aboutsummaryrefslogtreecommitdiffhomepage
diff options
context:
space:
mode:
-rw-r--r--src/Wallabag/CoreBundle/Controller/ConfigController.php20
-rw-r--r--src/Wallabag/CoreBundle/Resources/views/themes/baggy/Config/index.html.twig9
-rw-r--r--src/Wallabag/CoreBundle/Resources/views/themes/material/Config/index.html.twig6
-rw-r--r--src/Wallabag/UserBundle/Controller/ManageController.php70
4 files changed, 36 insertions, 69 deletions
diff --git a/src/Wallabag/CoreBundle/Controller/ConfigController.php b/src/Wallabag/CoreBundle/Controller/ConfigController.php
index 5bbe1c74..846e96ff 100644
--- a/src/Wallabag/CoreBundle/Controller/ConfigController.php
+++ b/src/Wallabag/CoreBundle/Controller/ConfigController.php
@@ -81,23 +81,23 @@ class ConfigController extends Controller
81 $userForm->handleRequest($request); 81 $userForm->handleRequest($request);
82 82
83 // `googleTwoFactor` isn't a field within the User entity, we need to define it's value in a different way 83 // `googleTwoFactor` isn't a field within the User entity, we need to define it's value in a different way
84 if (true === $user->isGoogleAuthenticatorEnabled() && false === $userForm->isSubmitted()) { 84 if ($this->getParameter('twofactor_auth') && true === $user->isGoogleAuthenticatorEnabled() && false === $userForm->isSubmitted()) {
85 $userForm->get('googleTwoFactor')->setData(true); 85 $userForm->get('googleTwoFactor')->setData(true);
86 } 86 }
87 87
88 if ($userForm->isSubmitted() && $userForm->isValid()) { 88 if ($userForm->isSubmitted() && $userForm->isValid()) {
89 // handle creation / reset of the OTP secret if checkbox changed from the previous state 89 // handle creation / reset of the OTP secret if checkbox changed from the previous state
90 if (true === $userForm->get('googleTwoFactor')->getData() && false === $user->isGoogleAuthenticatorEnabled()) { 90 if ($this->getParameter('twofactor_auth')) {
91 $secret = $this->get('scheb_two_factor.security.google_authenticator')->generateSecret(); 91 if (true === $userForm->get('googleTwoFactor')->getData() && false === $user->isGoogleAuthenticatorEnabled()) {
92 $secret = $this->get('scheb_two_factor.security.google_authenticator')->generateSecret();
92 93
93 $user->setGoogleAuthenticatorSecret($secret); 94 $user->setGoogleAuthenticatorSecret($secret);
94 $user->setEmailTwoFactor(false); 95 $user->setEmailTwoFactor(false);
95 96
96 $qrCode = $this->get('scheb_two_factor.security.google_authenticator')->getQRContent($user); 97 $this->addFlash('OtpQrCode', $this->get('scheb_two_factor.security.google_authenticator')->getQRContent($user));
97 98 } elseif (false === $userForm->get('googleTwoFactor')->getData() && true === $user->isGoogleAuthenticatorEnabled()) {
98 $this->addFlash('OTPSecret', ['code' => $secret, 'qrCode' => $qrCode]); 99 $user->setGoogleAuthenticatorSecret(null);
99 } elseif (false === $userForm->get('googleTwoFactor')->getData() && true === $user->isGoogleAuthenticatorEnabled()) { 100 }
100 $user->setGoogleAuthenticatorSecret(null);
101 } 101 }
102 102
103 $userManager->updateUser($user, true); 103 $userManager->updateUser($user, true);
diff --git a/src/Wallabag/CoreBundle/Resources/views/themes/baggy/Config/index.html.twig b/src/Wallabag/CoreBundle/Resources/views/themes/baggy/Config/index.html.twig
index 5c4e44dd..6ee57443 100644
--- a/src/Wallabag/CoreBundle/Resources/views/themes/baggy/Config/index.html.twig
+++ b/src/Wallabag/CoreBundle/Resources/views/themes/baggy/Config/index.html.twig
@@ -86,8 +86,7 @@
86 <br/> 86 <br/>
87 <img id="androidQrcode" /> 87 <img id="androidQrcode" />
88 <script> 88 <script>
89 const imgBase64 = jrQrcode.getQrBase64('wallabag://{{ app.user.username }}@{{ wallabag_url }}'); 89 document.getElementById('androidQrcode').src = jrQrcode.getQrBase64('wallabag://{{ app.user.username }}@{{ wallabag_url }}');
90 document.getElementById('androidQrcode').src = imgBase64;
91 </script> 90 </script>
92 </div> 91 </div>
93 </fieldset> 92 </fieldset>
@@ -186,20 +185,20 @@
186 {{ form_widget(form.user.googleTwoFactor) }} 185 {{ form_widget(form.user.googleTwoFactor) }}
187 {{ form_errors(form.user.googleTwoFactor) }} 186 {{ form_errors(form.user.googleTwoFactor) }}
188 </div> 187 </div>
189 {% for OTPSecret in app.session.flashbag.get('OTPSecret') %} 188 {% for OtpQrCode in app.session.flashbag.get('OtpQrCode') %}
190 <div class="row"> 189 <div class="row">
191 You just enabled the OTP two factor authentication, open your OTP app and use that code to get a one time password. 190 You just enabled the OTP two factor authentication, open your OTP app and use that code to get a one time password.
192 <br/> 191 <br/>
193 That code will disapear after a page reload. 192 That code will disapear after a page reload.
194 <br/><br/> 193 <br/><br/>
195 <strong>{{ OTPSecret.code }}</strong> 194 <strong>{{ app.user.getGoogleAuthenticatorSecret }}</strong>
196 <br/><br/> 195 <br/><br/>
197 Or you can scan that QR Code with your app: 196 Or you can scan that QR Code with your app:
198 <br/> 197 <br/>
199 <img id="2faQrcode" class="hide-on-med-and-down" /> 198 <img id="2faQrcode" class="hide-on-med-and-down" />
200 199
201 <script> 200 <script>
202 document.getElementById('2faQrcode').src = jrQrcode.getQrBase64('{{ OTPSecret.qrCode }}');; 201 document.getElementById('2faQrcode').src = jrQrcode.getQrBase64('{{ OtpQrCode }}');;
203 </script> 202 </script>
204 </div> 203 </div>
205 {% endfor %} 204 {% endfor %}
diff --git a/src/Wallabag/CoreBundle/Resources/views/themes/material/Config/index.html.twig b/src/Wallabag/CoreBundle/Resources/views/themes/material/Config/index.html.twig
index 887d154f..ca7eb9f3 100644
--- a/src/Wallabag/CoreBundle/Resources/views/themes/material/Config/index.html.twig
+++ b/src/Wallabag/CoreBundle/Resources/views/themes/material/Config/index.html.twig
@@ -212,20 +212,20 @@
212 </div> 212 </div>
213 </div> 213 </div>
214 214
215 {% for OTPSecret in app.session.flashbag.get('OTPSecret') %} 215 {% for OtpQrCode in app.session.flashbag.get('OtpQrCode') %}
216 <div class="card-panel yellow darken-1 black-text"> 216 <div class="card-panel yellow darken-1 black-text">
217 You just enabled the OTP two factor authentication, open your OTP app and use that code to get a one time password. 217 You just enabled the OTP two factor authentication, open your OTP app and use that code to get a one time password.
218 <br/> 218 <br/>
219 That code will disapear after a page reload. 219 That code will disapear after a page reload.
220 <br/><br/> 220 <br/><br/>
221 <strong>{{ OTPSecret.code }}</strong> 221 <strong>{{ app.user.getGoogleAuthenticatorSecret }}</strong>
222 <br/><br/> 222 <br/><br/>
223 Or you can scan that QR Code with your app: 223 Or you can scan that QR Code with your app:
224 <br/> 224 <br/>
225 <img id="2faQrcode" class="hide-on-med-and-down" /> 225 <img id="2faQrcode" class="hide-on-med-and-down" />
226 226
227 <script> 227 <script>
228 document.getElementById('2faQrcode').src = jrQrcode.getQrBase64('{{ OTPSecret.qrCode }}');; 228 document.getElementById('2faQrcode').src = jrQrcode.getQrBase64('{{ OtpQrCode }}');;
229 </script> 229 </script>
230 </div> 230 </div>
231 {% endfor %} 231 {% endfor %}
diff --git a/src/Wallabag/UserBundle/Controller/ManageController.php b/src/Wallabag/UserBundle/Controller/ManageController.php
index 08ed25dd..b9fd8660 100644
--- a/src/Wallabag/UserBundle/Controller/ManageController.php
+++ b/src/Wallabag/UserBundle/Controller/ManageController.php
@@ -8,7 +8,6 @@ use Pagerfanta\Adapter\DoctrineORMAdapter;
8use Pagerfanta\Exception\OutOfRangeCurrentPageException; 8use Pagerfanta\Exception\OutOfRangeCurrentPageException;
9use Pagerfanta\Pagerfanta; 9use Pagerfanta\Pagerfanta;
10use Symfony\Bundle\FrameworkBundle\Controller\Controller; 10use Symfony\Bundle\FrameworkBundle\Controller\Controller;
11use Symfony\Component\Form\FormInterface;
12use Symfony\Component\HttpFoundation\Request; 11use Symfony\Component\HttpFoundation\Request;
13use Symfony\Component\Routing\Annotation\Route; 12use Symfony\Component\Routing\Annotation\Route;
14use Wallabag\UserBundle\Entity\User; 13use Wallabag\UserBundle\Entity\User;
@@ -32,10 +31,10 @@ class ManageController extends Controller
32 // enable created user by default 31 // enable created user by default
33 $user->setEnabled(true); 32 $user->setEnabled(true);
34 33
35 $form = $this->createEditForm('NewUserType', $user, $request); 34 $form = $this->createForm('Wallabag\UserBundle\Form\NewUserType', $user);
35 $form->handleRequest($request);
36 36
37 if ($form->isSubmitted() && $form->isValid()) { 37 if ($form->isSubmitted() && $form->isValid()) {
38 $user = $this->handleOtp($form, $user);
39 $userManager->updateUser($user); 38 $userManager->updateUser($user);
40 39
41 // dispatch a created event so the associated config will be created 40 // dispatch a created event so the associated config will be created
@@ -66,10 +65,25 @@ class ManageController extends Controller
66 $userManager = $this->container->get('fos_user.user_manager'); 65 $userManager = $this->container->get('fos_user.user_manager');
67 66
68 $deleteForm = $this->createDeleteForm($user); 67 $deleteForm = $this->createDeleteForm($user);
69 $form = $this->createEditForm('UserType', $user, $request); 68 $form = $this->createForm('Wallabag\UserBundle\Form\UserType', $user);
69 $form->handleRequest($request);
70
71 // `googleTwoFactor` isn't a field within the User entity, we need to define it's value in a different way
72 if ($this->getParameter('twofactor_auth') && true === $user->isGoogleAuthenticatorEnabled() && false === $form->isSubmitted()) {
73 $form->get('googleTwoFactor')->setData(true);
74 }
70 75
71 if ($form->isSubmitted() && $form->isValid()) { 76 if ($form->isSubmitted() && $form->isValid()) {
72 $user = $this->handleOtp($form, $user); 77 // handle creation / reset of the OTP secret if checkbox changed from the previous state
78 if ($this->getParameter('twofactor_auth')) {
79 if (true === $form->get('googleTwoFactor')->getData() && false === $user->isGoogleAuthenticatorEnabled()) {
80 $user->setGoogleAuthenticatorSecret($this->get('scheb_two_factor.security.google_authenticator')->generateSecret());
81 $user->setEmailTwoFactor(false);
82 } elseif (false === $form->get('googleTwoFactor')->getData() && true === $user->isGoogleAuthenticatorEnabled()) {
83 $user->setGoogleAuthenticatorSecret(null);
84 }
85 }
86
73 $userManager->updateUser($user); 87 $userManager->updateUser($user);
74 88
75 $this->get('session')->getFlashBag()->add( 89 $this->get('session')->getFlashBag()->add(
@@ -172,50 +186,4 @@ class ManageController extends Controller
172 ->getForm() 186 ->getForm()
173 ; 187 ;
174 } 188 }
175
176 /**
177 * Create a form to create or edit a User entity.
178 *
179 * @param string $type Might be NewUserType or UserType
180 * @param User $user The new / edit user
181 * @param Request $request The request
182 *
183 * @return FormInterface
184 */
185 private function createEditForm($type, User $user, Request $request)
186 {
187 $form = $this->createForm('Wallabag\UserBundle\Form\\' . $type, $user);
188 $form->handleRequest($request);
189
190 // `googleTwoFactor` isn't a field within the User entity, we need to define it's value in a different way
191 if (true === $user->isGoogleAuthenticatorEnabled() && false === $form->isSubmitted()) {
192 $form->get('googleTwoFactor')->setData(true);
193 }
194
195 return $form;
196 }
197
198 /**
199 * Handle OTP update, taking care to only have one 2fa enable at a time.
200 *
201 * @see ConfigController
202 *
203 * @param FormInterface $form
204 * @param User $user
205 *
206 * @return User
207 */
208 private function handleOtp(FormInterface $form, User $user)
209 {
210 if (true === $form->get('googleTwoFactor')->getData() && false === $user->isGoogleAuthenticatorEnabled()) {
211 $user->setGoogleAuthenticatorSecret($this->get('scheb_two_factor.security.google_authenticator')->generateSecret());
212 $user->setEmailTwoFactor(false);
213
214 return $user;
215 }
216
217 $user->setGoogleAuthenticatorSecret(null);
218
219 return $user;
220 }
221} 189}