterface $builder, array $options)
{
$builder->addEventListener(FormEvents::PRE_SET_DATA, function(FormEvent $event) {
$form = $event->getForm();
/** @var User $user */
$user = $event->getData();
//Only show setup fields, when google authenticator is not enabled
if(!$user->isGoogleAuthenticatorEnabled()) {
$form->add(
'google_confirmation',
TextType::class,
[
'mapped' => false,
'attr' => ['maxlength' => '6', 'minlength' => '6', 'pattern' => '\d*', 'autocomplete' => 'off'],
'constraints' => [new ValidGoogleAuthCode()]
]
);
$form->add(
'googleAuthenticatorSecret',
HiddenType::class,
[
'disabled' => false,
]
);
$form->add('submit', SubmitType::class, [
'label' => $this->translator->trans('tfa_google.enable')
]);
} else {
$form->add('submit', SubmitType::class, [
'label' => $this->translator->trans('tfa_google.disable'),
'attr' => ['class' => 'btn-danger']
]);
}
});
//$builder->add('cancel', ResetType::class);
}
public function configureOptions(OptionsResolver $resolver)
{
$resolver->setDefaults([
'data_class' => User::class,
]);
}
}

42
src/Form/TFASettingsType.php
View file

@ -1,42 +0,0 @@
<?php
namespace App\Form;
use App\Entity\UserSystem\User;
use App\Validator\Constraints\ValidGoogleAuthCode;
use Symfony\Component\Form\AbstractType;
use Symfony\Component\Form\Extension\Core\Type\HiddenType;
use Symfony\Component\Form\Extension\Core\Type\ResetType;
use Symfony\Component\Form\Extension\Core\Type\SubmitType;
use Symfony\Component\Form\Extension\Core\Type\TextType;
use Symfony\Component\Form\FormBuilderInterface;
use Symfony\Component\OptionsResolver\OptionsResolver;
class TFASettingsType extends AbstractType
{
public function buildForm(FormBuilderInterface $builder, array $options)
{
$builder->add('google_confirmation', TextType::class, [
'mapped' => false,
'attr' => ['maxlength' => '6', 'minlength' => '6', 'pattern' => '\d*', 'autocomplete' => 'off'],
'constraints' => [new ValidGoogleAuthCode()]
]);
$builder->add('googleAuthenticatorSecret', HiddenType::class,[
'disabled' => false,
]);
$builder->add('submit', SubmitType::class);
$builder->add('cancel', ResetType::class);
}
public function configureOptions(OptionsResolver $resolver)
{
$resolver->setDefaults([
'data_class' => User::class,
]);
}
}

15
templates/Users/_2fa_settings.html.twig
View file

@ -4,7 +4,7 @@
{% trans %}user.settings.2fa_settings{% endtrans %} {% trans %}user.settings.2fa_settings{% endtrans %}
</div> </div>
<div class="card-body"> <div class="card-body">
{{ form_start(tfa_form) }}
<ul class="nav nav-tabs" id="tfa-tabs" role="tablist"> <ul class="nav nav-tabs" id="tfa-tabs" role="tablist">
<li class="nav-item"> <li class="nav-item">
<a class="nav-link active" id="google-tab" data-toggle="tab" href="#tfa-google" role="tab" <a class="nav-link active" id="google-tab" data-toggle="tab" href="#tfa-google" role="tab"
@ -17,6 +17,8 @@
</ul> </ul>
<div class="tab-content mt-3 mb-3" id="tfa-tabs-content"> <div class="tab-content mt-3 mb-3" id="tfa-tabs-content">
<div class="tab-pane fade show active" id="tfa-google" role="tabpanel" aria-labelledby="google-tab"> <div class="tab-pane fade show active" id="tfa-google" role="tabpanel" aria-labelledby="google-tab">
{{ form_start(google_form) }}
{% if not tfa_google.enabled %}
<div class="offset-3 row"> <div class="offset-3 row">
<div class="col-3"> <div class="col-3">
<canvas class="qrcode" data-content="{{ tfa_google.qrContent }}"></canvas> <canvas class="qrcode" data-content="{{ tfa_google.qrContent }}"></canvas>
@ -46,15 +48,18 @@
</div> </div>
</div> </div>
{{ form_row(tfa_form.google_confirmation) }} {{ form_row(google_form.google_confirmation) }}
{% else %}
Google Authenticator is enabled! TODO
{% endif %}
{{ form_row(google_form.submit) }}
{{ form_end(google_form) }}
</div> </div>
<div class="tab-pane fade" id="tfa-backup" role="tabpanel" aria-labelledby="backup-tab"> <div class="tab-pane fade" id="tfa-backup" role="tabpanel" aria-labelledby="backup-tab">
</div> </div>
</div> </div>
{{ form_row(tfa_form.submit) }}
{{ form_row(tfa_form.cancel) }}
{{ form_end(tfa_form) }}
</div> </div>
</div> </div>