1 files changed, 109 insertions, 23 deletions
diff --git a/src/Wallabag/CoreBundle/Controller/ConfigController.php b/src/Wallabag/CoreBundle/Controller/ConfigController.php
index c9fc5702..2643eed0 100644
--- a/src/Wallabag/CoreBundle/Controller/ConfigController.php
+++ b/src/Wallabag/CoreBundle/Controller/ConfigController.php
@@ -81,28 +81,7 @@ class ConfigController extends Controller
        ]);
        $userForm->handleRequest($request);
-        // `googleTwoFactor` isn't a field within the User entity, we need to define it's value in a different way
-        if ($this->getParameter('twofactor_auth') && true === $user->isGoogleAuthenticatorEnabled() && false === $userForm->isSubmitted()) {
-            $userForm->get('googleTwoFactor')->setData(true);
-        }
        if ($userForm->isSubmitted() && $userForm->isValid()) {
-            // handle creation / reset of the OTP secret if checkbox changed from the previous state
-            if ($this->getParameter('twofactor_auth')) {
-                if (true === $userForm->get('googleTwoFactor')->getData() && false === $user->isGoogleAuthenticatorEnabled()) {
-                    $secret = $this->get('scheb_two_factor.security.google_authenticator')->generateSecret();
-                    $user->setGoogleAuthenticatorSecret($secret);
-                    $user->setEmailTwoFactor(false);
-                    $user->setBackupCodes((new BackupCodes())->toArray());
-                    $this->addFlash('OtpQrCode', $this->get('scheb_two_factor.security.google_authenticator')->getQRContent($user));
-                } elseif (false === $userForm->get('googleTwoFactor')->getData() && true === $user->isGoogleAuthenticatorEnabled()) {
-                    $user->setGoogleAuthenticatorSecret(null);
-                    $user->setBackupCodes(null);
-                }
-            }
            $userManager->updateUser($user, true);
            $this->addFlash(
@@ -175,12 +154,119 @@ class ConfigController extends Controller
            ],
            'twofactor_auth' => $this->getParameter('twofactor_auth'),
            'wallabag_url' => $this->getParameter('domain_name'),
-            'enabled_users' => $this->get('wallabag_user.user_repository')
+            'enabled_users' => $this->get('wallabag_user.user_repository')->getSumEnabledUsers(),
-                ->getSumEnabledUsers(),
        ]);
    }
    /**
+     * Enable 2FA using email.
+     *
+     * @param Request $request
+     *
+     * @Route("/config/otp/email", name="config_otp_email")
+     */
+    public function otpEmailAction(Request $request)
+    {
+        if (!$this->getParameter('twofactor_auth')) {
+            return $this->createNotFoundException('two_factor not enabled');
+        }
+        $user = $this->getUser();
+        $user->setGoogleAuthenticatorSecret(null);
+        $user->setBackupCodes(null);
+        $user->setEmailTwoFactor(true);
+        $this->container->get('fos_user.user_manager')->updateUser($user, true);
+        $this->addFlash(
+            'notice',
+            'flashes.config.notice.otp_enabled'
+        );
+        return $this->redirect($this->generateUrl('config') . '#set3');
+    }
+    /**
+     * Enable 2FA using OTP app, user will need to confirm the generated code from the app.
+     *
+     * @Route("/config/otp/app", name="config_otp_app")
+     */
+    public function otpAppAction()
+    {
+        if (!$this->getParameter('twofactor_auth')) {
+            return $this->createNotFoundException('two_factor not enabled');
+        }
+        $user = $this->getUser();
+        if (!$user->isGoogleTwoFactor()) {
+            $secret = $this->get('scheb_two_factor.security.google_authenticator')->generateSecret();
+            $user->setGoogleAuthenticatorSecret($secret);
+            $user->setEmailTwoFactor(false);
+            $user->setBackupCodes((new BackupCodes())->toArray());
+            $this->container->get('fos_user.user_manager')->updateUser($user, true);
+        }
+        return $this->render('WallabagCoreBundle:Config:otp_app.html.twig', [
+            'qr_code' => $this->get('scheb_two_factor.security.google_authenticator')->getQRContent($user),
+        ]);
+    }
+    /**
+     * Cancelling 2FA using OTP app.
+     *
+     * @Route("/config/otp/app/cancel", name="config_otp_app_cancel")
+     */
+    public function otpAppCancelAction()
+    {
+        if (!$this->getParameter('twofactor_auth')) {
+            return $this->createNotFoundException('two_factor not enabled');
+        }
+        $user = $this->getUser();
+        $user->setGoogleAuthenticatorSecret(null);
+        $user->setBackupCodes(null);
+        $this->container->get('fos_user.user_manager')->updateUser($user, true);
+        return $this->redirect($this->generateUrl('config') . '#set3');
+    }
+    /**
+     * Validate OTP code.
+     *
+     * @param Request $request
+     *
+     * @Route("/config/otp/app/check", name="config_otp_app_check")
+     */
+    public function otpAppCheckAction(Request $request)
+    {
+        $isValid = $this->get('scheb_two_factor.security.google_authenticator')->checkCode(
+            $this->getUser(),
+            $request->get('_auth_code')
+        );
+        if (true === $isValid) {
+            $this->addFlash(
+                'notice',
+                'flashes.config.notice.otp_enabled'
+            );
+            return $this->redirect($this->generateUrl('config') . '#set3');
+        }
+        $this->addFlash(
+            'two_factor',
+            'scheb_two_factor.code_invalid'
+        );
+        return $this->redirect($this->generateUrl('config_otp_app'));
+    }
+    /**
     * @param Request $request
     *
     * @Route("/generate-token", name="generate_token")

diff --git a/src/Wallabag/CoreBundle/Controller/ConfigController.php b/src/Wallabag/CoreBundle/Controller/ConfigController.php index c9fc5702..2643eed0 100644 --- a/src/Wallabag/CoreBundle/Controller/ConfigController.php +++ b/src/Wallabag/CoreBundle/Controller/ConfigController.php
@@ -81,28 +81,7 @@ class ConfigController extends Controller
81	]);	81	]);
82	$userForm->handleRequest($request);	82	$userForm->handleRequest($request);
83		83
84	// `googleTwoFactor` isn't a field within the User entity, we need to define it's value in a different way
85	if ($this->getParameter('twofactor_auth') && true === $user->isGoogleAuthenticatorEnabled() && false === $userForm->isSubmitted()) {
86	$userForm->get('googleTwoFactor')->setData(true);
87	}
88
89	if ($userForm->isSubmitted() && $userForm->isValid()) {	84	if ($userForm->isSubmitted() && $userForm->isValid()) {
90	// handle creation / reset of the OTP secret if checkbox changed from the previous state
91	if ($this->getParameter('twofactor_auth')) {
92	if (true === $userForm->get('googleTwoFactor')->getData() && false === $user->isGoogleAuthenticatorEnabled()) {
93	$secret = $this->get('scheb_two_factor.security.google_authenticator')->generateSecret();
94
95	$user->setGoogleAuthenticatorSecret($secret);
96	$user->setEmailTwoFactor(false);
97	$user->setBackupCodes((new BackupCodes())->toArray());
98
99	$this->addFlash('OtpQrCode', $this->get('scheb_two_factor.security.google_authenticator')->getQRContent($user));
100	} elseif (false === $userForm->get('googleTwoFactor')->getData() && true === $user->isGoogleAuthenticatorEnabled()) {
101	$user->setGoogleAuthenticatorSecret(null);
102	$user->setBackupCodes(null);
103	}
104	}
105
106	$userManager->updateUser($user, true);	85	$userManager->updateUser($user, true);
107		86
108	$this->addFlash(	87	$this->addFlash(
@@ -175,12 +154,119 @@ class ConfigController extends Controller
175	],	154	],
176	'twofactor_auth' => $this->getParameter('twofactor_auth'),	155	'twofactor_auth' => $this->getParameter('twofactor_auth'),
177	'wallabag_url' => $this->getParameter('domain_name'),	156	'wallabag_url' => $this->getParameter('domain_name'),
178	'enabled_users' => $this->get('wallabag_user.user_repository')	157	'enabled_users' => $this->get('wallabag_user.user_repository')->getSumEnabledUsers(),
179	->getSumEnabledUsers(),
180	]);	158	]);
181	}	159	}
182		160
183	/**	161	/**
		162	* Enable 2FA using email.
		163	*
		164	* @param Request $request
		165	*
		166	* @Route("/config/otp/email", name="config_otp_email")
		167	*/
		168	public function otpEmailAction(Request $request)
		169	{
		170	if (!$this->getParameter('twofactor_auth')) {
		171	return $this->createNotFoundException('two_factor not enabled');
		172	}
		173
		174	$user = $this->getUser();
		175
		176	$user->setGoogleAuthenticatorSecret(null);
		177	$user->setBackupCodes(null);
		178	$user->setEmailTwoFactor(true);
		179
		180	$this->container->get('fos_user.user_manager')->updateUser($user, true);
		181
		182	$this->addFlash(
		183	'notice',
		184	'flashes.config.notice.otp_enabled'
		185	);
		186
		187	return $this->redirect($this->generateUrl('config') . '#set3');
		188	}
		189
		190	/**
		191	* Enable 2FA using OTP app, user will need to confirm the generated code from the app.
		192	*
		193	* @Route("/config/otp/app", name="config_otp_app")
		194	*/
		195	public function otpAppAction()
		196	{
		197	if (!$this->getParameter('twofactor_auth')) {
		198	return $this->createNotFoundException('two_factor not enabled');
		199	}
		200
		201	$user = $this->getUser();
		202
		203	if (!$user->isGoogleTwoFactor()) {
		204	$secret = $this->get('scheb_two_factor.security.google_authenticator')->generateSecret();
		205
		206	$user->setGoogleAuthenticatorSecret($secret);
		207	$user->setEmailTwoFactor(false);
		208	$user->setBackupCodes((new BackupCodes())->toArray());
		209
		210	$this->container->get('fos_user.user_manager')->updateUser($user, true);
		211	}
		212
		213	return $this->render('WallabagCoreBundle:Config:otp_app.html.twig', [
		214	'qr_code' => $this->get('scheb_two_factor.security.google_authenticator')->getQRContent($user),
		215	]);
		216	}
		217
		218	/**
		219	* Cancelling 2FA using OTP app.
		220	*
		221	* @Route("/config/otp/app/cancel", name="config_otp_app_cancel")
		222	*/
		223	public function otpAppCancelAction()
		224	{
		225	if (!$this->getParameter('twofactor_auth')) {
		226	return $this->createNotFoundException('two_factor not enabled');
		227	}
		228
		229	$user = $this->getUser();
		230	$user->setGoogleAuthenticatorSecret(null);
		231	$user->setBackupCodes(null);
		232
		233	$this->container->get('fos_user.user_manager')->updateUser($user, true);
		234
		235	return $this->redirect($this->generateUrl('config') . '#set3');
		236	}
		237
		238	/**
		239	* Validate OTP code.
		240	*
		241	* @param Request $request
		242	*
		243	* @Route("/config/otp/app/check", name="config_otp_app_check")
		244	*/
		245	public function otpAppCheckAction(Request $request)
		246	{
		247	$isValid = $this->get('scheb_two_factor.security.google_authenticator')->checkCode(
		248	$this->getUser(),
		249	$request->get('_auth_code')
		250	);
		251
		252	if (true === $isValid) {
		253	$this->addFlash(
		254	'notice',
		255	'flashes.config.notice.otp_enabled'
		256	);
		257
		258	return $this->redirect($this->generateUrl('config') . '#set3');
		259	}
		260
		261	$this->addFlash(
		262	'two_factor',
		263	'scheb_two_factor.code_invalid'
		264	);
		265
		266	return $this->redirect($this->generateUrl('config_otp_app'));
		267	}
		268
		269	/**
184	* @param Request $request	270	* @param Request $request
185	*	271	*
186	* @Route("/generate-token", name="generate_token")	272	* @Route("/generate-token", name="generate_token")