1 files changed, 158 insertions, 23 deletions
diff --git a/src/Wallabag/CoreBundle/Controller/ConfigController.php b/src/Wallabag/CoreBundle/Controller/ConfigController.php
index b999c539..3b281d48 100644
--- a/src/Wallabag/CoreBundle/Controller/ConfigController.php
+++ b/src/Wallabag/CoreBundle/Controller/ConfigController.php
@@ -2,17 +2,19 @@
 namespace Wallabag\CoreBundle\Controller;
-use Sensio\Bundle\FrameworkExtraBundle\Configuration\Route;
+use PragmaRX\Recovery\Recovery as BackupCodes;
 use Symfony\Bundle\FrameworkBundle\Controller\Controller;
 use Symfony\Component\HttpFoundation\JsonResponse;
 use Symfony\Component\HttpFoundation\RedirectResponse;
 use Symfony\Component\HttpFoundation\Request;
 use Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException;
+use Symfony\Component\Routing\Annotation\Route;
+use Symfony\Component\Validator\Constraints\Locale as LocaleConstraint;
 use Wallabag\CoreBundle\Entity\Config;
 use Wallabag\CoreBundle\Entity\TaggingRule;
 use Wallabag\CoreBundle\Form\Type\ChangePasswordType;
 use Wallabag\CoreBundle\Form\Type\ConfigType;
-use Wallabag\CoreBundle\Form\Type\RssType;
+use Wallabag\CoreBundle\Form\Type\FeedType;
 use Wallabag\CoreBundle\Form\Type\TaggingRuleType;
 use Wallabag\CoreBundle\Form\Type\UserInformationType;
 use Wallabag\CoreBundle\Tools\Utils;
@@ -45,7 +47,7 @@ class ConfigController extends Controller
            $activeTheme = $this->get('liip_theme.active_theme');
            $activeTheme->setName($config->getTheme());
-            $this->get('session')->getFlashBag()->add(
+            $this->addFlash(
                'notice',
                'flashes.config.notice.config_saved'
            );
@@ -67,7 +69,7 @@ class ConfigController extends Controller
                $userManager->updateUser($user, true);
            }
-            $this->get('session')->getFlashBag()->add('notice', $message);
+            $this->addFlash('notice', $message);
            return $this->redirect($this->generateUrl('config') . '#set4');
        }
@@ -82,7 +84,7 @@ class ConfigController extends Controller
        if ($userForm->isSubmitted() && $userForm->isValid()) {
            $userManager->updateUser($user, true);
-            $this->get('session')->getFlashBag()->add(
+            $this->addFlash(
                'notice',
                'flashes.config.notice.user_updated'
            );
@@ -90,17 +92,17 @@ class ConfigController extends Controller
            return $this->redirect($this->generateUrl('config') . '#set3');
        }
-        // handle rss information
+        // handle feed information
-        $rssForm = $this->createForm(RssType::class, $config, ['action' => $this->generateUrl('config') . '#set2']);
+        $feedForm = $this->createForm(FeedType::class, $config, ['action' => $this->generateUrl('config') . '#set2']);
-        $rssForm->handleRequest($request);
+        $feedForm->handleRequest($request);
-        if ($rssForm->isSubmitted() && $rssForm->isValid()) {
+        if ($feedForm->isSubmitted() && $feedForm->isValid()) {
            $em->persist($config);
            $em->flush();
-            $this->get('session')->getFlashBag()->add(
+            $this->addFlash(
                'notice',
-                'flashes.config.notice.rss_updated'
+                'flashes.config.notice.feed_updated'
            );
            return $this->redirect($this->generateUrl('config') . '#set2');
@@ -130,7 +132,7 @@ class ConfigController extends Controller
            $em->persist($taggingRule);
            $em->flush();
-            $this->get('session')->getFlashBag()->add(
+            $this->addFlash(
                'notice',
                'flashes.config.notice.tagging_rules_updated'
            );
@@ -141,23 +143,135 @@ class ConfigController extends Controller
        return $this->render('WallabagCoreBundle:Config:index.html.twig', [
            'form' => [
                'config' => $configForm->createView(),
-                'rss' => $rssForm->createView(),
+                'feed' => $feedForm->createView(),
                'pwd' => $pwdForm->createView(),
                'user' => $userForm->createView(),
                'new_tagging_rule' => $newTaggingRule->createView(),
            ],
-            'rss' => [
+            'feed' => [
                'username' => $user->getUsername(),
-                'token' => $config->getRssToken(),
+                'token' => $config->getFeedToken(),
            ],
            'twofactor_auth' => $this->getParameter('twofactor_auth'),
            'wallabag_url' => $this->getParameter('domain_name'),
-            'enabled_users' => $this->get('wallabag_user.user_repository')
+            'enabled_users' => $this->get('wallabag_user.user_repository')->getSumEnabledUsers(),
-                ->getSumEnabledUsers(),
        ]);
    }
    /**
+     * Enable 2FA using email.
+     *
+     * @Route("/config/otp/email", name="config_otp_email")
+     */
+    public function otpEmailAction()
+    {
+        if (!$this->getParameter('twofactor_auth')) {
+            return $this->createNotFoundException('two_factor not enabled');
+        }
+        $user = $this->getUser();
+        $user->setGoogleAuthenticatorSecret(null);
+        $user->setBackupCodes(null);
+        $user->setEmailTwoFactor(true);
+        $this->container->get('fos_user.user_manager')->updateUser($user, true);
+        $this->addFlash(
+            'notice',
+            'flashes.config.notice.otp_enabled'
+        );
+        return $this->redirect($this->generateUrl('config') . '#set3');
+    }
+    /**
+     * Enable 2FA using OTP app, user will need to confirm the generated code from the app.
+     *
+     * @Route("/config/otp/app", name="config_otp_app")
+     */
+    public function otpAppAction()
+    {
+        if (!$this->getParameter('twofactor_auth')) {
+            return $this->createNotFoundException('two_factor not enabled');
+        }
+        $user = $this->getUser();
+        $secret = $this->get('scheb_two_factor.security.google_authenticator')->generateSecret();
+        $user->setGoogleAuthenticatorSecret($secret);
+        $user->setEmailTwoFactor(false);
+        $backupCodes = (new BackupCodes())->toArray();
+        $backupCodesHashed = array_map(
+            function ($backupCode) {
+                return password_hash($backupCode, PASSWORD_DEFAULT);
+            },
+            $backupCodes
+        );
+        $user->setBackupCodes($backupCodesHashed);
+        $this->container->get('fos_user.user_manager')->updateUser($user, true);
+        return $this->render('WallabagCoreBundle:Config:otp_app.html.twig', [
+            'backupCodes' => $backupCodes,
+            'qr_code' => $this->get('scheb_two_factor.security.google_authenticator')->getQRContent($user),
+        ]);
+    }
+    /**
+     * Cancelling 2FA using OTP app.
+     *
+     * @Route("/config/otp/app/cancel", name="config_otp_app_cancel")
+     */
+    public function otpAppCancelAction()
+    {
+        if (!$this->getParameter('twofactor_auth')) {
+            return $this->createNotFoundException('two_factor not enabled');
+        }
+        $user = $this->getUser();
+        $user->setGoogleAuthenticatorSecret(null);
+        $user->setBackupCodes(null);
+        $this->container->get('fos_user.user_manager')->updateUser($user, true);
+        return $this->redirect($this->generateUrl('config') . '#set3');
+    }
+    /**
+     * Validate OTP code.
+     *
+     * @param Request $request
+     *
+     * @Route("/config/otp/app/check", name="config_otp_app_check")
+     */
+    public function otpAppCheckAction(Request $request)
+    {
+        $isValid = $this->get('scheb_two_factor.security.google_authenticator')->checkCode(
+            $this->getUser(),
+            $request->get('_auth_code')
+        );
+        if (true === $isValid) {
+            $this->addFlash(
+                'notice',
+                'flashes.config.notice.otp_enabled'
+            );
+            return $this->redirect($this->generateUrl('config') . '#set3');
+        }
+        $this->addFlash(
+            'two_factor',
+            'scheb_two_factor.code_invalid'
+        );
+        return $this->redirect($this->generateUrl('config_otp_app'));
+    }
+    /**
     * @param Request $request
     *
     * @Route("/generate-token", name="generate_token")
@@ -167,19 +281,19 @@ class ConfigController extends Controller
    public function generateTokenAction(Request $request)
    {
        $config = $this->getConfig();
-        $config->setRssToken(Utils::generateToken());
+        $config->setFeedToken(Utils::generateToken());
        $em = $this->getDoctrine()->getManager();
        $em->persist($config);
        $em->flush();
        if ($request->isXmlHttpRequest()) {
-            return new JsonResponse(['token' => $config->getRssToken()]);
+            return new JsonResponse(['token' => $config->getFeedToken()]);
        }
-        $this->get('session')->getFlashBag()->add(
+        $this->addFlash(
            'notice',
-            'flashes.config.notice.rss_token_updated'
+            'flashes.config.notice.feed_token_updated'
        );
        return $this->redirect($this->generateUrl('config') . '#set2');
@@ -202,7 +316,7 @@ class ConfigController extends Controller
        $em->remove($rule);
        $em->flush();
-        $this->get('session')->getFlashBag()->add(
+        $this->addFlash(
            'notice',
            'flashes.config.notice.tagging_rules_deleted'
        );
@@ -268,7 +382,7 @@ class ConfigController extends Controller
                break;
        }
-        $this->get('session')->getFlashBag()->add(
+        $this->addFlash(
            'notice',
            'flashes.config.notice.' . $type . '_reset'
        );
@@ -330,6 +444,27 @@ class ConfigController extends Controller
    }
    /**
+     * Change the locale for the current user.
+     *
+     * @param Request $request
+     * @param string  $language
+     *
+     * @Route("/locale/{language}", name="changeLocale")
+     *
+     * @return \Symfony\Component\HttpFoundation\RedirectResponse
+     */
+    public function setLocaleAction(Request $request, $language = null)
+    {
+        $errors = $this->get('validator')->validate($language, (new LocaleConstraint()));
+        if (0 === \count($errors)) {
+            $request->getSession()->set('_locale', $language);
+        }
+        return $this->redirect($request->headers->get('referer', $this->generateUrl('homepage')));
+    }
+    /**
     * Remove all tags for given tags and a given user and cleanup orphan tags.
     *
     * @param array $tags

diff --git a/src/Wallabag/CoreBundle/Controller/ConfigController.php b/src/Wallabag/CoreBundle/Controller/ConfigController.php index b999c539..3b281d48 100644 --- a/src/Wallabag/CoreBundle/Controller/ConfigController.php +++ b/src/Wallabag/CoreBundle/Controller/ConfigController.php
@@ -2,17 +2,19 @@
2		2
3	namespace Wallabag\CoreBundle\Controller;	3	namespace Wallabag\CoreBundle\Controller;
4		4
5	use Sensio\Bundle\FrameworkExtraBundle\Configuration\Route;	5	use PragmaRX\Recovery\Recovery as BackupCodes;
6	use Symfony\Bundle\FrameworkBundle\Controller\Controller;	6	use Symfony\Bundle\FrameworkBundle\Controller\Controller;
7	use Symfony\Component\HttpFoundation\JsonResponse;	7	use Symfony\Component\HttpFoundation\JsonResponse;
8	use Symfony\Component\HttpFoundation\RedirectResponse;	8	use Symfony\Component\HttpFoundation\RedirectResponse;
9	use Symfony\Component\HttpFoundation\Request;	9	use Symfony\Component\HttpFoundation\Request;
10	use Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException;	10	use Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException;
		11	use Symfony\Component\Routing\Annotation\Route;
		12	use Symfony\Component\Validator\Constraints\Locale as LocaleConstraint;
11	use Wallabag\CoreBundle\Entity\Config;	13	use Wallabag\CoreBundle\Entity\Config;
12	use Wallabag\CoreBundle\Entity\TaggingRule;	14	use Wallabag\CoreBundle\Entity\TaggingRule;
13	use Wallabag\CoreBundle\Form\Type\ChangePasswordType;	15	use Wallabag\CoreBundle\Form\Type\ChangePasswordType;
14	use Wallabag\CoreBundle\Form\Type\ConfigType;	16	use Wallabag\CoreBundle\Form\Type\ConfigType;
15	use Wallabag\CoreBundle\Form\Type\RssType;	17	use Wallabag\CoreBundle\Form\Type\FeedType;
16	use Wallabag\CoreBundle\Form\Type\TaggingRuleType;	18	use Wallabag\CoreBundle\Form\Type\TaggingRuleType;
17	use Wallabag\CoreBundle\Form\Type\UserInformationType;	19	use Wallabag\CoreBundle\Form\Type\UserInformationType;
18	use Wallabag\CoreBundle\Tools\Utils;	20	use Wallabag\CoreBundle\Tools\Utils;
@@ -45,7 +47,7 @@ class ConfigController extends Controller
45	$activeTheme = $this->get('liip_theme.active_theme');	47	$activeTheme = $this->get('liip_theme.active_theme');
46	$activeTheme->setName($config->getTheme());	48	$activeTheme->setName($config->getTheme());
47		49
48	$this->get('session')->getFlashBag()->add(	50	$this->addFlash(
49	'notice',	51	'notice',
50	'flashes.config.notice.config_saved'	52	'flashes.config.notice.config_saved'
51	);	53	);
@@ -67,7 +69,7 @@ class ConfigController extends Controller
67	$userManager->updateUser($user, true);	69	$userManager->updateUser($user, true);
68	}	70	}
69		71
70	$this->get('session')->getFlashBag()->add('notice', $message);	72	$this->addFlash('notice', $message);
71		73
72	return $this->redirect($this->generateUrl('config') . '#set4');	74	return $this->redirect($this->generateUrl('config') . '#set4');
73	}	75	}
@@ -82,7 +84,7 @@ class ConfigController extends Controller
82	if ($userForm->isSubmitted() && $userForm->isValid()) {	84	if ($userForm->isSubmitted() && $userForm->isValid()) {
83	$userManager->updateUser($user, true);	85	$userManager->updateUser($user, true);
84		86
85	$this->get('session')->getFlashBag()->add(	87	$this->addFlash(
86	'notice',	88	'notice',
87	'flashes.config.notice.user_updated'	89	'flashes.config.notice.user_updated'
88	);	90	);
@@ -90,17 +92,17 @@ class ConfigController extends Controller
90	return $this->redirect($this->generateUrl('config') . '#set3');	92	return $this->redirect($this->generateUrl('config') . '#set3');
91	}	93	}
92		94
93	// handle rss information	95	// handle feed information
94	$rssForm = $this->createForm(RssType::class, $config, ['action' => $this->generateUrl('config') . '#set2']);	96	$feedForm = $this->createForm(FeedType::class, $config, ['action' => $this->generateUrl('config') . '#set2']);
95	$rssForm->handleRequest($request);	97	$feedForm->handleRequest($request);
96		98
97	if ($rssForm->isSubmitted() && $rssForm->isValid()) {	99	if ($feedForm->isSubmitted() && $feedForm->isValid()) {
98	$em->persist($config);	100	$em->persist($config);
99	$em->flush();	101	$em->flush();
100		102
101	$this->get('session')->getFlashBag()->add(	103	$this->addFlash(
102	'notice',	104	'notice',
103	'flashes.config.notice.rss_updated'	105	'flashes.config.notice.feed_updated'
104	);	106	);
105		107
106	return $this->redirect($this->generateUrl('config') . '#set2');	108	return $this->redirect($this->generateUrl('config') . '#set2');
@@ -130,7 +132,7 @@ class ConfigController extends Controller
130	$em->persist($taggingRule);	132	$em->persist($taggingRule);
131	$em->flush();	133	$em->flush();
132		134
133	$this->get('session')->getFlashBag()->add(	135	$this->addFlash(
134	'notice',	136	'notice',
135	'flashes.config.notice.tagging_rules_updated'	137	'flashes.config.notice.tagging_rules_updated'
136	);	138	);
@@ -141,23 +143,135 @@ class ConfigController extends Controller
141	return $this->render('WallabagCoreBundle:Config:index.html.twig', [	143	return $this->render('WallabagCoreBundle:Config:index.html.twig', [
142	'form' => [	144	'form' => [
143	'config' => $configForm->createView(),	145	'config' => $configForm->createView(),
144	'rss' => $rssForm->createView(),	146	'feed' => $feedForm->createView(),
145	'pwd' => $pwdForm->createView(),	147	'pwd' => $pwdForm->createView(),
146	'user' => $userForm->createView(),	148	'user' => $userForm->createView(),
147	'new_tagging_rule' => $newTaggingRule->createView(),	149	'new_tagging_rule' => $newTaggingRule->createView(),
148	],	150	],
149	'rss' => [	151	'feed' => [
150	'username' => $user->getUsername(),	152	'username' => $user->getUsername(),
151	'token' => $config->getRssToken(),	153	'token' => $config->getFeedToken(),
152	],	154	],
153	'twofactor_auth' => $this->getParameter('twofactor_auth'),	155	'twofactor_auth' => $this->getParameter('twofactor_auth'),
154	'wallabag_url' => $this->getParameter('domain_name'),	156	'wallabag_url' => $this->getParameter('domain_name'),
155	'enabled_users' => $this->get('wallabag_user.user_repository')	157	'enabled_users' => $this->get('wallabag_user.user_repository')->getSumEnabledUsers(),
156	->getSumEnabledUsers(),
157	]);	158	]);
158	}	159	}
159		160
160	/**	161	/**
		162	* Enable 2FA using email.
		163	*
		164	* @Route("/config/otp/email", name="config_otp_email")
		165	*/
		166	public function otpEmailAction()
		167	{
		168	if (!$this->getParameter('twofactor_auth')) {
		169	return $this->createNotFoundException('two_factor not enabled');
		170	}
		171
		172	$user = $this->getUser();
		173
		174	$user->setGoogleAuthenticatorSecret(null);
		175	$user->setBackupCodes(null);
		176	$user->setEmailTwoFactor(true);
		177
		178	$this->container->get('fos_user.user_manager')->updateUser($user, true);
		179
		180	$this->addFlash(
		181	'notice',
		182	'flashes.config.notice.otp_enabled'
		183	);
		184
		185	return $this->redirect($this->generateUrl('config') . '#set3');
		186	}
		187
		188	/**
		189	* Enable 2FA using OTP app, user will need to confirm the generated code from the app.
		190	*
		191	* @Route("/config/otp/app", name="config_otp_app")
		192	*/
		193	public function otpAppAction()
		194	{
		195	if (!$this->getParameter('twofactor_auth')) {
		196	return $this->createNotFoundException('two_factor not enabled');
		197	}
		198
		199	$user = $this->getUser();
		200	$secret = $this->get('scheb_two_factor.security.google_authenticator')->generateSecret();
		201
		202	$user->setGoogleAuthenticatorSecret($secret);
		203	$user->setEmailTwoFactor(false);
		204
		205	$backupCodes = (new BackupCodes())->toArray();
		206	$backupCodesHashed = array_map(
		207	function ($backupCode) {
		208	return password_hash($backupCode, PASSWORD_DEFAULT);
		209	},
		210	$backupCodes
		211	);
		212
		213	$user->setBackupCodes($backupCodesHashed);
		214
		215	$this->container->get('fos_user.user_manager')->updateUser($user, true);
		216
		217	return $this->render('WallabagCoreBundle:Config:otp_app.html.twig', [
		218	'backupCodes' => $backupCodes,
		219	'qr_code' => $this->get('scheb_two_factor.security.google_authenticator')->getQRContent($user),
		220	]);
		221	}
		222
		223	/**
		224	* Cancelling 2FA using OTP app.
		225	*
		226	* @Route("/config/otp/app/cancel", name="config_otp_app_cancel")
		227	*/
		228	public function otpAppCancelAction()
		229	{
		230	if (!$this->getParameter('twofactor_auth')) {
		231	return $this->createNotFoundException('two_factor not enabled');
		232	}
		233
		234	$user = $this->getUser();
		235	$user->setGoogleAuthenticatorSecret(null);
		236	$user->setBackupCodes(null);
		237
		238	$this->container->get('fos_user.user_manager')->updateUser($user, true);
		239
		240	return $this->redirect($this->generateUrl('config') . '#set3');
		241	}
		242
		243	/**
		244	* Validate OTP code.
		245	*
		246	* @param Request $request
		247	*
		248	* @Route("/config/otp/app/check", name="config_otp_app_check")
		249	*/
		250	public function otpAppCheckAction(Request $request)
		251	{
		252	$isValid = $this->get('scheb_two_factor.security.google_authenticator')->checkCode(
		253	$this->getUser(),
		254	$request->get('_auth_code')
		255	);
		256
		257	if (true === $isValid) {
		258	$this->addFlash(
		259	'notice',
		260	'flashes.config.notice.otp_enabled'
		261	);
		262
		263	return $this->redirect($this->generateUrl('config') . '#set3');
		264	}
		265
		266	$this->addFlash(
		267	'two_factor',
		268	'scheb_two_factor.code_invalid'
		269	);
		270
		271	return $this->redirect($this->generateUrl('config_otp_app'));
		272	}
		273
		274	/**
161	* @param Request $request	275	* @param Request $request
162	*	276	*
163	* @Route("/generate-token", name="generate_token")	277	* @Route("/generate-token", name="generate_token")
@@ -167,19 +281,19 @@ class ConfigController extends Controller
167	public function generateTokenAction(Request $request)	281	public function generateTokenAction(Request $request)
168	{	282	{
169	$config = $this->getConfig();	283	$config = $this->getConfig();
170	$config->setRssToken(Utils::generateToken());	284	$config->setFeedToken(Utils::generateToken());
171		285
172	$em = $this->getDoctrine()->getManager();	286	$em = $this->getDoctrine()->getManager();
173	$em->persist($config);	287	$em->persist($config);
174	$em->flush();	288	$em->flush();
175		289
176	if ($request->isXmlHttpRequest()) {	290	if ($request->isXmlHttpRequest()) {
177	return new JsonResponse(['token' => $config->getRssToken()]);	291	return new JsonResponse(['token' => $config->getFeedToken()]);
178	}	292	}
179		293
180	$this->get('session')->getFlashBag()->add(	294	$this->addFlash(
181	'notice',	295	'notice',
182	'flashes.config.notice.rss_token_updated'	296	'flashes.config.notice.feed_token_updated'
183	);	297	);
184		298
185	return $this->redirect($this->generateUrl('config') . '#set2');	299	return $this->redirect($this->generateUrl('config') . '#set2');
@@ -202,7 +316,7 @@ class ConfigController extends Controller
202	$em->remove($rule);	316	$em->remove($rule);
203	$em->flush();	317	$em->flush();
204		318
205	$this->get('session')->getFlashBag()->add(	319	$this->addFlash(
206	'notice',	320	'notice',
207	'flashes.config.notice.tagging_rules_deleted'	321	'flashes.config.notice.tagging_rules_deleted'
208	);	322	);
@@ -268,7 +382,7 @@ class ConfigController extends Controller
268	break;	382	break;
269	}	383	}
270		384
271	$this->get('session')->getFlashBag()->add(	385	$this->addFlash(
272	'notice',	386	'notice',
273	'flashes.config.notice.' . $type . '_reset'	387	'flashes.config.notice.' . $type . '_reset'
274	);	388	);
@@ -330,6 +444,27 @@ class ConfigController extends Controller
330	}	444	}
331		445
332	/**	446	/**
		447	* Change the locale for the current user.
		448	*
		449	* @param Request $request
		450	* @param string $language
		451	*
		452	* @Route("/locale/{language}", name="changeLocale")
		453	*
		454	* @return \Symfony\Component\HttpFoundation\RedirectResponse
		455	*/
		456	public function setLocaleAction(Request $request, $language = null)
		457	{
		458	$errors = $this->get('validator')->validate($language, (new LocaleConstraint()));
		459
		460	if (0 === \count($errors)) {
		461	$request->getSession()->set('_locale', $language);
		462	}
		463
		464	return $this->redirect($request->headers->get('referer', $this->generateUrl('homepage')));
		465	}
		466
		467	/**
333	* Remove all tags for given tags and a given user and cleanup orphan tags.	468	* Remove all tags for given tags and a given user and cleanup orphan tags.
334	*	469	*
335	* @param array $tags	470	* @param array $tags