$userForm->handleRequest($request);
// `googleTwoFactor` isn't a field within the User entity, we need to define it's value in a different way
- if (true === $user->isGoogleAuthenticatorEnabled() && false === $userForm->isSubmitted()) {
+ if ($this->getParameter('twofactor_auth') && true === $user->isGoogleAuthenticatorEnabled() && false === $userForm->isSubmitted()) {
$userForm->get('googleTwoFactor')->setData(true);
}
if ($userForm->isSubmitted() && $userForm->isValid()) {
// handle creation / reset of the OTP secret if checkbox changed from the previous state
- if (true === $userForm->get('googleTwoFactor')->getData() && false === $user->isGoogleAuthenticatorEnabled()) {
- $secret = $this->get('scheb_two_factor.security.google_authenticator')->generateSecret();
+ if ($this->getParameter('twofactor_auth')) {
+ if (true === $userForm->get('googleTwoFactor')->getData() && false === $user->isGoogleAuthenticatorEnabled()) {
+ $secret = $this->get('scheb_two_factor.security.google_authenticator')->generateSecret();
- $user->setGoogleAuthenticatorSecret($secret);
- $user->setEmailTwoFactor(false);
+ $user->setGoogleAuthenticatorSecret($secret);
+ $user->setEmailTwoFactor(false);
- $qrCode = $this->get('scheb_two_factor.security.google_authenticator')->getQRContent($user);
-
- $this->addFlash('OTPSecret', ['code' => $secret, 'qrCode' => $qrCode]);
- } elseif (false === $userForm->get('googleTwoFactor')->getData() && true === $user->isGoogleAuthenticatorEnabled()) {
- $user->setGoogleAuthenticatorSecret(null);
+ $this->addFlash('OtpQrCode', $this->get('scheb_two_factor.security.google_authenticator')->getQRContent($user));
+ } elseif (false === $userForm->get('googleTwoFactor')->getData() && true === $user->isGoogleAuthenticatorEnabled()) {
+ $user->setGoogleAuthenticatorSecret(null);
+ }
}
$userManager->updateUser($user, true);
<br/>
<img id="androidQrcode" />
<script>
- const imgBase64 = jrQrcode.getQrBase64('wallabag://{{ app.user.username }}@{{ wallabag_url }}');
- document.getElementById('androidQrcode').src = imgBase64;
+ document.getElementById('androidQrcode').src = jrQrcode.getQrBase64('wallabag://{{ app.user.username }}@{{ wallabag_url }}');
</script>
</div>
</fieldset>
{{ form_widget(form.user.googleTwoFactor) }}
{{ form_errors(form.user.googleTwoFactor) }}
</div>
- {% for OTPSecret in app.session.flashbag.get('OTPSecret') %}
+ {% for OtpQrCode in app.session.flashbag.get('OtpQrCode') %}
<div class="row">
You just enabled the OTP two factor authentication, open your OTP app and use that code to get a one time password.
<br/>
That code will disapear after a page reload.
<br/><br/>
- <strong>{{ OTPSecret.code }}</strong>
+ <strong>{{ app.user.getGoogleAuthenticatorSecret }}</strong>
<br/><br/>
Or you can scan that QR Code with your app:
<br/>
<img id="2faQrcode" class="hide-on-med-and-down" />
<script>
- document.getElementById('2faQrcode').src = jrQrcode.getQrBase64('{{ OTPSecret.qrCode }}');;
+ document.getElementById('2faQrcode').src = jrQrcode.getQrBase64('{{ OtpQrCode }}');;
</script>
</div>
{% endfor %}
use Pagerfanta\Exception\OutOfRangeCurrentPageException;
use Pagerfanta\Pagerfanta;
use Symfony\Bundle\FrameworkBundle\Controller\Controller;
-use Symfony\Component\Form\FormInterface;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\Routing\Annotation\Route;
use Wallabag\UserBundle\Entity\User;
// enable created user by default
$user->setEnabled(true);
- $form = $this->createEditForm('NewUserType', $user, $request);
+ $form = $this->createForm('Wallabag\UserBundle\Form\NewUserType', $user);
+ $form->handleRequest($request);
if ($form->isSubmitted() && $form->isValid()) {
- $user = $this->handleOtp($form, $user);
$userManager->updateUser($user);
// dispatch a created event so the associated config will be created
$userManager = $this->container->get('fos_user.user_manager');
$deleteForm = $this->createDeleteForm($user);
- $form = $this->createEditForm('UserType', $user, $request);
+ $form = $this->createForm('Wallabag\UserBundle\Form\UserType', $user);
+ $form->handleRequest($request);
+
+ // `googleTwoFactor` isn't a field within the User entity, we need to define it's value in a different way
+ if ($this->getParameter('twofactor_auth') && true === $user->isGoogleAuthenticatorEnabled() && false === $form->isSubmitted()) {
+ $form->get('googleTwoFactor')->setData(true);
+ }
if ($form->isSubmitted() && $form->isValid()) {
- $user = $this->handleOtp($form, $user);
+ // handle creation / reset of the OTP secret if checkbox changed from the previous state
+ if ($this->getParameter('twofactor_auth')) {
+ if (true === $form->get('googleTwoFactor')->getData() && false === $user->isGoogleAuthenticatorEnabled()) {
+ $user->setGoogleAuthenticatorSecret($this->get('scheb_two_factor.security.google_authenticator')->generateSecret());
+ $user->setEmailTwoFactor(false);
+ } elseif (false === $form->get('googleTwoFactor')->getData() && true === $user->isGoogleAuthenticatorEnabled()) {
+ $user->setGoogleAuthenticatorSecret(null);
+ }
+ }
+
$userManager->updateUser($user);
$this->get('session')->getFlashBag()->add(
->getForm()
;
}
-
- /**
- * Create a form to create or edit a User entity.
- *
- * @param string $type Might be NewUserType or UserType
- * @param User $user The new / edit user
- * @param Request $request The request
- *
- * @return FormInterface
- */
- private function createEditForm($type, User $user, Request $request)
- {
- $form = $this->createForm('Wallabag\UserBundle\Form\\' . $type, $user);
- $form->handleRequest($request);
-
- // `googleTwoFactor` isn't a field within the User entity, we need to define it's value in a different way
- if (true === $user->isGoogleAuthenticatorEnabled() && false === $form->isSubmitted()) {
- $form->get('googleTwoFactor')->setData(true);
- }
-
- return $form;
- }
-
- /**
- * Handle OTP update, taking care to only have one 2fa enable at a time.
- *
- * @see ConfigController
- *
- * @param FormInterface $form
- * @param User $user
- *
- * @return User
- */
- private function handleOtp(FormInterface $form, User $user)
- {
- if (true === $form->get('googleTwoFactor')->getData() && false === $user->isGoogleAuthenticatorEnabled()) {
- $user->setGoogleAuthenticatorSecret($this->get('scheb_two_factor.security.google_authenticator')->generateSecret());
- $user->setEmailTwoFactor(false);
-
- return $user;
- }
-
- $user->setGoogleAuthenticatorSecret(null);
-
- return $user;
- }
}