diff options
| author | Jeremy Benoist <jeremy.benoist@gmail.com> | 2018-12-02 18:39:02 +0100 |
|---|---|---|
| committer | Jeremy Benoist <jeremy.benoist@gmail.com> | 2019-01-23 13:28:02 +0100 |
| commit | 2dfbe9e5faf40364b60e6c76f3cc9fac5bf11fa4 (patch) | |
| tree | 463e9a7a036f736a1fbb676f4fddf113f8a8cb72 | |
| parent | edc79ad886e4c96d1c2d205fedf5a9c19a177ee1 (diff) | |
| download | wallabag-2dfbe9e5faf40364b60e6c76f3cc9fac5bf11fa4.tar.gz wallabag-2dfbe9e5faf40364b60e6c76f3cc9fac5bf11fa4.tar.zst wallabag-2dfbe9e5faf40364b60e6c76f3cc9fac5bf11fa4.zip | |
Fix tests
4 files changed, 36 insertions, 69 deletions
diff --git a/src/Wallabag/CoreBundle/Controller/ConfigController.php b/src/Wallabag/CoreBundle/Controller/ConfigController.php index 5bbe1c74..846e96ff 100644 --- a/src/Wallabag/CoreBundle/Controller/ConfigController.php +++ b/src/Wallabag/CoreBundle/Controller/ConfigController.php | |||
| @@ -81,23 +81,23 @@ class ConfigController extends Controller | |||
| 81 | $userForm->handleRequest($request); | 81 | $userForm->handleRequest($request); |
| 82 | 82 | ||
| 83 | // `googleTwoFactor` isn't a field within the User entity, we need to define it's value in a different way | 83 | // `googleTwoFactor` isn't a field within the User entity, we need to define it's value in a different way |
| 84 | if (true === $user->isGoogleAuthenticatorEnabled() && false === $userForm->isSubmitted()) { | 84 | if ($this->getParameter('twofactor_auth') && true === $user->isGoogleAuthenticatorEnabled() && false === $userForm->isSubmitted()) { |
| 85 | $userForm->get('googleTwoFactor')->setData(true); | 85 | $userForm->get('googleTwoFactor')->setData(true); |
| 86 | } | 86 | } |
| 87 | 87 | ||
| 88 | if ($userForm->isSubmitted() && $userForm->isValid()) { | 88 | if ($userForm->isSubmitted() && $userForm->isValid()) { |
| 89 | // handle creation / reset of the OTP secret if checkbox changed from the previous state | 89 | // handle creation / reset of the OTP secret if checkbox changed from the previous state |
| 90 | if (true === $userForm->get('googleTwoFactor')->getData() && false === $user->isGoogleAuthenticatorEnabled()) { | 90 | if ($this->getParameter('twofactor_auth')) { |
| 91 | $secret = $this->get('scheb_two_factor.security.google_authenticator')->generateSecret(); | 91 | if (true === $userForm->get('googleTwoFactor')->getData() && false === $user->isGoogleAuthenticatorEnabled()) { |
| 92 | $secret = $this->get('scheb_two_factor.security.google_authenticator')->generateSecret(); | ||
| 92 | 93 | ||
| 93 | $user->setGoogleAuthenticatorSecret($secret); | 94 | $user->setGoogleAuthenticatorSecret($secret); |
| 94 | $user->setEmailTwoFactor(false); | 95 | $user->setEmailTwoFactor(false); |
| 95 | 96 | ||
| 96 | $qrCode = $this->get('scheb_two_factor.security.google_authenticator')->getQRContent($user); | 97 | $this->addFlash('OtpQrCode', $this->get('scheb_two_factor.security.google_authenticator')->getQRContent($user)); |
| 97 | 98 | } elseif (false === $userForm->get('googleTwoFactor')->getData() && true === $user->isGoogleAuthenticatorEnabled()) { | |
| 98 | $this->addFlash('OTPSecret', ['code' => $secret, 'qrCode' => $qrCode]); | 99 | $user->setGoogleAuthenticatorSecret(null); |
| 99 | } elseif (false === $userForm->get('googleTwoFactor')->getData() && true === $user->isGoogleAuthenticatorEnabled()) { | 100 | } |
| 100 | $user->setGoogleAuthenticatorSecret(null); | ||
| 101 | } | 101 | } |
| 102 | 102 | ||
| 103 | $userManager->updateUser($user, true); | 103 | $userManager->updateUser($user, true); |
diff --git a/src/Wallabag/CoreBundle/Resources/views/themes/baggy/Config/index.html.twig b/src/Wallabag/CoreBundle/Resources/views/themes/baggy/Config/index.html.twig index 5c4e44dd..6ee57443 100644 --- a/src/Wallabag/CoreBundle/Resources/views/themes/baggy/Config/index.html.twig +++ b/src/Wallabag/CoreBundle/Resources/views/themes/baggy/Config/index.html.twig | |||
| @@ -86,8 +86,7 @@ | |||
| 86 | <br/> | 86 | <br/> |
| 87 | <img id="androidQrcode" /> | 87 | <img id="androidQrcode" /> |
| 88 | <script> | 88 | <script> |
| 89 | const imgBase64 = jrQrcode.getQrBase64('wallabag://{{ app.user.username }}@{{ wallabag_url }}'); | 89 | document.getElementById('androidQrcode').src = jrQrcode.getQrBase64('wallabag://{{ app.user.username }}@{{ wallabag_url }}'); |
| 90 | document.getElementById('androidQrcode').src = imgBase64; | ||
| 91 | </script> | 90 | </script> |
| 92 | </div> | 91 | </div> |
| 93 | </fieldset> | 92 | </fieldset> |
| @@ -186,20 +185,20 @@ | |||
| 186 | {{ form_widget(form.user.googleTwoFactor) }} | 185 | {{ form_widget(form.user.googleTwoFactor) }} |
| 187 | {{ form_errors(form.user.googleTwoFactor) }} | 186 | {{ form_errors(form.user.googleTwoFactor) }} |
| 188 | </div> | 187 | </div> |
| 189 | {% for OTPSecret in app.session.flashbag.get('OTPSecret') %} | 188 | {% for OtpQrCode in app.session.flashbag.get('OtpQrCode') %} |
| 190 | <div class="row"> | 189 | <div class="row"> |
| 191 | You just enabled the OTP two factor authentication, open your OTP app and use that code to get a one time password. | 190 | You just enabled the OTP two factor authentication, open your OTP app and use that code to get a one time password. |
| 192 | <br/> | 191 | <br/> |
| 193 | That code will disapear after a page reload. | 192 | That code will disapear after a page reload. |
| 194 | <br/><br/> | 193 | <br/><br/> |
| 195 | <strong>{{ OTPSecret.code }}</strong> | 194 | <strong>{{ app.user.getGoogleAuthenticatorSecret }}</strong> |
| 196 | <br/><br/> | 195 | <br/><br/> |
| 197 | Or you can scan that QR Code with your app: | 196 | Or you can scan that QR Code with your app: |
| 198 | <br/> | 197 | <br/> |
| 199 | <img id="2faQrcode" class="hide-on-med-and-down" /> | 198 | <img id="2faQrcode" class="hide-on-med-and-down" /> |
| 200 | 199 | ||
| 201 | <script> | 200 | <script> |
| 202 | document.getElementById('2faQrcode').src = jrQrcode.getQrBase64('{{ OTPSecret.qrCode }}');; | 201 | document.getElementById('2faQrcode').src = jrQrcode.getQrBase64('{{ OtpQrCode }}');; |
| 203 | </script> | 202 | </script> |
| 204 | </div> | 203 | </div> |
| 205 | {% endfor %} | 204 | {% endfor %} |
diff --git a/src/Wallabag/CoreBundle/Resources/views/themes/material/Config/index.html.twig b/src/Wallabag/CoreBundle/Resources/views/themes/material/Config/index.html.twig index 887d154f..ca7eb9f3 100644 --- a/src/Wallabag/CoreBundle/Resources/views/themes/material/Config/index.html.twig +++ b/src/Wallabag/CoreBundle/Resources/views/themes/material/Config/index.html.twig | |||
| @@ -212,20 +212,20 @@ | |||
| 212 | </div> | 212 | </div> |
| 213 | </div> | 213 | </div> |
| 214 | 214 | ||
| 215 | {% for OTPSecret in app.session.flashbag.get('OTPSecret') %} | 215 | {% for OtpQrCode in app.session.flashbag.get('OtpQrCode') %} |
| 216 | <div class="card-panel yellow darken-1 black-text"> | 216 | <div class="card-panel yellow darken-1 black-text"> |
| 217 | You just enabled the OTP two factor authentication, open your OTP app and use that code to get a one time password. | 217 | You just enabled the OTP two factor authentication, open your OTP app and use that code to get a one time password. |
| 218 | <br/> | 218 | <br/> |
| 219 | That code will disapear after a page reload. | 219 | That code will disapear after a page reload. |
| 220 | <br/><br/> | 220 | <br/><br/> |
| 221 | <strong>{{ OTPSecret.code }}</strong> | 221 | <strong>{{ app.user.getGoogleAuthenticatorSecret }}</strong> |
| 222 | <br/><br/> | 222 | <br/><br/> |
| 223 | Or you can scan that QR Code with your app: | 223 | Or you can scan that QR Code with your app: |
| 224 | <br/> | 224 | <br/> |
| 225 | <img id="2faQrcode" class="hide-on-med-and-down" /> | 225 | <img id="2faQrcode" class="hide-on-med-and-down" /> |
| 226 | 226 | ||
| 227 | <script> | 227 | <script> |
| 228 | document.getElementById('2faQrcode').src = jrQrcode.getQrBase64('{{ OTPSecret.qrCode }}');; | 228 | document.getElementById('2faQrcode').src = jrQrcode.getQrBase64('{{ OtpQrCode }}');; |
| 229 | </script> | 229 | </script> |
| 230 | </div> | 230 | </div> |
| 231 | {% endfor %} | 231 | {% endfor %} |
diff --git a/src/Wallabag/UserBundle/Controller/ManageController.php b/src/Wallabag/UserBundle/Controller/ManageController.php index 08ed25dd..b9fd8660 100644 --- a/src/Wallabag/UserBundle/Controller/ManageController.php +++ b/src/Wallabag/UserBundle/Controller/ManageController.php | |||
| @@ -8,7 +8,6 @@ use Pagerfanta\Adapter\DoctrineORMAdapter; | |||
| 8 | use Pagerfanta\Exception\OutOfRangeCurrentPageException; | 8 | use Pagerfanta\Exception\OutOfRangeCurrentPageException; |
| 9 | use Pagerfanta\Pagerfanta; | 9 | use Pagerfanta\Pagerfanta; |
| 10 | use Symfony\Bundle\FrameworkBundle\Controller\Controller; | 10 | use Symfony\Bundle\FrameworkBundle\Controller\Controller; |
| 11 | use Symfony\Component\Form\FormInterface; | ||
| 12 | use Symfony\Component\HttpFoundation\Request; | 11 | use Symfony\Component\HttpFoundation\Request; |
| 13 | use Symfony\Component\Routing\Annotation\Route; | 12 | use Symfony\Component\Routing\Annotation\Route; |
| 14 | use Wallabag\UserBundle\Entity\User; | 13 | use Wallabag\UserBundle\Entity\User; |
| @@ -32,10 +31,10 @@ class ManageController extends Controller | |||
| 32 | // enable created user by default | 31 | // enable created user by default |
| 33 | $user->setEnabled(true); | 32 | $user->setEnabled(true); |
| 34 | 33 | ||
| 35 | $form = $this->createEditForm('NewUserType', $user, $request); | 34 | $form = $this->createForm('Wallabag\UserBundle\Form\NewUserType', $user); |
| 35 | $form->handleRequest($request); | ||
| 36 | 36 | ||
| 37 | if ($form->isSubmitted() && $form->isValid()) { | 37 | if ($form->isSubmitted() && $form->isValid()) { |
| 38 | $user = $this->handleOtp($form, $user); | ||
| 39 | $userManager->updateUser($user); | 38 | $userManager->updateUser($user); |
| 40 | 39 | ||
| 41 | // dispatch a created event so the associated config will be created | 40 | // dispatch a created event so the associated config will be created |
| @@ -66,10 +65,25 @@ class ManageController extends Controller | |||
| 66 | $userManager = $this->container->get('fos_user.user_manager'); | 65 | $userManager = $this->container->get('fos_user.user_manager'); |
| 67 | 66 | ||
| 68 | $deleteForm = $this->createDeleteForm($user); | 67 | $deleteForm = $this->createDeleteForm($user); |
| 69 | $form = $this->createEditForm('UserType', $user, $request); | 68 | $form = $this->createForm('Wallabag\UserBundle\Form\UserType', $user); |
| 69 | $form->handleRequest($request); | ||
| 70 | |||
| 71 | // `googleTwoFactor` isn't a field within the User entity, we need to define it's value in a different way | ||
| 72 | if ($this->getParameter('twofactor_auth') && true === $user->isGoogleAuthenticatorEnabled() && false === $form->isSubmitted()) { | ||
| 73 | $form->get('googleTwoFactor')->setData(true); | ||
| 74 | } | ||
| 70 | 75 | ||
| 71 | if ($form->isSubmitted() && $form->isValid()) { | 76 | if ($form->isSubmitted() && $form->isValid()) { |
| 72 | $user = $this->handleOtp($form, $user); | 77 | // handle creation / reset of the OTP secret if checkbox changed from the previous state |
| 78 | if ($this->getParameter('twofactor_auth')) { | ||
| 79 | if (true === $form->get('googleTwoFactor')->getData() && false === $user->isGoogleAuthenticatorEnabled()) { | ||
| 80 | $user->setGoogleAuthenticatorSecret($this->get('scheb_two_factor.security.google_authenticator')->generateSecret()); | ||
| 81 | $user->setEmailTwoFactor(false); | ||
| 82 | } elseif (false === $form->get('googleTwoFactor')->getData() && true === $user->isGoogleAuthenticatorEnabled()) { | ||
| 83 | $user->setGoogleAuthenticatorSecret(null); | ||
| 84 | } | ||
| 85 | } | ||
| 86 | |||
| 73 | $userManager->updateUser($user); | 87 | $userManager->updateUser($user); |
| 74 | 88 | ||
| 75 | $this->get('session')->getFlashBag()->add( | 89 | $this->get('session')->getFlashBag()->add( |
| @@ -172,50 +186,4 @@ class ManageController extends Controller | |||
| 172 | ->getForm() | 186 | ->getForm() |
| 173 | ; | 187 | ; |
| 174 | } | 188 | } |
| 175 | |||
| 176 | /** | ||
| 177 | * Create a form to create or edit a User entity. | ||
| 178 | * | ||
| 179 | * @param string $type Might be NewUserType or UserType | ||
| 180 | * @param User $user The new / edit user | ||
| 181 | * @param Request $request The request | ||
| 182 | * | ||
| 183 | * @return FormInterface | ||
| 184 | */ | ||
| 185 | private function createEditForm($type, User $user, Request $request) | ||
| 186 | { | ||
| 187 | $form = $this->createForm('Wallabag\UserBundle\Form\\' . $type, $user); | ||
| 188 | $form->handleRequest($request); | ||
| 189 | |||
| 190 | // `googleTwoFactor` isn't a field within the User entity, we need to define it's value in a different way | ||
| 191 | if (true === $user->isGoogleAuthenticatorEnabled() && false === $form->isSubmitted()) { | ||
| 192 | $form->get('googleTwoFactor')->setData(true); | ||
| 193 | } | ||
| 194 | |||
| 195 | return $form; | ||
| 196 | } | ||
| 197 | |||
| 198 | /** | ||
| 199 | * Handle OTP update, taking care to only have one 2fa enable at a time. | ||
| 200 | * | ||
| 201 | * @see ConfigController | ||
| 202 | * | ||
| 203 | * @param FormInterface $form | ||
| 204 | * @param User $user | ||
| 205 | * | ||
| 206 | * @return User | ||
| 207 | */ | ||
| 208 | private function handleOtp(FormInterface $form, User $user) | ||
| 209 | { | ||
| 210 | if (true === $form->get('googleTwoFactor')->getData() && false === $user->isGoogleAuthenticatorEnabled()) { | ||
| 211 | $user->setGoogleAuthenticatorSecret($this->get('scheb_two_factor.security.google_authenticator')->generateSecret()); | ||
| 212 | $user->setEmailTwoFactor(false); | ||
| 213 | |||
| 214 | return $user; | ||
| 215 | } | ||
| 216 | |||
| 217 | $user->setGoogleAuthenticatorSecret(null); | ||
| 218 | |||
| 219 | return $user; | ||
| 220 | } | ||
| 221 | } | 189 | } |