4 files changed, 151 insertions, 1 deletions

diff --git a/src/Wallabag/UserBundle/Entity/User.php b/src/Wallabag/UserBundle/Entity/User.php
index 8f02e070..d2efd200 100644
--- a/src/Wallabag/UserBundle/Entity/User.php
+++ b/src/Wallabag/UserBundle/Entity/User.php
@@ -4,6 +4,8 @@ namespace Wallabag\UserBundle\Entity;
 
 use Doctrine\Common\Collections\ArrayCollection;
 use Doctrine\ORM\Mapping as ORM;
+use Scheb\TwoFactorBundle\Model\Email\TwoFactorInterface;
+use Scheb\TwoFactorBundle\Model\TrustedComputerInterface;
 use Symfony\Bridge\Doctrine\Validator\Constraints\UniqueEntity;
 use Symfony\Component\Security\Core\User\UserInterface;
 use JMS\Serializer\Annotation\ExclusionPolicy;
@@ -24,7 +26,7 @@ use Wallabag\CoreBundle\Entity\Tag;
  * @UniqueEntity("email")
  * @UniqueEntity("username")
  */
-class User extends BaseUser
+class User extends BaseUser implements TwoFactorInterface, TrustedComputerInterface
 {
     /**
      * @var int
@@ -72,6 +74,22 @@ class User extends BaseUser
      */
     protected $tags;
 
+    /**
+     * @ORM\Column(type="integer", nullable=true)
+     */
+    private $authCode;
+
+    /**
+     * @var bool Enabled yes/no
+     * @ORM\Column(type="boolean")
+     */
+    private $twoFactorAuthentication = false;
+
+    /**
+     * @ORM\Column(type="json_array", nullable=true)
+     */
+    private $trusted;
+
     public function __construct()
     {
         parent::__construct();
@@ -201,4 +219,52 @@ class User extends BaseUser
     {
         return $this->config;
     }
+
+    /**
+     * @return bool
+     */
+    public function isTwoFactorAuthentication()
+    {
+        return $this->twoFactorAuthentication;
+    }
+
+    /**
+     * @param bool $twoFactorAuthentication
+     */
+    public function setTwoFactorAuthentication($twoFactorAuthentication)
+    {
+        $this->twoFactorAuthentication = $twoFactorAuthentication;
+    }
+
+    public function isEmailAuthEnabled()
+    {
+        return $this->twoFactorAuthentication;
+    }
+
+    public function getEmailAuthCode()
+    {
+        return $this->authCode;
+    }
+
+    public function setEmailAuthCode($authCode)
+    {
+        $this->authCode = $authCode;
+    }
+
+    public function addTrustedComputer($token, \DateTime $validUntil)
+    {
+        $this->trusted[$token] = $validUntil->format('r');
+    }
+
+    public function isTrustedComputer($token)
+    {
+        if (isset($this->trusted[$token])) {
+            $now = new \DateTime();
+            $validUntil = new \DateTime($this->trusted[$token]);
+
+            return $now < $validUntil;
+        }
+
+        return false;
+    }
 }
diff --git a/src/Wallabag/UserBundle/Resources/config/services.yml b/src/Wallabag/UserBundle/Resources/config/services.yml
index e69de29b..9cdd247d 100644
--- a/src/Wallabag/UserBundle/Resources/config/services.yml
+++ b/src/Wallabag/UserBundle/Resources/config/services.yml
@@ -0,0 +1,19 @@
+parameters:
+    wallabag_user.twofactor.email.provider.class: Wallabag\UserBundle\Security\TwoFactor\Email\Helper
+    wallabag_user.twofactor.email.interactive_login_listener.class: Wallabag\UserBundle\Security\TwoFactor\Email\InteractiveLoginListener
+    wallabag_user.twofactor.email.request_listener.class: Wallabag\UserBundle\Security\TwoFactor\Email\RequestListener
+
+services:
+    wallabag_user.twofactor.email.provider:
+        class: %wallabag_user.twofactor.email.provider.class%
+        arguments: ['@doctrine.orm.entity_manager', '@mailer']
+    wallabag_user.twofactor.email.interactive_login_listener:
+        class: %wallabag_user.twofactor.email.interactive_login_listener.class%
+        tags:
+            - { name: kernel.event_listener, event: security.interactive_login, method: onSecurityInteractiveLogin }
+        arguments: ['@wallabag_user.twofactor.email.provider']
+    wallabag_user.twofactor.email.request_listener:
+        class: %wallabag_user.twofactor.email.request_listener.class%
+        tags:
+            - { name: kernel.event_listener, event: kernel.request, method: onCoreRequest, priority: -1 }
+        arguments: ['@wallabag_user.twofactor.email.provider', '@security.context', '@templating', '@router']
diff --git a/src/Wallabag/UserBundle/Resources/views/themes/baggy/Authentication/form.html.twig b/src/Wallabag/UserBundle/Resources/views/themes/baggy/Authentication/form.html.twig
new file mode 100644
index 00000000..5bb91081
--- /dev/null
+++ b/src/Wallabag/UserBundle/Resources/views/themes/baggy/Authentication/form.html.twig
@@ -0,0 +1,32 @@
+{% extends "WallabagUserBundle::layout.html.twig" %}
+
+{% block fos_user_content %}
+<form class="form" action="" method="post">
+    <fieldset class="w500p center">
+        {% for flashMessage in app.session.flashbag.get("two_factor") %}
+        <p class="error">{{ flashMessage|trans }}</p>
+        {% endfor %}
+
+        <div class="row">
+            <label for="_auth_code">{{ "scheb_two_factor.auth_code"|trans }}</label>
+            <input id="_auth_code" type="text" autocomplete="off" name="_auth_code" />
+        </div>
+
+        {% if useTrustedOption %}
+        <div class="row">
+            <input id="_trusted" type="checkbox" name="_trusted" />
+            <label for="_trusted">{{ "scheb_two_factor.trusted"|trans }}</label>
+        </div>
+        {% endif %}
+
+        <div class="row mts txtcenter">
+            <a href="{{ path('fos_user_security_logout') }}" class="waves-effect waves-light grey btn"><i class="material-icons left"></i> {% trans %}Cancel{% endtrans %}</a>
+            <button type="submit" name="send">
+                {{ "scheb_two_factor.login"|trans }}
+                <i class="mdi-content-send right"></i>
+            </button>
+        </div>
+    </fieldset>
+
+</form>
+{% endblock %}
diff --git a/src/Wallabag/UserBundle/Resources/views/themes/material/Authentication/form.html.twig b/src/Wallabag/UserBundle/Resources/views/themes/material/Authentication/form.html.twig
new file mode 100644
index 00000000..fa0e3dc1
--- /dev/null
+++ b/src/Wallabag/UserBundle/Resources/views/themes/material/Authentication/form.html.twig
@@ -0,0 +1,33 @@
+{% extends "WallabagUserBundle::layout.html.twig" %}
+
+{% block fos_user_content %}
+<form class="form" action="" method="post">
+    <div class="card-content">
+        <div class="row">
+
+            {% for flashMessage in app.session.flashbag.get("two_factor") %}
+            <p class="error">{{ flashMessage|trans }}</p>
+            {% endfor %}
+
+            <div class="input-field col s12">
+                <label for="_auth_code">{{ "scheb_two_factor.auth_code"|trans }}</label>
+                <input id="_auth_code" type="text" autocomplete="off" name="_auth_code" />
+            </div>
+
+            {% if useTrustedOption %}
+            <div class="input-field col s12">
+                <input id="_trusted" type="checkbox" name="_trusted" />
+                <label for="_trusted">{{ "scheb_two_factor.trusted"|trans }}</label>
+            </div>
+            {% endif %}
+        </div>
+    </div>
+    <div class="card-action center">
+        <a href="{{ path('fos_user_security_logout') }}" class="waves-effect waves-light grey btn"><i class="material-icons left"></i> {% trans %}Cancel{% endtrans %}</a>
+        <button class="btn waves-effect waves-light" type="submit" name="send">
+            {{ "scheb_two_factor.login"|trans }}
+            <i class="mdi-content-send right"></i>
+        </button>
+    </div>
+</form>
+{% endblock %}