From a0c5eb003f1cbeef10d5620e98870c7556e17c75 Mon Sep 17 00:00:00 2001 From: Jeremy Benoist Date: Fri, 18 Jan 2019 22:46:44 +0100 Subject: Change the way to enable 2FA And add a step to validate a generated code from the OTP app --- .../CoreBundle/Controller/ConfigController.php | 132 +++++++++++--- .../Resources/translations/messages.da.yml | 25 ++- .../Resources/translations/messages.de.yml | 16 +- .../Resources/translations/messages.en.yml | 26 ++- .../Resources/translations/messages.es.yml | 25 ++- .../Resources/translations/messages.fa.yml | 25 ++- .../Resources/translations/messages.fr.yml | 26 ++- .../Resources/translations/messages.it.yml | 24 ++- .../Resources/translations/messages.oc.yml | 24 ++- .../Resources/translations/messages.pl.yml | 26 ++- .../Resources/translations/messages.pt.yml | 24 ++- .../Resources/translations/messages.ro.yml | 24 ++- .../Resources/translations/messages.ru.yml | 24 ++- .../Resources/translations/messages.th.yml | 24 ++- .../Resources/translations/messages.tr.yml | 24 ++- .../views/themes/baggy/Config/index.html.twig | 61 +++---- .../views/themes/baggy/Config/otp_app.html.twig | 55 ++++++ .../views/themes/material/Config/index.html.twig | 65 ++++--- .../views/themes/material/Config/otp_app.html.twig | 63 +++++++ .../CoreBundle/Controller/ConfigControllerTest.php | 194 +++++++++------------ 20 files changed, 617 insertions(+), 290 deletions(-) create mode 100644 src/Wallabag/CoreBundle/Resources/views/themes/baggy/Config/otp_app.html.twig create mode 100644 src/Wallabag/CoreBundle/Resources/views/themes/material/Config/otp_app.html.twig diff --git a/src/Wallabag/CoreBundle/Controller/ConfigController.php b/src/Wallabag/CoreBundle/Controller/ConfigController.php index c9fc5702..2643eed0 100644 --- a/src/Wallabag/CoreBundle/Controller/ConfigController.php +++ b/src/Wallabag/CoreBundle/Controller/ConfigController.php @@ -81,28 +81,7 @@ class ConfigController extends Controller ]); $userForm->handleRequest($request); - // `googleTwoFactor` isn't a field within the User entity, we need to define it's value in a different way - if ($this->getParameter('twofactor_auth') && true === $user->isGoogleAuthenticatorEnabled() && false === $userForm->isSubmitted()) { - $userForm->get('googleTwoFactor')->setData(true); - } - if ($userForm->isSubmitted() && $userForm->isValid()) { - // handle creation / reset of the OTP secret if checkbox changed from the previous state - if ($this->getParameter('twofactor_auth')) { - if (true === $userForm->get('googleTwoFactor')->getData() && false === $user->isGoogleAuthenticatorEnabled()) { - $secret = $this->get('scheb_two_factor.security.google_authenticator')->generateSecret(); - - $user->setGoogleAuthenticatorSecret($secret); - $user->setEmailTwoFactor(false); - $user->setBackupCodes((new BackupCodes())->toArray()); - - $this->addFlash('OtpQrCode', $this->get('scheb_two_factor.security.google_authenticator')->getQRContent($user)); - } elseif (false === $userForm->get('googleTwoFactor')->getData() && true === $user->isGoogleAuthenticatorEnabled()) { - $user->setGoogleAuthenticatorSecret(null); - $user->setBackupCodes(null); - } - } - $userManager->updateUser($user, true); $this->addFlash( @@ -175,11 +154,118 @@ class ConfigController extends Controller ], 'twofactor_auth' => $this->getParameter('twofactor_auth'), 'wallabag_url' => $this->getParameter('domain_name'), - 'enabled_users' => $this->get('wallabag_user.user_repository') - ->getSumEnabledUsers(), + 'enabled_users' => $this->get('wallabag_user.user_repository')->getSumEnabledUsers(), ]); } + /** + * Enable 2FA using email. + * + * @param Request $request + * + * @Route("/config/otp/email", name="config_otp_email") + */ + public function otpEmailAction(Request $request) + { + if (!$this->getParameter('twofactor_auth')) { + return $this->createNotFoundException('two_factor not enabled'); + } + + $user = $this->getUser(); + + $user->setGoogleAuthenticatorSecret(null); + $user->setBackupCodes(null); + $user->setEmailTwoFactor(true); + + $this->container->get('fos_user.user_manager')->updateUser($user, true); + + $this->addFlash( + 'notice', + 'flashes.config.notice.otp_enabled' + ); + + return $this->redirect($this->generateUrl('config') . '#set3'); + } + + /** + * Enable 2FA using OTP app, user will need to confirm the generated code from the app. + * + * @Route("/config/otp/app", name="config_otp_app") + */ + public function otpAppAction() + { + if (!$this->getParameter('twofactor_auth')) { + return $this->createNotFoundException('two_factor not enabled'); + } + + $user = $this->getUser(); + + if (!$user->isGoogleTwoFactor()) { + $secret = $this->get('scheb_two_factor.security.google_authenticator')->generateSecret(); + + $user->setGoogleAuthenticatorSecret($secret); + $user->setEmailTwoFactor(false); + $user->setBackupCodes((new BackupCodes())->toArray()); + + $this->container->get('fos_user.user_manager')->updateUser($user, true); + } + + return $this->render('WallabagCoreBundle:Config:otp_app.html.twig', [ + 'qr_code' => $this->get('scheb_two_factor.security.google_authenticator')->getQRContent($user), + ]); + } + + /** + * Cancelling 2FA using OTP app. + * + * @Route("/config/otp/app/cancel", name="config_otp_app_cancel") + */ + public function otpAppCancelAction() + { + if (!$this->getParameter('twofactor_auth')) { + return $this->createNotFoundException('two_factor not enabled'); + } + + $user = $this->getUser(); + $user->setGoogleAuthenticatorSecret(null); + $user->setBackupCodes(null); + + $this->container->get('fos_user.user_manager')->updateUser($user, true); + + return $this->redirect($this->generateUrl('config') . '#set3'); + } + + /** + * Validate OTP code. + * + * @param Request $request + * + * @Route("/config/otp/app/check", name="config_otp_app_check") + */ + public function otpAppCheckAction(Request $request) + { + $isValid = $this->get('scheb_two_factor.security.google_authenticator')->checkCode( + $this->getUser(), + $request->get('_auth_code') + ); + + if (true === $isValid) { + $this->addFlash( + 'notice', + 'flashes.config.notice.otp_enabled' + ); + + return $this->redirect($this->generateUrl('config') . '#set3'); + } + + $this->addFlash( + 'two_factor', + 'scheb_two_factor.code_invalid' + ); + + return $this->redirect($this->generateUrl('config_otp_app')); + } + /** * @param Request $request * diff --git a/src/Wallabag/CoreBundle/Resources/translations/messages.da.yml b/src/Wallabag/CoreBundle/Resources/translations/messages.da.yml index ae8f8695..454f547d 100644 --- a/src/Wallabag/CoreBundle/Resources/translations/messages.da.yml +++ b/src/Wallabag/CoreBundle/Resources/translations/messages.da.yml @@ -102,12 +102,16 @@ config: # two_factor_description: "Enabling two factor authentication means you'll receive an email with a code OR need to use an OTP app (like Google Authenticator, Authy or FreeOTP) to get a one time code on every new untrusted connection. You can't choose both option." name_label: 'Navn' email_label: 'Emailadresse' - # emailTwoFactor_label: 'Using email (receive a code by email)' - # googleTwoFactor_label: 'Using an OTP app (open the app, like Google Authenticator, Authy or FreeOTP, to get a one time code)' - # two_factor_code_description_1: You just enabled the OTP two factor authentication, open your OTP app and use that code to get a one time password. It'll disapear after a page reload. - # two_factor_code_description_2: 'You can scan that QR Code with your app:' - # two_factor_code_description_3: 'Or use that code:' - # two_factor_code_description_4: 'Also, save these backup codes in a safe place, you can use them in case you lose access to your OTP app:' + two_factor: + # emailTwoFactor_label: 'Using email (receive a code by email)' + # googleTwoFactor_label: 'Using an OTP app (open the app, like Google Authenticator, Authy or FreeOTP, to get a one time code)' + # table_method: Method + # table_state: State + # table_action: Action + # state_enabled: Enabled + # state_disabled: Disabled + # action_email: Use email + # action_app: Use OTP App delete: # title: Delete my account (a.k.a danger zone) # description: If you remove your account, ALL your articles, ALL your tags, ALL your annotations and your account will be PERMANENTLY removed (it can't be UNDONE). You'll then be logged out. @@ -165,6 +169,15 @@ config: # and: 'One rule AND another' # matches: 'Tests that a subject matches a search (case-insensitive).
Example: title matches "football"' # notmatches: 'Tests that a subject doesn''t match match a search (case-insensitive).
Example: title notmatches "football"' + otp: + # page_title: Two-factor authentication + # app: + # two_factor_code_description_1: You just enabled the OTP two factor authentication, open your OTP app and use that code to get a one time password. It'll disapear after a page reload. + # two_factor_code_description_2: 'You can scan that QR Code with your app:' + # two_factor_code_description_3: 'Also, save these backup codes in a safe place, you can use them in case you lose access to your OTP app:' + # two_factor_code_description_4: 'Test an OTP code from your configured app:' + # cancel: Cancel + # enable: Enable entry: # default_title: 'Title of the entry' diff --git a/src/Wallabag/CoreBundle/Resources/translations/messages.de.yml b/src/Wallabag/CoreBundle/Resources/translations/messages.de.yml index 7b66e5dc..dc1d4723 100644 --- a/src/Wallabag/CoreBundle/Resources/translations/messages.de.yml +++ b/src/Wallabag/CoreBundle/Resources/translations/messages.de.yml @@ -102,12 +102,16 @@ config: # two_factor_description: "Enabling two factor authentication means you'll receive an email with a code OR need to use an OTP app (like Google Authenticator, Authy or FreeOTP) to get a one time code on every new untrusted connection. You can't choose both option." name_label: 'Name' email_label: 'E-Mail-Adresse' - # emailTwoFactor_label: 'Using email (receive a code by email)' - # googleTwoFactor_label: 'Using an OTP app (open the app, like Google Authenticator, Authy or FreeOTP, to get a one time code)' - # two_factor_code_description_1: You just enabled the OTP two factor authentication, open your OTP app and use that code to get a one time password. It'll disapear after a page reload. - # two_factor_code_description_2: 'You can scan that QR Code with your app:' - # two_factor_code_description_3: 'Or use that code:' - # two_factor_code_description_4: 'Also, save these backup codes in a safe place, you can use them in case you lose access to your OTP app:' + two_factor: + # emailTwoFactor_label: 'Using email (receive a code by email)' + # googleTwoFactor_label: 'Using an OTP app (open the app, like Google Authenticator, Authy or FreeOTP, to get a one time code)' + # table_method: Method + # table_state: State + # table_action: Action + # state_enabled: Enabled + # state_disabled: Disabled + # action_email: Use email + # action_app: Use OTP App delete: title: 'Lösche mein Konto (a.k.a Gefahrenzone)' description: 'Wenn du dein Konto löschst, werden ALL deine Artikel, ALL deine Tags, ALL deine Anmerkungen und dein Konto dauerhaft gelöscht (kann NICHT RÜCKGÄNGIG gemacht werden). Du wirst anschließend ausgeloggt.' diff --git a/src/Wallabag/CoreBundle/Resources/translations/messages.en.yml b/src/Wallabag/CoreBundle/Resources/translations/messages.en.yml index 567584b2..45145c80 100644 --- a/src/Wallabag/CoreBundle/Resources/translations/messages.en.yml +++ b/src/Wallabag/CoreBundle/Resources/translations/messages.en.yml @@ -102,12 +102,16 @@ config: two_factor_description: "Enabling two factor authentication means you'll receive an email with a code OR need to use an OTP app (like Google Authenticator, Authy or FreeOTP) to get a one time code on every new untrusted connection. You can't choose both option." name_label: 'Name' email_label: 'Email' - emailTwoFactor_label: 'Using email (receive a code by email)' - googleTwoFactor_label: 'Using an OTP app (open the app, like Google Authenticator, Authy or FreeOTP, to get a one time code)' - two_factor_code_description_1: You just enabled the OTP two factor authentication, open your OTP app and use that code to get a one time password. It'll disapear after a page reload. - two_factor_code_description_2: 'You can scan that QR Code with your app:' - two_factor_code_description_3: 'Or use that code:' - two_factor_code_description_4: 'Also, save these backup codes in a safe place, you can use them in case you lose access to your OTP app:' + two_factor: + emailTwoFactor_label: 'Using email (receive a code by email)' + googleTwoFactor_label: 'Using an OTP app (open the app, like Google Authenticator, Authy or FreeOTP, to get a one time code)' + table_method: Method + table_state: State + table_action: Action + state_enabled: Enabled + state_disabled: Disabled + action_email: Use email + action_app: Use OTP App delete: title: Delete my account (a.k.a danger zone) description: If you remove your account, ALL your articles, ALL your tags, ALL your annotations and your account will be PERMANENTLY removed (it can't be UNDONE). You'll then be logged out. @@ -165,6 +169,15 @@ config: and: 'One rule AND another' matches: 'Tests that a subject matches a search (case-insensitive).
Example: title matches "football"' notmatches: 'Tests that a subject doesn''t match match a search (case-insensitive).
Example: title notmatches "football"' + otp: + page_title: Two-factor authentication + app: + two_factor_code_description_1: You just enabled the OTP two factor authentication, open your OTP app and use that code to get a one time password. It'll disapear after a page reload. + two_factor_code_description_2: 'You can scan that QR Code with your app:' + two_factor_code_description_3: 'Also, save these backup codes in a safe place, you can use them in case you lose access to your OTP app:' + two_factor_code_description_4: 'Test an OTP code from your configured app:' + cancel: Cancel + enable: Enable entry: default_title: 'Title of the entry' @@ -584,6 +597,7 @@ flashes: tags_reset: Tags reset entries_reset: Entries reset archived_reset: Archived entries deleted + otp_enabled: Two-factor authentication enabled entry: notice: entry_already_saved: 'Entry already saved on %date%' diff --git a/src/Wallabag/CoreBundle/Resources/translations/messages.es.yml b/src/Wallabag/CoreBundle/Resources/translations/messages.es.yml index 1ba4bce4..c1047e55 100644 --- a/src/Wallabag/CoreBundle/Resources/translations/messages.es.yml +++ b/src/Wallabag/CoreBundle/Resources/translations/messages.es.yml @@ -102,12 +102,16 @@ config: # two_factor_description: "Enabling two factor authentication means you'll receive an email with a code OR need to use an OTP app (like Google Authenticator, Authy or FreeOTP) to get a one time code on every new untrusted connection. You can't choose both option." name_label: 'Nombre' email_label: 'Dirección de e-mail' - # emailTwoFactor_label: 'Using email (receive a code by email)' - # googleTwoFactor_label: 'Using an OTP app (open the app, like Google Authenticator, Authy or FreeOTP, to get a one time code)' - # two_factor_code_description_1: You just enabled the OTP two factor authentication, open your OTP app and use that code to get a one time password. It'll disapear after a page reload. - # two_factor_code_description_2: 'You can scan that QR Code with your app:' - # two_factor_code_description_3: 'Or use that code:' - # two_factor_code_description_4: 'Also, save these backup codes in a safe place, you can use them in case you lose access to your OTP app:' + two_factor: + # emailTwoFactor_label: 'Using email (receive a code by email)' + # googleTwoFactor_label: 'Using an OTP app (open the app, like Google Authenticator, Authy or FreeOTP, to get a one time code)' + # table_method: Method + # table_state: State + # table_action: Action + # state_enabled: Enabled + # state_disabled: Disabled + # action_email: Use email + # action_app: Use OTP App delete: title: Eliminar mi cuenta (Zona peligrosa) description: Si eliminas tu cuenta, TODOS tus artículos, TODAS tus etiquetas, TODAS tus anotaciones y tu cuenta serán eliminadas de forma PERMANENTE (no se puede deshacer). Después serás desconectado. @@ -165,6 +169,15 @@ config: and: 'Una regla Y la otra' matches: 'Prueba si un sujeto corresponde a una búsqueda (insensible a mayusculas).
Ejemplo : title matches "fútbol"' # notmatches: 'Tests that a subject doesn''t match match a search (case-insensitive).
Example: title notmatches "football"' + otp: + # page_title: Two-factor authentication + # app: + # two_factor_code_description_1: You just enabled the OTP two factor authentication, open your OTP app and use that code to get a one time password. It'll disapear after a page reload. + # two_factor_code_description_2: 'You can scan that QR Code with your app:' + # two_factor_code_description_3: 'Also, save these backup codes in a safe place, you can use them in case you lose access to your OTP app:' + # two_factor_code_description_4: 'Test an OTP code from your configured app:' + # cancel: Cancel + # enable: Enable entry: default_title: 'Título del artículo' diff --git a/src/Wallabag/CoreBundle/Resources/translations/messages.fa.yml b/src/Wallabag/CoreBundle/Resources/translations/messages.fa.yml index d20c89d9..3042de2e 100644 --- a/src/Wallabag/CoreBundle/Resources/translations/messages.fa.yml +++ b/src/Wallabag/CoreBundle/Resources/translations/messages.fa.yml @@ -102,12 +102,16 @@ config: # two_factor_description: "Enabling two factor authentication means you'll receive an email with a code OR need to use an OTP app (like Google Authenticator, Authy or FreeOTP) to get a one time code on every new untrusted connection. You can't choose both option." name_label: 'نام' email_label: 'نشانی ایمیل' - # emailTwoFactor_label: 'Using email (receive a code by email)' - # googleTwoFactor_label: 'Using an OTP app (open the app, like Google Authenticator, Authy or FreeOTP, to get a one time code)' - # two_factor_code_description_1: You just enabled the OTP two factor authentication, open your OTP app and use that code to get a one time password. It'll disapear after a page reload. - # two_factor_code_description_2: 'You can scan that QR Code with your app:' - # two_factor_code_description_3: 'Or use that code:' - # two_factor_code_description_4: 'Also, save these backup codes in a safe place, you can use them in case you lose access to your OTP app:' + two_factor: + # emailTwoFactor_label: 'Using email (receive a code by email)' + # googleTwoFactor_label: 'Using an OTP app (open the app, like Google Authenticator, Authy or FreeOTP, to get a one time code)' + # table_method: Method + # table_state: State + # table_action: Action + # state_enabled: Enabled + # state_disabled: Disabled + # action_email: Use email + # action_app: Use OTP App delete: # title: Delete my account (a.k.a danger zone) # description: If you remove your account, ALL your articles, ALL your tags, ALL your annotations and your account will be PERMANENTLY removed (it can't be UNDONE). You'll then be logged out. @@ -165,6 +169,15 @@ config: # and: 'One rule AND another' # matches: 'Tests that a subject matches a search (case-insensitive).
Example: title matches "football"' # notmatches: 'Tests that a subject doesn''t match match a search (case-insensitive).
Example: title notmatches "football"' + otp: + # page_title: Two-factor authentication + # app: + # two_factor_code_description_1: You just enabled the OTP two factor authentication, open your OTP app and use that code to get a one time password. It'll disapear after a page reload. + # two_factor_code_description_2: 'You can scan that QR Code with your app:' + # two_factor_code_description_3: 'Also, save these backup codes in a safe place, you can use them in case you lose access to your OTP app:' + # two_factor_code_description_4: 'Test an OTP code from your configured app:' + # cancel: Cancel + # enable: Enable entry: # default_title: 'Title of the entry' diff --git a/src/Wallabag/CoreBundle/Resources/translations/messages.fr.yml b/src/Wallabag/CoreBundle/Resources/translations/messages.fr.yml index fd405059..57740ba2 100644 --- a/src/Wallabag/CoreBundle/Resources/translations/messages.fr.yml +++ b/src/Wallabag/CoreBundle/Resources/translations/messages.fr.yml @@ -102,12 +102,16 @@ config: two_factor_description: "Activer l’authentification double-facteur veut dire que vous allez recevoir un code par courriel OU que vous devriez utiliser une application de mot de passe à usage unique (comme Google Authenticator, Authy or FreeOTP) pour obtenir un code temporaire à chaque nouvelle connexion non approuvée. Vous ne pouvez pas choisir les deux options." name_label: "Nom" email_label: "Adresse courriel" - emailTwoFactor_label: 'En utlisant l’email (recevez un code par email)' - googleTwoFactor_label: 'En utilisant une application de mot de passe à usage unique (ouvrez l’app, comme Google Authenticator, Authy or FreeOTP, pour obtenir un mot de passe à usage unique)' - two_factor_code_description_1: Vous venez d’activer l’authentification double-facteur, ouvrez votre application OTP pour configurer la génération du mot de passe à usage unique. Ces informations disparaîtront après un rechargement de la page. - two_factor_code_description_2: 'Vous pouvez scanner le QR code avec votre application :' - two_factor_code_description_3: 'Ou utiliser le code suivant :' - two_factor_code_description_4: 'N’oubliez pas de sauvegarder ces codes de secours dans un endroit sûr, vous pourrez les utiliser si vous ne pouvez plus accéder à votre application OTP :' + two_factor: + emailTwoFactor_label: 'En utlisant l’email (recevez un code par email)' + googleTwoFactor_label: 'En utilisant une application de mot de passe à usage unique (ouvrez l’app, comme Google Authenticator, Authy or FreeOTP, pour obtenir un mot de passe à usage unique)' + table_method: Méthode + table_state: État + table_action: Action + state_enabled: Activé + state_disabled: Désactivé + action_email: Utiliser l'email + action_app: Utiliser une app OTP delete: title: "Supprimer mon compte (attention danger !)" description: "Si vous confirmez la suppression de votre compte, TOUS les articles, TOUS les tags, TOUTES les annotations et votre compte seront DÉFINITIVEMENT supprimé (c’est IRRÉVERSIBLE). Vous serez ensuite déconnecté." @@ -165,6 +169,15 @@ config: and: "Une règle ET l’autre" matches: "Teste si un sujet correspond à une recherche (non sensible à la casse).
Exemple : title matches \"football\"" notmatches: "Teste si un sujet ne correspond pas à une recherche (non sensible à la casse).
Exemple : title notmatches \"football\"" + otp: + page_title: Authentification double-facteur + app: + two_factor_code_description_1: Vous venez d’activer l’authentification double-facteur, ouvrez votre application OTP pour configurer la génération du mot de passe à usage unique. Ces informations disparaîtront après un rechargement de la page. + two_factor_code_description_2: 'Vous pouvez scanner le QR code avec votre application :' + two_factor_code_description_3: 'N’oubliez pas de sauvegarder ces codes de secours dans un endroit sûr, vous pourrez les utiliser si vous ne pouvez plus accéder à votre application OTP :' + two_factor_code_description_4: 'Testez un code généré par votre application OTP :' + cancel: Annuler + enable: Activer entry: default_title: "Titre de l’article" @@ -585,6 +598,7 @@ flashes: tags_reset: "Tags supprimés" entries_reset: "Articles supprimés" archived_reset: "Articles archivés supprimés" + otp_enabled: "Authentification à double-facteur activée" entry: notice: entry_already_saved: "Article déjà sauvegardé le %date%" diff --git a/src/Wallabag/CoreBundle/Resources/translations/messages.it.yml b/src/Wallabag/CoreBundle/Resources/translations/messages.it.yml index 33326231..274e5338 100644 --- a/src/Wallabag/CoreBundle/Resources/translations/messages.it.yml +++ b/src/Wallabag/CoreBundle/Resources/translations/messages.it.yml @@ -102,12 +102,15 @@ config: # two_factor_description: "Enabling two factor authentication means you'll receive an email with a code OR need to use an OTP app (like Google Authenticator, Authy or FreeOTP) to get a one time code on every new untrusted connection. You can't choose both option." name_label: 'Nome' email_label: 'E-mail' - # emailTwoFactor_label: 'Using email (receive a code by email)' - # googleTwoFactor_label: 'Using an OTP app (open the app, like Google Authenticator, Authy or FreeOTP, to get a one time code)' - # two_factor_code_description_1: You just enabled the OTP two factor authentication, open your OTP app and use that code to get a one time password. It'll disapear after a page reload. - # two_factor_code_description_2: 'You can scan that QR Code with your app:' - # two_factor_code_description_3: 'Or use that code:' - # two_factor_code_description_4: 'Also, save these backup codes in a safe place, you can use them in case you lose access to your OTP app:' + # emailTwoFactor_label: 'Using email (receive a code by email)' + # googleTwoFactor_label: 'Using an OTP app (open the app, like Google Authenticator, Authy or FreeOTP, to get a one time code)' + # table_method: Method + # table_state: State + # table_action: Action + # state_enabled: Enabled + # state_disabled: Disabled + # action_email: Use email + # action_app: Use OTP App delete: title: Cancella il mio account (zona pericolosa) description: Rimuovendo il tuo account, TUTTI i tuoi articoli, TUTTE le tue etichette, TUTTE le tue annotazioni ed il tuo account verranno rimossi PERMANENTEMENTE (impossibile da ANNULLARE). Verrai poi disconnesso. @@ -165,6 +168,15 @@ config: and: "Una regola E un'altra" matches: 'Verifica che un oggetto risulti in una ricerca (case-insensitive).
Esempio: titolo contiene "football"' # notmatches: 'Tests that a subject doesn''t match match a search (case-insensitive).
Example: title notmatches "football"' + otp: + # page_title: Two-factor authentication + # app: + # two_factor_code_description_1: You just enabled the OTP two factor authentication, open your OTP app and use that code to get a one time password. It'll disapear after a page reload. + # two_factor_code_description_2: 'You can scan that QR Code with your app:' + # two_factor_code_description_3: 'Also, save these backup codes in a safe place, you can use them in case you lose access to your OTP app:' + # two_factor_code_description_4: 'Test an OTP code from your configured app:' + # cancel: Cancel + # enable: Enable entry: default_title: "Titolo del contenuto" diff --git a/src/Wallabag/CoreBundle/Resources/translations/messages.oc.yml b/src/Wallabag/CoreBundle/Resources/translations/messages.oc.yml index 599490e1..4e5370f9 100644 --- a/src/Wallabag/CoreBundle/Resources/translations/messages.oc.yml +++ b/src/Wallabag/CoreBundle/Resources/translations/messages.oc.yml @@ -102,12 +102,15 @@ config: # two_factor_description: "Enabling two factor authentication means you'll receive an email with a code OR need to use an OTP app (like Google Authenticator, Authy or FreeOTP) to get a one time code on every new untrusted connection. You can't choose both option." name_label: 'Nom' email_label: 'Adreça de corrièl' - # emailTwoFactor_label: 'Using email (receive a code by email)' - # googleTwoFactor_label: 'Using an OTP app (open the app, like Google Authenticator, Authy or FreeOTP, to get a one time code)' - # two_factor_code_description_1: You just enabled the OTP two factor authentication, open your OTP app and use that code to get a one time password. It'll disapear after a page reload. - # two_factor_code_description_2: 'You can scan that QR Code with your app:' - # two_factor_code_description_3: 'Or use that code:' - # two_factor_code_description_4: 'Also, save these backup codes in a safe place, you can use them in case you lose access to your OTP app:' + # emailTwoFactor_label: 'Using email (receive a code by email)' + # googleTwoFactor_label: 'Using an OTP app (open the app, like Google Authenticator, Authy or FreeOTP, to get a one time code)' + # table_method: Method + # table_state: State + # table_action: Action + # state_enabled: Enabled + # state_disabled: Disabled + # action_email: Use email + # action_app: Use OTP App delete: title: Suprimir mon compte (Mèfi zòna perilhosa) description: Se confirmatz la supression de vòstre compte, TOTES vòstres articles, TOTAS vòstras etiquetas, TOTAS vòstras anotacions e vòstre compte seràn suprimits per totjorn. E aquò es IRREVERSIBLE. Puèi seretz desconnectat. @@ -165,6 +168,15 @@ config: and: "Una règla E l'autra" matches: 'Teste se un subjècte correspond a una recèrca (non sensibla a la cassa).
Exemple : title matches \"football\"' notmatches: 'Teste se subjècte correspond pas a una recèrca (sensibla a la cassa).
Example : title notmatches "football"' + otp: + # page_title: Two-factor authentication + # app: + # two_factor_code_description_1: You just enabled the OTP two factor authentication, open your OTP app and use that code to get a one time password. It'll disapear after a page reload. + # two_factor_code_description_2: 'You can scan that QR Code with your app:' + # two_factor_code_description_3: 'Also, save these backup codes in a safe place, you can use them in case you lose access to your OTP app:' + # two_factor_code_description_4: 'Test an OTP code from your configured app:' + # cancel: Cancel + # enable: Enable entry: default_title: "Títol de l'article" diff --git a/src/Wallabag/CoreBundle/Resources/translations/messages.pl.yml b/src/Wallabag/CoreBundle/Resources/translations/messages.pl.yml index 89fd34dc..a7a4d6c3 100644 --- a/src/Wallabag/CoreBundle/Resources/translations/messages.pl.yml +++ b/src/Wallabag/CoreBundle/Resources/translations/messages.pl.yml @@ -99,15 +99,18 @@ config: all: 'Wszystkie' rss_limit: 'Link do RSS' form_user: - two_factor_description: "Enabling two factor authentication means you'll receive an email with a code OR need to use an OTP app (like Google Authenticator, Authy or FreeOTP) to get a one time code on every new untrusted connection. You can't choose both option." + # two_factor_description: "Enabling two factor authentication means you'll receive an email with a code OR need to use an OTP app (like Google Authenticator, Authy or FreeOTP) to get a one time code on every new untrusted connection. You can't choose both option." name_label: 'Nazwa' email_label: 'Adres email' - # emailTwoFactor_label: 'Using email (receive a code by email)' - # googleTwoFactor_label: 'Using an OTP app (open the app, like Google Authenticator, Authy or FreeOTP, to get a one time code)' - # two_factor_code_description_1: You just enabled the OTP two factor authentication, open your OTP app and use that code to get a one time password. It'll disapear after a page reload. - # two_factor_code_description_2: 'You can scan that QR Code with your app:' - # two_factor_code_description_3: 'Or use that code:' - # two_factor_code_description_4: 'Also, save these backup codes in a safe place, you can use them in case you lose access to your OTP app:' + # emailTwoFactor_label: 'Using email (receive a code by email)' + # googleTwoFactor_label: 'Using an OTP app (open the app, like Google Authenticator, Authy or FreeOTP, to get a one time code)' + # table_method: Method + # table_state: State + # table_action: Action + # state_enabled: Enabled + # state_disabled: Disabled + # action_email: Use email + # action_app: Use OTP App delete: title: Usuń moje konto (niebezpieczna strefa !) description: Jeżeli usuniesz swoje konto, wszystkie twoje artykuły, tagi, adnotacje, oraz konto zostaną trwale usunięte (operacja jest NIEODWRACALNA). Następnie zostaniesz wylogowany. @@ -165,6 +168,15 @@ config: and: 'Jedna reguła I inna' matches: 'Sprawdź czy temat pasuje szukaj (duże lub małe litery).
Przykład: tytuł zawiera "piłka nożna"' notmatches: 'Sprawdź czy temat nie zawiera szukaj (duże lub małe litery).
Przykład: tytuł nie zawiera "piłka nożna"' + otp: + # page_title: Two-factor authentication + # app: + # two_factor_code_description_1: You just enabled the OTP two factor authentication, open your OTP app and use that code to get a one time password. It'll disapear after a page reload. + # two_factor_code_description_2: 'You can scan that QR Code with your app:' + # two_factor_code_description_3: 'Also, save these backup codes in a safe place, you can use them in case you lose access to your OTP app:' + # two_factor_code_description_4: 'Test an OTP code from your configured app:' + # cancel: Cancel + # enable: Enable entry: default_title: 'Tytuł wpisu' diff --git a/src/Wallabag/CoreBundle/Resources/translations/messages.pt.yml b/src/Wallabag/CoreBundle/Resources/translations/messages.pt.yml index f37aeb91..a5483a6d 100644 --- a/src/Wallabag/CoreBundle/Resources/translations/messages.pt.yml +++ b/src/Wallabag/CoreBundle/Resources/translations/messages.pt.yml @@ -102,12 +102,15 @@ config: # two_factor_description: "Enabling two factor authentication means you'll receive an email with a code OR need to use an OTP app (like Google Authenticator, Authy or FreeOTP) to get a one time code on every new untrusted connection. You can't choose both option." name_label: 'Nome' email_label: 'E-mail' - # emailTwoFactor_label: 'Using email (receive a code by email)' - # googleTwoFactor_label: 'Using an OTP app (open the app, like Google Authenticator, Authy or FreeOTP, to get a one time code)' - # two_factor_code_description_1: You just enabled the OTP two factor authentication, open your OTP app and use that code to get a one time password. It'll disapear after a page reload. - # two_factor_code_description_2: 'You can scan that QR Code with your app:' - # two_factor_code_description_3: 'Or use that code:' - # two_factor_code_description_4: 'Also, save these backup codes in a safe place, you can use them in case you lose access to your OTP app:' + # emailTwoFactor_label: 'Using email (receive a code by email)' + # googleTwoFactor_label: 'Using an OTP app (open the app, like Google Authenticator, Authy or FreeOTP, to get a one time code)' + # table_method: Method + # table_state: State + # table_action: Action + # state_enabled: Enabled + # state_disabled: Disabled + # action_email: Use email + # action_app: Use OTP App delete: # title: Delete my account (a.k.a danger zone) # description: If you remove your account, ALL your articles, ALL your tags, ALL your annotations and your account will be PERMANENTLY removed (it can't be UNDONE). You'll then be logged out. @@ -165,6 +168,15 @@ config: and: 'Uma regra E outra' matches: 'Testa que um assunto corresponde a uma pesquisa (maiúscula ou minúscula).
Exemplo: título corresponde a "futebol"' # notmatches: 'Tests that a subject doesn''t match match a search (case-insensitive).
Example: title notmatches "football"' + otp: + # page_title: Two-factor authentication + # app: + # two_factor_code_description_1: You just enabled the OTP two factor authentication, open your OTP app and use that code to get a one time password. It'll disapear after a page reload. + # two_factor_code_description_2: 'You can scan that QR Code with your app:' + # two_factor_code_description_3: 'Also, save these backup codes in a safe place, you can use them in case you lose access to your OTP app:' + # two_factor_code_description_4: 'Test an OTP code from your configured app:' + # cancel: Cancel + # enable: Enable entry: default_title: 'Título da entrada' diff --git a/src/Wallabag/CoreBundle/Resources/translations/messages.ro.yml b/src/Wallabag/CoreBundle/Resources/translations/messages.ro.yml index c9d9500d..3b7fbd69 100644 --- a/src/Wallabag/CoreBundle/Resources/translations/messages.ro.yml +++ b/src/Wallabag/CoreBundle/Resources/translations/messages.ro.yml @@ -102,12 +102,15 @@ config: # two_factor_description: "Enabling two factor authentication means you'll receive an email with a code OR need to use an OTP app (like Google Authenticator, Authy or FreeOTP) to get a one time code on every new untrusted connection. You can't choose both option." name_label: 'Nume' email_label: 'E-mail' - # emailTwoFactor_label: 'Using email (receive a code by email)' - # googleTwoFactor_label: 'Using an OTP app (open the app, like Google Authenticator, Authy or FreeOTP, to get a one time code)' - # two_factor_code_description_1: You just enabled the OTP two factor authentication, open your OTP app and use that code to get a one time password. It'll disapear after a page reload. - # two_factor_code_description_2: 'You can scan that QR Code with your app:' - # two_factor_code_description_3: 'Or use that code:' - # two_factor_code_description_4: 'Also, save these backup codes in a safe place, you can use them in case you lose access to your OTP app:' + # emailTwoFactor_label: 'Using email (receive a code by email)' + # googleTwoFactor_label: 'Using an OTP app (open the app, like Google Authenticator, Authy or FreeOTP, to get a one time code)' + # table_method: Method + # table_state: State + # table_action: Action + # state_enabled: Enabled + # state_disabled: Disabled + # action_email: Use email + # action_app: Use OTP App delete: # title: Delete my account (a.k.a danger zone) # description: If you remove your account, ALL your articles, ALL your tags, ALL your annotations and your account will be PERMANENTLY removed (it can't be UNDONE). You'll then be logged out. @@ -165,6 +168,15 @@ config: # and: 'One rule AND another' # matches: 'Tests that a subject matches a search (case-insensitive).
Example: title matches "football"' # notmatches: 'Tests that a subject doesn''t match match a search (case-insensitive).
Example: title notmatches "football"' + otp: + # page_title: Two-factor authentication + # app: + # two_factor_code_description_1: You just enabled the OTP two factor authentication, open your OTP app and use that code to get a one time password. It'll disapear after a page reload. + # two_factor_code_description_2: 'You can scan that QR Code with your app:' + # two_factor_code_description_3: 'Also, save these backup codes in a safe place, you can use them in case you lose access to your OTP app:' + # two_factor_code_description_4: 'Test an OTP code from your configured app:' + # cancel: Cancel + # enable: Enable entry: # default_title: 'Title of the entry' diff --git a/src/Wallabag/CoreBundle/Resources/translations/messages.ru.yml b/src/Wallabag/CoreBundle/Resources/translations/messages.ru.yml index 62a078d4..92746631 100644 --- a/src/Wallabag/CoreBundle/Resources/translations/messages.ru.yml +++ b/src/Wallabag/CoreBundle/Resources/translations/messages.ru.yml @@ -99,12 +99,15 @@ config: # two_factor_description: "Enabling two factor authentication means you'll receive an email with a code OR need to use an OTP app (like Google Authenticator, Authy or FreeOTP) to get a one time code on every new untrusted connection. You can't choose both option." name_label: 'Имя' email_label: 'Email' - # emailTwoFactor_label: 'Using email (receive a code by email)' - # googleTwoFactor_label: 'Using an OTP app (open the app, like Google Authenticator, Authy or FreeOTP, to get a one time code)' - # two_factor_code_description_1: You just enabled the OTP two factor authentication, open your OTP app and use that code to get a one time password. It'll disapear after a page reload. - # two_factor_code_description_2: 'You can scan that QR Code with your app:' - # two_factor_code_description_3: 'Or use that code:' - # two_factor_code_description_4: 'Also, save these backup codes in a safe place, you can use them in case you lose access to your OTP app:' + # emailTwoFactor_label: 'Using email (receive a code by email)' + # googleTwoFactor_label: 'Using an OTP app (open the app, like Google Authenticator, Authy or FreeOTP, to get a one time code)' + # table_method: Method + # table_state: State + # table_action: Action + # state_enabled: Enabled + # state_disabled: Disabled + # action_email: Use email + # action_app: Use OTP App delete: title: "Удалить мой аккаунт (или опасная зона)" description: "Если Вы удалите ваш аккаунт, ВСЕ ваши записи, теги и другие данные, будут БЕЗВОЗВРАТНО удалены (операция не может быть отменена после). Затем Вы выйдете из системы." @@ -160,6 +163,15 @@ config: or: 'Одно правило ИЛИ другое' and: 'Одно правило И другое' matches: 'Тесты, в которых тема соответствует поиску (без учета регистра). Пример: title matches "футбол" ' + otp: + # page_title: Two-factor authentication + # app: + # two_factor_code_description_1: You just enabled the OTP two factor authentication, open your OTP app and use that code to get a one time password. It'll disapear after a page reload. + # two_factor_code_description_2: 'You can scan that QR Code with your app:' + # two_factor_code_description_3: 'Also, save these backup codes in a safe place, you can use them in case you lose access to your OTP app:' + # two_factor_code_description_4: 'Test an OTP code from your configured app:' + # cancel: Cancel + # enable: Enable entry: default_title: 'Название записи' diff --git a/src/Wallabag/CoreBundle/Resources/translations/messages.th.yml b/src/Wallabag/CoreBundle/Resources/translations/messages.th.yml index 78b5727a..1fe4fa0e 100644 --- a/src/Wallabag/CoreBundle/Resources/translations/messages.th.yml +++ b/src/Wallabag/CoreBundle/Resources/translations/messages.th.yml @@ -102,12 +102,15 @@ config: # two_factor_description: "Enabling two factor authentication means you'll receive an email with a code OR need to use an OTP app (like Google Authenticator, Authy or FreeOTP) to get a one time code on every new untrusted connection. You can't choose both option." name_label: 'ชื่อ' email_label: 'อีเมล' - # emailTwoFactor_label: 'Using email (receive a code by email)' - # googleTwoFactor_label: 'Using an OTP app (open the app, like Google Authenticator, Authy or FreeOTP, to get a one time code)' - # two_factor_code_description_1: You just enabled the OTP two factor authentication, open your OTP app and use that code to get a one time password. It'll disapear after a page reload. - # two_factor_code_description_2: 'You can scan that QR Code with your app:' - # two_factor_code_description_3: 'Or use that code:' - # two_factor_code_description_4: 'Also, save these backup codes in a safe place, you can use them in case you lose access to your OTP app:' + # emailTwoFactor_label: 'Using email (receive a code by email)' + # googleTwoFactor_label: 'Using an OTP app (open the app, like Google Authenticator, Authy or FreeOTP, to get a one time code)' + # table_method: Method + # table_state: State + # table_action: Action + # state_enabled: Enabled + # state_disabled: Disabled + # action_email: Use email + # action_app: Use OTP App delete: title: ลบบัญชีของฉัน (โซนที่เป็นภัย!) description: ถ้าคุณลบบัญชีของคุณIf , รายการทั้งหมดของคุณ, แท็กทั้งหมดของคุณ, หมายเหตุทั้งหมดของคุณและบัญชีของคุณจะถูกลบอย่างถาวร (มันไม่สามารถยกเลิกได้) คุณจะต้องลงชื่อออก @@ -165,6 +168,15 @@ config: and: 'หนึ่งข้อบังคับและอื่นๆ' matches: 'ทดสอบว่า เรื่อง นี้ตรงกับ การต้นหา (กรณีไม่ทราบ).
ตัวอย่าง: หัวข้อที่ตรงกับ "football"' notmatches: 'ทดสอบว่า เรื่อง นี้ไม่ตรงกับ การต้นหา (กรณีไม่ทราบ).
ตัวอย่าง: หัวข้อทีไม่ตรงกับ "football"' + otp: + # page_title: Two-factor authentication + # app: + # two_factor_code_description_1: You just enabled the OTP two factor authentication, open your OTP app and use that code to get a one time password. It'll disapear after a page reload. + # two_factor_code_description_2: 'You can scan that QR Code with your app:' + # two_factor_code_description_3: 'Also, save these backup codes in a safe place, you can use them in case you lose access to your OTP app:' + # two_factor_code_description_4: 'Test an OTP code from your configured app:' + # cancel: Cancel + # enable: Enable entry: default_title: 'หัวข้อรายการ' diff --git a/src/Wallabag/CoreBundle/Resources/translations/messages.tr.yml b/src/Wallabag/CoreBundle/Resources/translations/messages.tr.yml index 9f4c01f7..3b8a0d59 100644 --- a/src/Wallabag/CoreBundle/Resources/translations/messages.tr.yml +++ b/src/Wallabag/CoreBundle/Resources/translations/messages.tr.yml @@ -102,12 +102,15 @@ config: # two_factor_description: "Enabling two factor authentication means you'll receive an email with a code OR need to use an OTP app (like Google Authenticator, Authy or FreeOTP) to get a one time code on every new untrusted connection. You can't choose both option." name_label: 'İsim' email_label: 'E-posta' - # emailTwoFactor_label: 'Using email (receive a code by email)' - # googleTwoFactor_label: 'Using an OTP app (open the app, like Google Authenticator, Authy or FreeOTP, to get a one time code)' - # two_factor_code_description_1: You just enabled the OTP two factor authentication, open your OTP app and use that code to get a one time password. It'll disapear after a page reload. - # two_factor_code_description_2: 'You can scan that QR Code with your app:' - # two_factor_code_description_3: 'Or use that code:' - # two_factor_code_description_4: 'Also, save these backup codes in a safe place, you can use them in case you lose access to your OTP app:' + # emailTwoFactor_label: 'Using email (receive a code by email)' + # googleTwoFactor_label: 'Using an OTP app (open the app, like Google Authenticator, Authy or FreeOTP, to get a one time code)' + # table_method: Method + # table_state: State + # table_action: Action + # state_enabled: Enabled + # state_disabled: Disabled + # action_email: Use email + # action_app: Use OTP App delete: # title: Delete my account (a.k.a danger zone) # description: If you remove your account, ALL your articles, ALL your tags, ALL your annotations and your account will be PERMANENTLY removed (it can't be UNDONE). You'll then be logged out. @@ -165,6 +168,15 @@ config: and: 'Bir kural ve diğeri' # matches: 'Tests that a subject matches a search (case-insensitive).
Example: title matches "football"' # notmatches: 'Tests that a subject doesn''t match match a search (case-insensitive).
Example: title notmatches "football"' + otp: + # page_title: Two-factor authentication + # app: + # two_factor_code_description_1: You just enabled the OTP two factor authentication, open your OTP app and use that code to get a one time password. It'll disapear after a page reload. + # two_factor_code_description_2: 'You can scan that QR Code with your app:' + # two_factor_code_description_3: 'Also, save these backup codes in a safe place, you can use them in case you lose access to your OTP app:' + # two_factor_code_description_4: 'Test an OTP code from your configured app:' + # cancel: Cancel + # enable: Enable entry: default_title: 'Makalenin başlığı' diff --git a/src/Wallabag/CoreBundle/Resources/views/themes/baggy/Config/index.html.twig b/src/Wallabag/CoreBundle/Resources/views/themes/baggy/Config/index.html.twig index cf439408..93f8ddf8 100644 --- a/src/Wallabag/CoreBundle/Resources/views/themes/baggy/Config/index.html.twig +++ b/src/Wallabag/CoreBundle/Resources/views/themes/baggy/Config/index.html.twig @@ -168,48 +168,41 @@ + {{ form_widget(form.user.save) }} + {% if twofactor_auth %} +
{{ 'config.otp.page_title'|trans }}
+
{{ 'config.form_user.two_factor_description'|trans }}
-
-
- {{ form_label(form.user.emailTwoFactor) }} - {{ form_errors(form.user.emailTwoFactor) }} - {{ form_widget(form.user.emailTwoFactor) }} -
-
-
- {{ form_label(form.user.googleTwoFactor) }} - {{ form_widget(form.user.googleTwoFactor) }} - {{ form_errors(form.user.googleTwoFactor) }} -
- {% for OtpQrCode in app.session.flashbag.get('OtpQrCode') %} -
- {{ 'config.form_user.two_factor_code_description_1'|trans }} -
- {{ 'config.form_user.two_factor_code_description_2'|trans }} -

- - -

- {{ 'config.form_user.two_factor_code_description_3'|trans }} -

- {{ app.user.getGoogleAuthenticatorSecret }} -

- {{ 'config.form_user.two_factor_code_description_4'|trans }} -

- {{ app.user.getBackupCodes|join("\n")|nl2br }} -
- {% endfor %} -
+ + + + + + + + + + + + + + + + + + + + + +
{{ 'config.form_user.two_factor.table_method'|trans }}{{ 'config.form_user.two_factor.table_state'|trans }}{{ 'config.form_user.two_factor.table_action'|trans }}
{{ 'config.form_user.two_factor.emailTwoFactor_label'|trans }}{% if app.user.isEmailTwoFactor %}{{ 'config.form_user.two_factor.state_enabled'|trans }}{% else %}{{ 'config.form_user.two_factor.state_disabled'|trans }}{% endif %}{{ 'config.form_user.two_factor.action_email'|trans }}
{{ 'config.form_user.two_factor.googleTwoFactor_label'|trans }}{% if app.user.isGoogleTwoFactor %}{{ 'config.form_user.two_factor.state_enabled'|trans }}{% else %}{{ 'config.form_user.two_factor.state_disabled'|trans }}{% endif %}{{ 'config.form_user.two_factor.action_app'|trans }}
+ {% endif %} {{ form_widget(form.user._token) }} - {{ form_widget(form.user.save) }} {% if enabled_users > 1 %} diff --git a/src/Wallabag/CoreBundle/Resources/views/themes/baggy/Config/otp_app.html.twig b/src/Wallabag/CoreBundle/Resources/views/themes/baggy/Config/otp_app.html.twig new file mode 100644 index 00000000..2e4442e3 --- /dev/null +++ b/src/Wallabag/CoreBundle/Resources/views/themes/baggy/Config/otp_app.html.twig @@ -0,0 +1,55 @@ +{% extends "WallabagCoreBundle::layout.html.twig" %} + +{% block title %}{{ 'config.page_title'|trans }} > {{ 'config.otp.page_title'|trans }}{% endblock %} + +{% block content %} +
{{ 'config.otp.page_title'|trans }}
+ +
    +
  1. +

    {{ 'config.otp.app.two_factor_code_description_1'|trans }}

    +

    {{ 'config.otp.app.two_factor_code_description_2'|trans }}

    + +

    + + +

    +
    2. +
  2. +

    {{ 'config.otp.app.two_factor_code_description_3'|trans }}

    + +

    {{ app.user.getBackupCodes|join("\n")|nl2br }}

    +
    3. +
  3. +

    {{ 'config.otp.app.two_factor_code_description_4'|trans }}

    + + {% for flashMessage in app.session.flashbag.get("two_factor") %} +
    + {{ flashMessage|trans }} +
    + {% endfor %} + +
    +
    +
    +
    + + +
    +
    +
    +
    + + {{ 'config.otp.app.cancel'|trans }} + + +
    +
    +
    4. +
+{% endblock %} diff --git a/src/Wallabag/CoreBundle/Resources/views/themes/material/Config/index.html.twig b/src/Wallabag/CoreBundle/Resources/views/themes/material/Config/index.html.twig index 5b00eb7b..412c18f4 100644 --- a/src/Wallabag/CoreBundle/Resources/views/themes/material/Config/index.html.twig +++ b/src/Wallabag/CoreBundle/Resources/views/themes/material/Config/index.html.twig @@ -196,45 +196,40 @@ + {{ form_widget(form.user.save, {'attr': {'class': 'btn waves-effect waves-light'}}) }} + {% if twofactor_auth %} +
+
- {{ 'config.form_user.two_factor_description'|trans }} - -
- {{ form_widget(form.user.emailTwoFactor) }} - {{ form_label(form.user.emailTwoFactor) }} - {{ form_errors(form.user.emailTwoFactor) }} -
-
- {{ form_widget(form.user.googleTwoFactor) }} - {{ form_label(form.user.googleTwoFactor) }} - {{ form_errors(form.user.googleTwoFactor) }} -
+
{{ 'config.otp.page_title'|trans }}
+ +

{{ 'config.form_user.two_factor_description'|trans }}

+ + + + + + + + + + + + + + + + + + + + + + +
{{ 'config.form_user.two_factor.table_method'|trans }}{{ 'config.form_user.two_factor.table_state'|trans }}{{ 'config.form_user.two_factor.table_action'|trans }}
{{ 'config.form_user.two_factor.emailTwoFactor_label'|trans }}{% if app.user.isEmailTwoFactor %}{{ 'config.form_user.two_factor.state_enabled'|trans }}{% else %}{{ 'config.form_user.two_factor.state_disabled'|trans }}{% endif %}{{ 'config.form_user.two_factor.action_email'|trans }}
{{ 'config.form_user.two_factor.googleTwoFactor_label'|trans }}{% if app.user.isGoogleTwoFactor %}{{ 'config.form_user.two_factor.state_enabled'|trans }}{% else %}{{ 'config.form_user.two_factor.state_disabled'|trans }}{% endif %}{{ 'config.form_user.two_factor.action_app'|trans }}
- - {% for OtpQrCode in app.session.flashbag.get('OtpQrCode') %} -
- {{ 'config.form_user.two_factor_code_description_1'|trans }} -
- {{ 'config.form_user.two_factor_code_description_2'|trans }} -

- - -

- {{ 'config.form_user.two_factor_code_description_3'|trans }} -

- {{ app.user.getGoogleAuthenticatorSecret }} -

- {{ 'config.form_user.two_factor_code_description_4'|trans }} -

- {{ app.user.getBackupCodes|join("\n")|nl2br }} -
- {% endfor %} {% endif %} - - {{ form_widget(form.user.save, {'attr': {'class': 'btn waves-effect waves-light'}}) }} {{ form_widget(form.user._token) }} diff --git a/src/Wallabag/CoreBundle/Resources/views/themes/material/Config/otp_app.html.twig b/src/Wallabag/CoreBundle/Resources/views/themes/material/Config/otp_app.html.twig new file mode 100644 index 00000000..6aef355e --- /dev/null +++ b/src/Wallabag/CoreBundle/Resources/views/themes/material/Config/otp_app.html.twig @@ -0,0 +1,63 @@ +{% extends "WallabagCoreBundle::layout.html.twig" %} + +{% block title %}{{ 'config.page_title'|trans }} > {{ 'config.otp.page_title'|trans }}{% endblock %} + +{% block content %} +
+
+
+
+
{{ 'config.otp.page_title'|trans }}
+ +
    +
  1. +

    {{ 'config.otp.app.two_factor_code_description_1'|trans }}

    +

    {{ 'config.otp.app.two_factor_code_description_2'|trans }}

    + +

    + + +

    +
    2. +
  2. +

    {{ 'config.otp.app.two_factor_code_description_3'|trans }}

    + +

    {{ app.user.getBackupCodes|join("\n")|nl2br }}

    +
    3. +
  3. +

    {{ 'config.otp.app.two_factor_code_description_4'|trans }}

    + + {% for flashMessage in app.session.flashbag.get("two_factor") %} +
    + {{ flashMessage|trans }} +
    + {% endfor %} + +
    +
    +
    +
    + + +
    +
    +
    +
    + + {{ 'config.otp.app.cancel'|trans }} + + +
    +
    +
    4. +
+
+
+
+
+{% endblock %} diff --git a/tests/Wallabag/CoreBundle/Controller/ConfigControllerTest.php b/tests/Wallabag/CoreBundle/Controller/ConfigControllerTest.php index 9ca52c64..1090a686 100644 --- a/tests/Wallabag/CoreBundle/Controller/ConfigControllerTest.php +++ b/tests/Wallabag/CoreBundle/Controller/ConfigControllerTest.php @@ -297,119 +297,6 @@ class ConfigControllerTest extends WallabagCoreTestCase $this->assertContains('flashes.config.notice.user_updated', $alert[0]); } - public function testUserEnable2faEmail() - { - $this->logInAs('admin'); - $client = $this->getClient(); - - $crawler = $client->request('GET', '/config'); - - $this->assertSame(200, $client->getResponse()->getStatusCode()); - - $form = $crawler->filter('button[id=update_user_save]')->form(); - - $data = [ - 'update_user[emailTwoFactor]' => '1', - ]; - - $client->submit($form, $data); - - $this->assertSame(302, $client->getResponse()->getStatusCode()); - - $crawler = $client->followRedirect(); - - $this->assertGreaterThan(1, $alert = $crawler->filter('body')->extract(['_text'])); - $this->assertContains('flashes.config.notice.user_updated', $alert[0]); - - // restore user - $em = $this->getEntityManager(); - $user = $em - ->getRepository('WallabagUserBundle:User') - ->findOneByUsername('admin'); - - $this->assertTrue($user->isEmailTwoFactor()); - - $user->setEmailTwoFactor(false); - $em->persist($user); - $em->flush(); - } - - public function testUserEnable2faGoogle() - { - $this->logInAs('admin'); - $client = $this->getClient(); - - $crawler = $client->request('GET', '/config'); - - $this->assertSame(200, $client->getResponse()->getStatusCode()); - - $form = $crawler->filter('button[id=update_user_save]')->form(); - - $data = [ - 'update_user[googleTwoFactor]' => '1', - ]; - - $client->submit($form, $data); - - $this->assertSame(302, $client->getResponse()->getStatusCode()); - - $crawler = $client->followRedirect(); - - $this->assertGreaterThan(1, $alert = $crawler->filter('body')->extract(['_text'])); - $this->assertContains('flashes.config.notice.user_updated', $alert[0]); - - // restore user - $em = $this->getEntityManager(); - $user = $em - ->getRepository('WallabagUserBundle:User') - ->findOneByUsername('admin'); - - $this->assertTrue($user->isGoogleAuthenticatorEnabled()); - - $user->setGoogleAuthenticatorSecret(null); - $em->persist($user); - $em->flush(); - } - - public function testUserEnable2faBoth() - { - $this->logInAs('admin'); - $client = $this->getClient(); - - $crawler = $client->request('GET', '/config'); - - $this->assertSame(200, $client->getResponse()->getStatusCode()); - - $form = $crawler->filter('button[id=update_user_save]')->form(); - - $data = [ - 'update_user[googleTwoFactor]' => '1', - 'update_user[emailTwoFactor]' => '1', - ]; - - $client->submit($form, $data); - - $this->assertSame(302, $client->getResponse()->getStatusCode()); - - $crawler = $client->followRedirect(); - - $this->assertGreaterThan(1, $alert = $crawler->filter('body')->extract(['_text'])); - $this->assertContains('flashes.config.notice.user_updated', $alert[0]); - - // restore user - $em = $this->getEntityManager(); - $user = $em - ->getRepository('WallabagUserBundle:User') - ->findOneByUsername('admin'); - - $this->assertTrue($user->isGoogleAuthenticatorEnabled()); - $this->assertFalse($user->isEmailTwoFactor()); - - $user->setGoogleAuthenticatorSecret(null); - $em->persist($user); - $em->flush(); - } - public function testRssUpdateResetToken() { $this->logInAs('admin'); @@ -1113,4 +1000,85 @@ class ConfigControllerTest extends WallabagCoreTestCase $this->assertNotSame('yuyuyuyu', $client->getRequest()->getLocale()); $this->assertNotSame('yuyuyuyu', $client->getContainer()->get('session')->get('_locale')); } + + public function testUserEnable2faEmail() + { + $this->logInAs('admin'); + $client = $this->getClient(); + + $crawler = $client->request('GET', '/config/otp/email'); + + $this->assertSame(302, $client->getResponse()->getStatusCode()); + + $crawler = $client->followRedirect(); + + $this->assertGreaterThan(1, $alert = $crawler->filter('body')->extract(['_text'])); + $this->assertContains('flashes.config.notice.otp_enabled', $alert[0]); + + // restore user + $em = $this->getEntityManager(); + $user = $em + ->getRepository('WallabagUserBundle:User') + ->findOneByUsername('admin'); + + $this->assertTrue($user->isEmailTwoFactor()); + + $user->setEmailTwoFactor(false); + $em->persist($user); + $em->flush(); + } + + public function testUserEnable2faGoogle() + { + $this->logInAs('admin'); + $client = $this->getClient(); + + $crawler = $client->request('GET', '/config/otp/app'); + + $this->assertSame(200, $client->getResponse()->getStatusCode()); + + // restore user + $em = $this->getEntityManager(); + $user = $em + ->getRepository('WallabagUserBundle:User') + ->findOneByUsername('admin'); + + $this->assertTrue($user->isGoogleTwoFactor()); + $this->assertGreaterThan(0, $user->getBackupCodes()); + + $user->setGoogleAuthenticatorSecret(false); + $user->setBackupCodes(null); + $em->persist($user); + $em->flush(); + } + + public function testUserEnable2faGoogleCancel() + { + $this->logInAs('admin'); + $client = $this->getClient(); + + $crawler = $client->request('GET', '/config/otp/app'); + + $this->assertSame(200, $client->getResponse()->getStatusCode()); + + // restore user + $em = $this->getEntityManager(); + $user = $em + ->getRepository('WallabagUserBundle:User') + ->findOneByUsername('admin'); + + $this->assertTrue($user->isGoogleTwoFactor()); + $this->assertGreaterThan(0, $user->getBackupCodes()); + + $crawler = $client->request('GET', '/config/otp/app/cancel'); + + $this->assertSame(302, $client->getResponse()->getStatusCode()); + + $user = $em + ->getRepository('WallabagUserBundle:User') + ->findOneByUsername('admin'); + + $this->assertFalse($user->isGoogleTwoFactor()); + $this->assertEmpty($user->getBackupCodes()); + } } -- cgit v1.2.3