aboutsummaryrefslogtreecommitdiffhomepage
diff options
context:
space:
mode:
-rw-r--r--app/config/config.yml5
-rw-r--r--app/config/parameters.yml.dist2
-rw-r--r--src/Wallabag/CoreBundle/Resources/views/themes/baggy/Config/index.html.twig2
-rw-r--r--src/Wallabag/CoreBundle/Resources/views/themes/material/Config/index.html.twig2
-rw-r--r--src/Wallabag/CoreBundle/Tests/Controller/SecurityControllerTest.php62
5 files changed, 43 insertions, 30 deletions
diff --git a/app/config/config.yml b/app/config/config.yml
index 4a2c02bf..956fdd07 100644
--- a/app/config/config.yml
+++ b/app/config/config.yml
@@ -45,6 +45,7 @@ twig:
45 export_mobi: %export_mobi% 45 export_mobi: %export_mobi%
46 export_pdf: %export_pdf% 46 export_pdf: %export_pdf%
47 version: %app.version% 47 version: %app.version%
48 twofactor_auth: %twofactor_auth%
48 warning_message: %warning_message% 49 warning_message: %warning_message%
49 paypal_url: "https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=9UBA65LG3FX9Y&lc=gb" 50 paypal_url: "https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=9UBA65LG3FX9Y&lc=gb"
50 flattr_url: "https://flattr.com/thing/1265480" 51 flattr_url: "https://flattr.com/thing/1265480"
@@ -179,7 +180,7 @@ scheb_two_factor:
179 cookie_lifetime: 2592000 180 cookie_lifetime: 2592000
180 181
181 email: 182 email:
182 enabled: true 183 enabled: %twofactor_auth%
183 sender_email: no-reply@wallabag.org 184 sender_email: %twofactor_sender%
184 digits: 6 185 digits: 6
185 template: WallabagUserBundle:Authentication:form.html.twig 186 template: WallabagUserBundle:Authentication:form.html.twig
diff --git a/app/config/parameters.yml.dist b/app/config/parameters.yml.dist
index c1f6bc1b..52f9bccb 100644
--- a/app/config/parameters.yml.dist
+++ b/app/config/parameters.yml.dist
@@ -29,6 +29,8 @@ parameters:
29 29
30 # wallabag misc 30 # wallabag misc
31 app.version: 2.0.0-alpha 31 app.version: 2.0.0-alpha
32 twofactor_auth: true
33 twofactor_sender: no-reply@wallabag.org
32 34
33 # message to display at the bottom of the page 35 # message to display at the bottom of the page
34 warning_message: > 36 warning_message: >
diff --git a/src/Wallabag/CoreBundle/Resources/views/themes/baggy/Config/index.html.twig b/src/Wallabag/CoreBundle/Resources/views/themes/baggy/Config/index.html.twig
index cee4f672..abe5dc9e 100644
--- a/src/Wallabag/CoreBundle/Resources/views/themes/baggy/Config/index.html.twig
+++ b/src/Wallabag/CoreBundle/Resources/views/themes/baggy/Config/index.html.twig
@@ -100,6 +100,7 @@
100 </div> 100 </div>
101 </fieldset> 101 </fieldset>
102 102
103 {% if twofactor_auth %}
103 <fieldset class="w500p inline"> 104 <fieldset class="w500p inline">
104 <div class="row"> 105 <div class="row">
105 {{ form_label(form.user.twoFactorAuthentication) }} 106 {{ form_label(form.user.twoFactorAuthentication) }}
@@ -107,6 +108,7 @@
107 {{ form_widget(form.user.twoFactorAuthentication) }} 108 {{ form_widget(form.user.twoFactorAuthentication) }}
108 </div> 109 </div>
109 </fieldset> 110 </fieldset>
111 {% endif %}
110 112
111 {{ form_rest(form.user) }} 113 {{ form_rest(form.user) }}
112 </form> 114 </form>
diff --git a/src/Wallabag/CoreBundle/Resources/views/themes/material/Config/index.html.twig b/src/Wallabag/CoreBundle/Resources/views/themes/material/Config/index.html.twig
index b20c4ea5..ab24d4ef 100644
--- a/src/Wallabag/CoreBundle/Resources/views/themes/material/Config/index.html.twig
+++ b/src/Wallabag/CoreBundle/Resources/views/themes/material/Config/index.html.twig
@@ -132,6 +132,7 @@
132 </div> 132 </div>
133 </div> 133 </div>
134 134
135 {% if twofactor_auth %}
135 <div class="row"> 136 <div class="row">
136 <div class="input-field col s12"> 137 <div class="input-field col s12">
137 {{ form_widget(form.user.twoFactorAuthentication) }} 138 {{ form_widget(form.user.twoFactorAuthentication) }}
@@ -139,6 +140,7 @@
139 {{ form_errors(form.user.twoFactorAuthentication) }} 140 {{ form_errors(form.user.twoFactorAuthentication) }}
140 </div> 141 </div>
141 </div> 142 </div>
143 {% endif %}
142 144
143 <div class="hidden">{{ form_rest(form.user) }}</div> 145 <div class="hidden">{{ form_rest(form.user) }}</div>
144 <button class="btn waves-effect waves-light" type="submit" name="action"> 146 <button class="btn waves-effect waves-light" type="submit" name="action">
diff --git a/src/Wallabag/CoreBundle/Tests/Controller/SecurityControllerTest.php b/src/Wallabag/CoreBundle/Tests/Controller/SecurityControllerTest.php
index 3402b340..b9f5d835 100644
--- a/src/Wallabag/CoreBundle/Tests/Controller/SecurityControllerTest.php
+++ b/src/Wallabag/CoreBundle/Tests/Controller/SecurityControllerTest.php
@@ -19,40 +19,46 @@ class SecurityControllerTest extends WallabagCoreTestCase
19 public function testLoginWith2Factor() 19 public function testLoginWith2Factor()
20 { 20 {
21 $client = $this->getClient(); 21 $client = $this->getClient();
22 $client->followRedirects();
23 22
24 $em = $client->getContainer()->get('doctrine.orm.entity_manager'); 23 if ($client->getContainer()->getParameter('twofactor_auth')) {
25 $user = $em 24 $client->followRedirects();
26 ->getRepository('WallabagUserBundle:User')
27 ->findOneByUsername('admin');
28 $user->setTwoFactorAuthentication(true);
29 $em->persist($user);
30 $em->flush();
31 25
32 $this->logInAs('admin'); 26 $em = $client->getContainer()->get('doctrine.orm.entity_manager');
33 $client->request('GET', '/config'); 27 $user = $em
34 $this->assertContains('trusted computer', $client->getResponse()->getContent()); 28 ->getRepository('WallabagUserBundle:User')
35 29 ->findOneByUsername('admin');
36 // restore user 30 $user->setTwoFactorAuthentication(true);
37 $user = $em 31 $em->persist($user);
38 ->getRepository('WallabagUserBundle:User') 32 $em->flush();
39 ->findOneByUsername('admin'); 33
40 $user->setTwoFactorAuthentication(false); 34 $this->logInAs('admin');
41 $em->persist($user); 35 $client->request('GET', '/config');
42 $em->flush(); 36 $this->assertContains('trusted computer', $client->getResponse()->getContent());
37
38 // restore user
39 $user = $em
40 ->getRepository('WallabagUserBundle:User')
41 ->findOneByUsername('admin');
42 $user->setTwoFactorAuthentication(false);
43 $em->persist($user);
44 $em->flush();
45 }
43 } 46 }
44 47
45 public function testTrustedComputer() 48 public function testTrustedComputer()
46 { 49 {
47 $client = $this->getClient(); 50 $client = $this->getClient();
48 $em = $client->getContainer()->get('doctrine.orm.entity_manager'); 51
49 $user = $em 52 if ($client->getContainer()->getParameter('twofactor_auth')) {
50 ->getRepository('WallabagUserBundle:User') 53 $em = $client->getContainer()->get('doctrine.orm.entity_manager');
51 ->findOneByUsername('admin'); 54 $user = $em
52 55 ->getRepository('WallabagUserBundle:User')
53 $date = new \DateTime(); 56 ->findOneByUsername('admin');
54 $user->addTrustedComputer('ABCDEF', $date->add(new \DateInterval('P1M'))); 57
55 $this->assertTrue($user->isTrustedComputer('ABCDEF')); 58 $date = new \DateTime();
56 $this->assertFalse($user->isTrustedComputer('FEDCBA')); 59 $user->addTrustedComputer('ABCDEF', $date->add(new \DateInterval('P1M')));
60 $this->assertTrue($user->isTrustedComputer('ABCDEF'));
61 $this->assertFalse($user->isTrustedComputer('FEDCBA'));
62 }
57 } 63 }
58} 64}