From a6b242a1fd6f8900d80354361449f1bf62506ef9 Mon Sep 17 00:00:00 2001 From: Jeremy Benoist Date: Sun, 2 Dec 2018 12:43:05 +0100 Subject: Enable OTP 2FA - Update SchebTwoFactorBundle to version 3 - Enable Google 2fa on the bundle - Disallow ability to use both email and google as 2fa - Update Ocramius Proxy Manager to handle typed function & attributes (from PHP 7) - use `$this->addFlash` shortcut instead of `$this->get('session')->getFlashBag()->add` - update admin to be able to create/reset the 2fa --- .../CoreBundle/Command/ShowUserCommand.php | 3 +- .../CoreBundle/Controller/ConfigController.php | 35 +++++++-- .../CoreBundle/Form/Type/UserInformationType.php | 9 ++- .../Resources/translations/messages.da.yml | 9 ++- .../Resources/translations/messages.de.yml | 9 ++- .../Resources/translations/messages.en.yml | 9 ++- .../Resources/translations/messages.es.yml | 9 ++- .../Resources/translations/messages.fa.yml | 9 ++- .../Resources/translations/messages.fr.yml | 8 +- .../Resources/translations/messages.it.yml | 9 ++- .../Resources/translations/messages.oc.yml | 9 ++- .../Resources/translations/messages.pl.yml | 9 ++- .../Resources/translations/messages.pt.yml | 9 ++- .../Resources/translations/messages.ro.yml | 9 ++- .../Resources/translations/messages.ru.yml | 9 ++- .../Resources/translations/messages.th.yml | 9 ++- .../Resources/translations/messages.tr.yml | 9 ++- .../views/themes/baggy/Config/index.html.twig | 88 +++++++++++++--------- .../views/themes/material/Config/index.html.twig | 45 +++++++---- 19 files changed, 190 insertions(+), 115 deletions(-) (limited to 'src/Wallabag/CoreBundle') diff --git a/src/Wallabag/CoreBundle/Command/ShowUserCommand.php b/src/Wallabag/CoreBundle/Command/ShowUserCommand.php index a0184267..c95efbf3 100644 --- a/src/Wallabag/CoreBundle/Command/ShowUserCommand.php +++ b/src/Wallabag/CoreBundle/Command/ShowUserCommand.php @@ -57,7 +57,8 @@ class ShowUserCommand extends ContainerAwareCommand sprintf('Display name: %s', $user->getName()), sprintf('Creation date: %s', $user->getCreatedAt()->format('Y-m-d H:i:s')), sprintf('Last login: %s', null !== $user->getLastLogin() ? $user->getLastLogin()->format('Y-m-d H:i:s') : 'never'), - sprintf('2FA activated: %s', $user->isTwoFactorAuthentication() ? 'yes' : 'no'), + sprintf('2FA (email) activated: %s', $user->isEmailTwoFactor() ? 'yes' : 'no'), + sprintf('2FA (OTP) activated: %s', $user->isGoogleAuthenticatorEnabled() ? 'yes' : 'no'), ]); } diff --git a/src/Wallabag/CoreBundle/Controller/ConfigController.php b/src/Wallabag/CoreBundle/Controller/ConfigController.php index be6feb7c..5bbe1c74 100644 --- a/src/Wallabag/CoreBundle/Controller/ConfigController.php +++ b/src/Wallabag/CoreBundle/Controller/ConfigController.php @@ -46,7 +46,7 @@ class ConfigController extends Controller $activeTheme = $this->get('liip_theme.active_theme'); $activeTheme->setName($config->getTheme()); - $this->get('session')->getFlashBag()->add( + $this->addFlash( 'notice', 'flashes.config.notice.config_saved' ); @@ -68,7 +68,7 @@ class ConfigController extends Controller $userManager->updateUser($user, true); } - $this->get('session')->getFlashBag()->add('notice', $message); + $this->addFlash('notice', $message); return $this->redirect($this->generateUrl('config') . '#set4'); } @@ -80,10 +80,29 @@ class ConfigController extends Controller ]); $userForm->handleRequest($request); + // `googleTwoFactor` isn't a field within the User entity, we need to define it's value in a different way + if (true === $user->isGoogleAuthenticatorEnabled() && false === $userForm->isSubmitted()) { + $userForm->get('googleTwoFactor')->setData(true); + } + if ($userForm->isSubmitted() && $userForm->isValid()) { + // handle creation / reset of the OTP secret if checkbox changed from the previous state + if (true === $userForm->get('googleTwoFactor')->getData() && false === $user->isGoogleAuthenticatorEnabled()) { + $secret = $this->get('scheb_two_factor.security.google_authenticator')->generateSecret(); + + $user->setGoogleAuthenticatorSecret($secret); + $user->setEmailTwoFactor(false); + + $qrCode = $this->get('scheb_two_factor.security.google_authenticator')->getQRContent($user); + + $this->addFlash('OTPSecret', ['code' => $secret, 'qrCode' => $qrCode]); + } elseif (false === $userForm->get('googleTwoFactor')->getData() && true === $user->isGoogleAuthenticatorEnabled()) { + $user->setGoogleAuthenticatorSecret(null); + } + $userManager->updateUser($user, true); - $this->get('session')->getFlashBag()->add( + $this->addFlash( 'notice', 'flashes.config.notice.user_updated' ); @@ -99,7 +118,7 @@ class ConfigController extends Controller $em->persist($config); $em->flush(); - $this->get('session')->getFlashBag()->add( + $this->addFlash( 'notice', 'flashes.config.notice.rss_updated' ); @@ -131,7 +150,7 @@ class ConfigController extends Controller $em->persist($taggingRule); $em->flush(); - $this->get('session')->getFlashBag()->add( + $this->addFlash( 'notice', 'flashes.config.notice.tagging_rules_updated' ); @@ -178,7 +197,7 @@ class ConfigController extends Controller return new JsonResponse(['token' => $config->getRssToken()]); } - $this->get('session')->getFlashBag()->add( + $this->addFlash( 'notice', 'flashes.config.notice.rss_token_updated' ); @@ -203,7 +222,7 @@ class ConfigController extends Controller $em->remove($rule); $em->flush(); - $this->get('session')->getFlashBag()->add( + $this->addFlash( 'notice', 'flashes.config.notice.tagging_rules_deleted' ); @@ -269,7 +288,7 @@ class ConfigController extends Controller break; } - $this->get('session')->getFlashBag()->add( + $this->addFlash( 'notice', 'flashes.config.notice.' . $type . '_reset' ); diff --git a/src/Wallabag/CoreBundle/Form/Type/UserInformationType.php b/src/Wallabag/CoreBundle/Form/Type/UserInformationType.php index 07c99949..6e4c9154 100644 --- a/src/Wallabag/CoreBundle/Form/Type/UserInformationType.php +++ b/src/Wallabag/CoreBundle/Form/Type/UserInformationType.php @@ -21,9 +21,14 @@ class UserInformationType extends AbstractType ->add('email', EmailType::class, [ 'label' => 'config.form_user.email_label', ]) - ->add('twoFactorAuthentication', CheckboxType::class, [ + ->add('emailTwoFactor', CheckboxType::class, [ 'required' => false, - 'label' => 'config.form_user.twoFactorAuthentication_label', + 'label' => 'config.form_user.emailTwoFactor_label', + ]) + ->add('googleTwoFactor', CheckboxType::class, [ + 'required' => false, + 'label' => 'config.form_user.googleTwoFactor_label', + 'mapped' => false, ]) ->add('save', SubmitType::class, [ 'label' => 'config.form.save', diff --git a/src/Wallabag/CoreBundle/Resources/translations/messages.da.yml b/src/Wallabag/CoreBundle/Resources/translations/messages.da.yml index 96679a9c..e62ba6d0 100644 --- a/src/Wallabag/CoreBundle/Resources/translations/messages.da.yml +++ b/src/Wallabag/CoreBundle/Resources/translations/messages.da.yml @@ -99,11 +99,11 @@ config: # all: 'All' # rss_limit: 'Number of items in the feed' form_user: - # two_factor_description: "Enabling two factor authentication means you'll receive an email with a code on every new untrusted connexion" + # two_factor_description: "Enabling two factor authentication means you'll receive an email with a code OR need to use an OTP app (like Google Authenticator) to get a one time code on every new untrusted connection. You can't choose both option." name_label: 'Navn' email_label: 'Emailadresse' - # twoFactorAuthentication_label: 'Two factor authentication' - # help_twoFactorAuthentication: "If you enable 2FA, each time you want to login to wallabag, you'll receive a code by email." + # emailTwoFactor_label: 'Using email (receive a code by email)' + # googleTwoFactor_label: 'Using an OTP app (open the app, like Google Authenticator, to get a one time code)' delete: # title: Delete my account (a.k.a danger zone) # description: If you remove your account, ALL your articles, ALL your tags, ALL your annotations and your account will be PERMANENTLY removed (it can't be UNDONE). You'll then be logged out. @@ -533,7 +533,8 @@ user: email_label: 'Emailadresse' # enabled_label: 'Enabled' # last_login_label: 'Last login' - # twofactor_label: Two factor authentication + # twofactor_email_label: Two factor authentication by email + # twofactor_google_label: Two factor authentication by Google # save: Save # delete: Delete # delete_confirm: Are you sure? diff --git a/src/Wallabag/CoreBundle/Resources/translations/messages.de.yml b/src/Wallabag/CoreBundle/Resources/translations/messages.de.yml index c56e87b5..f2d0408f 100644 --- a/src/Wallabag/CoreBundle/Resources/translations/messages.de.yml +++ b/src/Wallabag/CoreBundle/Resources/translations/messages.de.yml @@ -99,11 +99,11 @@ config: all: 'Alle' rss_limit: 'Anzahl der Einträge pro Feed' form_user: - two_factor_description: "Wenn du die Zwei-Faktor-Authentifizierung aktivierst, erhältst du eine E-Mail mit einem Code bei jeder nicht vertrauenswürdigen Verbindung" + # two_factor_description: "Enabling two factor authentication means you'll receive an email with a code OR need to use an OTP app (like Google Authenticator) to get a one time code on every new untrusted connection. You can't choose both option." name_label: 'Name' email_label: 'E-Mail-Adresse' - twoFactorAuthentication_label: 'Zwei-Faktor-Authentifizierung' - help_twoFactorAuthentication: "Wenn du 2FA aktivierst, wirst du bei jedem Login einen Code per E-Mail bekommen." + # emailTwoFactor_label: 'Using email (receive a code by email)' + # googleTwoFactor_label: 'Using an OTP app (open the app, like Google Authenticator, to get a one time code)' delete: title: 'Lösche mein Konto (a.k.a Gefahrenzone)' description: 'Wenn du dein Konto löschst, werden ALL deine Artikel, ALL deine Tags, ALL deine Anmerkungen und dein Konto dauerhaft gelöscht (kann NICHT RÜCKGÄNGIG gemacht werden). Du wirst anschließend ausgeloggt.' @@ -533,7 +533,8 @@ user: email_label: 'E-Mail-Adresse' enabled_label: 'Aktiviert' last_login_label: 'Letzter Login' - twofactor_label: 'Zwei-Faktor-Authentifizierung' + # twofactor_email_label: Two factor authentication by email + # twofactor_google_label: Two factor authentication by Google save: 'Speichern' delete: 'Löschen' delete_confirm: 'Bist du sicher?' diff --git a/src/Wallabag/CoreBundle/Resources/translations/messages.en.yml b/src/Wallabag/CoreBundle/Resources/translations/messages.en.yml index d57cea0f..859acdc0 100644 --- a/src/Wallabag/CoreBundle/Resources/translations/messages.en.yml +++ b/src/Wallabag/CoreBundle/Resources/translations/messages.en.yml @@ -99,11 +99,11 @@ config: all: 'All' rss_limit: 'Number of items in the feed' form_user: - two_factor_description: "Enabling two factor authentication means you'll receive an email with a code on every new untrusted connection." + two_factor_description: "Enabling two factor authentication means you'll receive an email with a code OR need to use an OTP app (like Google Authenticator) to get a one time code on every new untrusted connection. You can't choose both option." name_label: 'Name' email_label: 'Email' - twoFactorAuthentication_label: 'Two factor authentication' - help_twoFactorAuthentication: "If you enable 2FA, each time you want to login to wallabag, you'll receive a code by email." + emailTwoFactor_label: 'Using email (receive a code by email)' + googleTwoFactor_label: 'Using an OTP app (open the app, like Google Authenticator, to get a one time code)' delete: title: Delete my account (a.k.a danger zone) description: If you remove your account, ALL your articles, ALL your tags, ALL your annotations and your account will be PERMANENTLY removed (it can't be UNDONE). You'll then be logged out. @@ -533,7 +533,8 @@ user: email_label: 'Email' enabled_label: 'Enabled' last_login_label: 'Last login' - twofactor_label: Two factor authentication + twofactor_email_label: Two factor authentication by email + twofactor_google_label: Two factor authentication by Google save: Save delete: Delete delete_confirm: Are you sure? diff --git a/src/Wallabag/CoreBundle/Resources/translations/messages.es.yml b/src/Wallabag/CoreBundle/Resources/translations/messages.es.yml index e1c4e221..3c3cbed4 100644 --- a/src/Wallabag/CoreBundle/Resources/translations/messages.es.yml +++ b/src/Wallabag/CoreBundle/Resources/translations/messages.es.yml @@ -99,11 +99,11 @@ config: # all: 'All' rss_limit: 'Límite de artículos en feed RSS' form_user: - two_factor_description: "Con la autenticación en dos pasos recibirá código por e-mail en cada nueva conexión que no sea de confianza." + # two_factor_description: "Enabling two factor authentication means you'll receive an email with a code OR need to use an OTP app (like Google Authenticator) to get a one time code on every new untrusted connection. You can't choose both option." name_label: 'Nombre' email_label: 'Dirección de e-mail' - twoFactorAuthentication_label: 'Autenticación en dos pasos' - help_twoFactorAuthentication: "Si activas la autenticación en dos pasos, cada vez que quieras iniciar sesión en wallabag recibirás un código por e-mail." + # emailTwoFactor_label: 'Using email (receive a code by email)' + # googleTwoFactor_label: 'Using an OTP app (open the app, like Google Authenticator, to get a one time code)' delete: title: Eliminar mi cuenta (Zona peligrosa) description: Si eliminas tu cuenta, TODOS tus artículos, TODAS tus etiquetas, TODAS tus anotaciones y tu cuenta serán eliminadas de forma PERMANENTE (no se puede deshacer). Después serás desconectado. @@ -533,7 +533,8 @@ user: email_label: 'E-mail' enabled_label: 'Activado' last_login_label: 'Último inicio de sesión' - twofactor_label: Autenticación en dos pasos + # twofactor_email_label: Two factor authentication by email + # twofactor_google_label: Two factor authentication by Google save: Guardar delete: Eliminar delete_confirm: ¿Estás seguro? diff --git a/src/Wallabag/CoreBundle/Resources/translations/messages.fa.yml b/src/Wallabag/CoreBundle/Resources/translations/messages.fa.yml index 2ede433e..ca25b390 100644 --- a/src/Wallabag/CoreBundle/Resources/translations/messages.fa.yml +++ b/src/Wallabag/CoreBundle/Resources/translations/messages.fa.yml @@ -99,11 +99,11 @@ config: # all: 'All' rss_limit: 'محدودیت آر-اس-اس' form_user: - two_factor_description: "با فعال‌کردن تأیید ۲مرحله‌ای هر بار که اتصال تأییدنشده‌ای برقرار شد، به شما یک کد از راه ایمیل فرستاده می‌شود" + # two_factor_description: "Enabling two factor authentication means you'll receive an email with a code OR need to use an OTP app (like Google Authenticator) to get a one time code on every new untrusted connection. You can't choose both option." name_label: 'نام' email_label: 'نشانی ایمیل' - twoFactorAuthentication_label: 'تأیید ۲مرحله‌ای' - # help_twoFactorAuthentication: "If you enable 2FA, each time you want to login to wallabag, you'll receive a code by email." + # emailTwoFactor_label: 'Using email (receive a code by email)' + # googleTwoFactor_label: 'Using an OTP app (open the app, like Google Authenticator, to get a one time code)' delete: # title: Delete my account (a.k.a danger zone) # description: If you remove your account, ALL your articles, ALL your tags, ALL your annotations and your account will be PERMANENTLY removed (it can't be UNDONE). You'll then be logged out. @@ -533,7 +533,8 @@ user: email_label: 'نشانی ایمیل' # enabled_label: 'Enabled' # last_login_label: 'Last login' - # twofactor_label: Two factor authentication + # twofactor_email_label: Two factor authentication by email + # twofactor_google_label: Two factor authentication by Google # save: Save # delete: Delete # delete_confirm: Are you sure? diff --git a/src/Wallabag/CoreBundle/Resources/translations/messages.fr.yml b/src/Wallabag/CoreBundle/Resources/translations/messages.fr.yml index d69ae280..b809ca32 100644 --- a/src/Wallabag/CoreBundle/Resources/translations/messages.fr.yml +++ b/src/Wallabag/CoreBundle/Resources/translations/messages.fr.yml @@ -99,11 +99,11 @@ config: all: "Tous" rss_limit: "Nombre d’articles dans le flux" form_user: - two_factor_description: "Activer l’authentification double-facteur veut dire que vous allez recevoir un code par courriel à chaque nouvelle connexion non approuvée." + two_factor_description: "Activer l’authentification double-facteur veut dire que vous allez recevoir un code par courriel OU que vous devriez utiliser une application de mot de passe à usage unique (comme Google Authenticator) pour obtenir un code temporaire à chaque nouvelle connexion non approuvée. Vous ne pouvez pas choisir les deux options." name_label: "Nom" email_label: "Adresse courriel" - twoFactorAuthentication_label: "Double authentification" - help_twoFactorAuthentication: "Si vous activez 2FA, à chaque tentative de connexion à wallabag, vous recevrez un code par email." + emailTwoFactor_label: 'En utlisant l’email (recevez un code par email)' + googleTwoFactor_label: 'En utilisant une application de mot de passe à usage unique (ouvrez l’app, comme Google Authenticator, pour obtenir un mot de passe à usage unique)' delete: title: "Supprimer mon compte (attention danger !)" description: "Si vous confirmez la suppression de votre compte, TOUS les articles, TOUS les tags, TOUTES les annotations et votre compte seront DÉFINITIVEMENT supprimé (c’est IRRÉVERSIBLE). Vous serez ensuite déconnecté." @@ -534,6 +534,8 @@ user: enabled_label: "Activé" last_login_label: "Dernière connexion" twofactor_label: "Double authentification" + twofactor_email_label: Double authentification par email + twofactor_google_label: Double authentification par Google save: "Sauvegarder" delete: "Supprimer" delete_confirm: "Êtes-vous sûr ?" diff --git a/src/Wallabag/CoreBundle/Resources/translations/messages.it.yml b/src/Wallabag/CoreBundle/Resources/translations/messages.it.yml index f16ffb6b..7279dba1 100644 --- a/src/Wallabag/CoreBundle/Resources/translations/messages.it.yml +++ b/src/Wallabag/CoreBundle/Resources/translations/messages.it.yml @@ -99,11 +99,11 @@ config: # all: 'All' rss_limit: 'Numero di elementi nel feed' form_user: - two_factor_description: "Abilitando l'autenticazione a due fattori riceverai una e-mail con un codice per ogni nuova connesione non verificata" + # two_factor_description: "Enabling two factor authentication means you'll receive an email with a code OR need to use an OTP app (like Google Authenticator) to get a one time code on every new untrusted connection. You can't choose both option." name_label: 'Nome' email_label: 'E-mail' - twoFactorAuthentication_label: 'Autenticazione a due fattori' - help_twoFactorAuthentication: "Se abiliti l'autenticazione a due fattori, ogni volta che vorrai connetterti a wallabag, riceverai un codice via E-mail." + # emailTwoFactor_label: 'Using email (receive a code by email)' + # googleTwoFactor_label: 'Using an OTP app (open the app, like Google Authenticator, to get a one time code)' delete: title: Cancella il mio account (zona pericolosa) description: Rimuovendo il tuo account, TUTTI i tuoi articoli, TUTTE le tue etichette, TUTTE le tue annotazioni ed il tuo account verranno rimossi PERMANENTEMENTE (impossibile da ANNULLARE). Verrai poi disconnesso. @@ -533,7 +533,8 @@ user: email_label: 'E-mail' enabled_label: 'Abilitato' last_login_label: 'Ultima connessione' - twofactor_label: Autenticazione a due fattori + # twofactor_email_label: Two factor authentication by email + # twofactor_google_label: Two factor authentication by Google save: Salva delete: Cancella delete_confirm: Sei sicuro? diff --git a/src/Wallabag/CoreBundle/Resources/translations/messages.oc.yml b/src/Wallabag/CoreBundle/Resources/translations/messages.oc.yml index b568fbc5..f262ba7b 100644 --- a/src/Wallabag/CoreBundle/Resources/translations/messages.oc.yml +++ b/src/Wallabag/CoreBundle/Resources/translations/messages.oc.yml @@ -99,11 +99,11 @@ config: all: 'Totes' rss_limit: "Nombre d'articles dins un flux RSS" form_user: - two_factor_description: "Activar l'autentificacion en dos temps vòl dire que recebretz un còdi per corrièl per cada novèla connexion pas aprovada." + # two_factor_description: "Enabling two factor authentication means you'll receive an email with a code OR need to use an OTP app (like Google Authenticator) to get a one time code on every new untrusted connection. You can't choose both option." name_label: 'Nom' email_label: 'Adreça de corrièl' - twoFactorAuthentication_label: 'Dobla autentificacion' - help_twoFactorAuthentication: "S'avètz activat l'autentificacion en dos temps, cada còp que volètz vos connectar a wallabag, recebretz un còdi per corrièl." + # emailTwoFactor_label: 'Using email (receive a code by email)' + # googleTwoFactor_label: 'Using an OTP app (open the app, like Google Authenticator, to get a one time code)' delete: title: Suprimir mon compte (Mèfi zòna perilhosa) description: Se confirmatz la supression de vòstre compte, TOTES vòstres articles, TOTAS vòstras etiquetas, TOTAS vòstras anotacions e vòstre compte seràn suprimits per totjorn. E aquò es IRREVERSIBLE. Puèi seretz desconnectat. @@ -533,7 +533,8 @@ user: email_label: 'Adreça de corrièl' enabled_label: 'Actiu' last_login_label: 'Darrièra connexion' - twofactor_label: 'Autentificacion doble-factor' + # twofactor_email_label: Two factor authentication by email + # twofactor_google_label: Two factor authentication by Google save: 'Enregistrar' delete: 'Suprimir' delete_confirm: 'Sètz segur ?' diff --git a/src/Wallabag/CoreBundle/Resources/translations/messages.pl.yml b/src/Wallabag/CoreBundle/Resources/translations/messages.pl.yml index b58e14f4..99c2183e 100644 --- a/src/Wallabag/CoreBundle/Resources/translations/messages.pl.yml +++ b/src/Wallabag/CoreBundle/Resources/translations/messages.pl.yml @@ -99,11 +99,11 @@ config: all: 'Wszystkie' rss_limit: 'Link do RSS' form_user: - two_factor_description: "Włączenie autoryzacji dwuetapowej oznacza, że będziesz otrzymywał maile z kodem przy każdym nowym, niezaufanym połączeniu" + two_factor_description: "Enabling two factor authentication means you'll receive an email with a code OR need to use an OTP app (like Google Authenticator) to get a one time code on every new untrusted connection. You can't choose both option." name_label: 'Nazwa' email_label: 'Adres email' - twoFactorAuthentication_label: 'Autoryzacja dwuetapowa' - help_twoFactorAuthentication: "Jeżeli włączysz autoryzację dwuetapową. Za każdym razem, kiedy będziesz chciał się zalogować, dostaniesz kod na swój e-mail." + # emailTwoFactor_label: 'Using email (receive a code by email)' + # googleTwoFactor_label: 'Using an OTP app (open the app, like Google Authenticator, to get a one time code)' delete: title: Usuń moje konto (niebezpieczna strefa !) description: Jeżeli usuniesz swoje konto, wszystkie twoje artykuły, tagi, adnotacje, oraz konto zostaną trwale usunięte (operacja jest NIEODWRACALNA). Następnie zostaniesz wylogowany. @@ -533,7 +533,8 @@ user: email_label: 'Adres email' enabled_label: 'Włączony' last_login_label: 'Ostatnie logowanie' - twofactor_label: Autoryzacja dwuetapowa + # twofactor_email_label: Two factor authentication by email + # twofactor_google_label: Two factor authentication by Google save: Zapisz delete: Usuń delete_confirm: Jesteś pewien? diff --git a/src/Wallabag/CoreBundle/Resources/translations/messages.pt.yml b/src/Wallabag/CoreBundle/Resources/translations/messages.pt.yml index add28bf7..806c2d78 100644 --- a/src/Wallabag/CoreBundle/Resources/translations/messages.pt.yml +++ b/src/Wallabag/CoreBundle/Resources/translations/messages.pt.yml @@ -99,11 +99,11 @@ config: # all: 'All' rss_limit: 'Número de itens no feed' form_user: - two_factor_description: 'Habilitar autenticação de dois passos significa que você receberá um e-mail com um código a cada nova conexão desconhecida.' + # two_factor_description: "Enabling two factor authentication means you'll receive an email with a code OR need to use an OTP app (like Google Authenticator) to get a one time code on every new untrusted connection. You can't choose both option." name_label: 'Nome' email_label: 'E-mail' - twoFactorAuthentication_label: 'Autenticação de dois passos' - # help_twoFactorAuthentication: "If you enable 2FA, each time you want to login to wallabag, you'll receive a code by email." + # emailTwoFactor_label: 'Using email (receive a code by email)' + # googleTwoFactor_label: 'Using an OTP app (open the app, like Google Authenticator, to get a one time code)' delete: # title: Delete my account (a.k.a danger zone) # description: If you remove your account, ALL your articles, ALL your tags, ALL your annotations and your account will be PERMANENTLY removed (it can't be UNDONE). You'll then be logged out. @@ -533,7 +533,8 @@ user: email_label: 'E-mail' enabled_label: 'Habilitado' last_login_label: 'Último login' - twofactor_label: 'Autenticação de dois passos' + # twofactor_email_label: Two factor authentication by email + # twofactor_google_label: Two factor authentication by Google save: 'Salvar' delete: 'Apagar' delete_confirm: 'Tem certeza?' diff --git a/src/Wallabag/CoreBundle/Resources/translations/messages.ro.yml b/src/Wallabag/CoreBundle/Resources/translations/messages.ro.yml index 6a38c4a1..ed75ed6e 100644 --- a/src/Wallabag/CoreBundle/Resources/translations/messages.ro.yml +++ b/src/Wallabag/CoreBundle/Resources/translations/messages.ro.yml @@ -99,11 +99,11 @@ config: # all: 'All' rss_limit: 'Limită RSS' form_user: - # two_factor_description: "Enabling two factor authentication means you'll receive an email with a code on every new untrusted connexion" + # two_factor_description: "Enabling two factor authentication means you'll receive an email with a code OR need to use an OTP app (like Google Authenticator) to get a one time code on every new untrusted connection. You can't choose both option." name_label: 'Nume' email_label: 'E-mail' - # twoFactorAuthentication_label: 'Two factor authentication' - # help_twoFactorAuthentication: "If you enable 2FA, each time you want to login to wallabag, you'll receive a code by email." + # emailTwoFactor_label: 'Using email (receive a code by email)' + # googleTwoFactor_label: 'Using an OTP app (open the app, like Google Authenticator, to get a one time code)' delete: # title: Delete my account (a.k.a danger zone) # description: If you remove your account, ALL your articles, ALL your tags, ALL your annotations and your account will be PERMANENTLY removed (it can't be UNDONE). You'll then be logged out. @@ -533,7 +533,8 @@ user: email_label: 'E-mail' # enabled_label: 'Enabled' # last_login_label: 'Last login' - # twofactor_label: Two factor authentication + # twofactor_email_label: Two factor authentication by email + # twofactor_google_label: Two factor authentication by Google # save: Save # delete: Delete # delete_confirm: Are you sure? diff --git a/src/Wallabag/CoreBundle/Resources/translations/messages.ru.yml b/src/Wallabag/CoreBundle/Resources/translations/messages.ru.yml index 1b7ac38a..1c6e6771 100644 --- a/src/Wallabag/CoreBundle/Resources/translations/messages.ru.yml +++ b/src/Wallabag/CoreBundle/Resources/translations/messages.ru.yml @@ -96,11 +96,11 @@ config: archive: 'архивные' rss_limit: 'Количество записей в фиде' form_user: - two_factor_description: "Включить двухфакторную аутентификацию, Вы получите сообщение на указанный email с кодом, при каждом новом непроверенном подключении." + # two_factor_description: "Enabling two factor authentication means you'll receive an email with a code OR need to use an OTP app (like Google Authenticator) to get a one time code on every new untrusted connection. You can't choose both option." name_label: 'Имя' email_label: 'Email' - twoFactorAuthentication_label: 'Двухфакторная аутентификация' - help_twoFactorAuthentication: "Если Вы включите двухфакторную аутентификацию, то Вы будете получать код на указанный ранее email, каждый раз при входе в wallabag." + # emailTwoFactor_label: 'Using email (receive a code by email)' + # googleTwoFactor_label: 'Using an OTP app (open the app, like Google Authenticator, to get a one time code)' delete: title: "Удалить мой аккаунт (или опасная зона)" description: "Если Вы удалите ваш аккаунт, ВСЕ ваши записи, теги и другие данные, будут БЕЗВОЗВРАТНО удалены (операция не может быть отменена после). Затем Вы выйдете из системы." @@ -521,7 +521,8 @@ user: email_label: 'Email' enabled_label: 'Включить' last_login_label: 'Последний вход' - twofactor_label: "Двухфакторная аутентификация" + # twofactor_email_label: Two factor authentication by email + # twofactor_google_label: Two factor authentication by Google save: "Сохранить" delete: "Удалить" delete_confirm: "Вы уверены?" diff --git a/src/Wallabag/CoreBundle/Resources/translations/messages.th.yml b/src/Wallabag/CoreBundle/Resources/translations/messages.th.yml index fe1b35be..af798943 100644 --- a/src/Wallabag/CoreBundle/Resources/translations/messages.th.yml +++ b/src/Wallabag/CoreBundle/Resources/translations/messages.th.yml @@ -99,11 +99,11 @@ config: all: 'ทั้งหมด' rss_limit: 'จำนวนไอเทมที่เก็บ' form_user: - two_factor_description: "การเปิดใช้งาน two factor authentication คือคุณจะต้องได้รับอีเมลกับ code ที่ยังไม่ตรวจสอบในการเชื่อมต่อ" + # two_factor_description: "Enabling two factor authentication means you'll receive an email with a code OR need to use an OTP app (like Google Authenticator) to get a one time code on every new untrusted connection. You can't choose both option." name_label: 'ชื่อ' email_label: 'อีเมล' - twoFactorAuthentication_label: 'Two factor authentication' - help_twoFactorAuthentication: "ถ้าคุณเปิด 2FA, ในแต่ละช่วงเวลาที่คุณต้องการลงชื่อเข้าใช wallabag, คุณจะต้องได้รับ code จากอีเมล" + # emailTwoFactor_label: 'Using email (receive a code by email)' + # googleTwoFactor_label: 'Using an OTP app (open the app, like Google Authenticator, to get a one time code)' delete: title: ลบบัญชีของฉัน (โซนที่เป็นภัย!) description: ถ้าคุณลบบัญชีของคุณIf , รายการทั้งหมดของคุณ, แท็กทั้งหมดของคุณ, หมายเหตุทั้งหมดของคุณและบัญชีของคุณจะถูกลบอย่างถาวร (มันไม่สามารถยกเลิกได้) คุณจะต้องลงชื่อออก @@ -531,7 +531,8 @@ user: email_label: 'อีเมล' enabled_label: 'เปิดใช้งาน' last_login_label: 'ลงชื้อเข้าใช้ครั้งสุดท้าย' - twofactor_label: Two factor authentication + # twofactor_email_label: Two factor authentication by email + # twofactor_google_label: Two factor authentication by Google save: บันทึก delete: ลบ delete_confirm: ตุณแน่ใจหรือไม่? diff --git a/src/Wallabag/CoreBundle/Resources/translations/messages.tr.yml b/src/Wallabag/CoreBundle/Resources/translations/messages.tr.yml index 638714e4..352a2cc4 100644 --- a/src/Wallabag/CoreBundle/Resources/translations/messages.tr.yml +++ b/src/Wallabag/CoreBundle/Resources/translations/messages.tr.yml @@ -99,11 +99,11 @@ config: # all: 'All' rss_limit: 'RSS içeriğinden talep edilecek makale limiti' form_user: - two_factor_description: "İki adımlı doğrulamayı aktifleştirdiğinizde, her yeni güvenilmeyen bağlantılarda size e-posta ile bir kod alacaksınız." + # two_factor_description: "Enabling two factor authentication means you'll receive an email with a code OR need to use an OTP app (like Google Authenticator) to get a one time code on every new untrusted connection. You can't choose both option." name_label: 'İsim' email_label: 'E-posta' - twoFactorAuthentication_label: 'İki adımlı doğrulama' - # help_twoFactorAuthentication: "If you enable 2FA, each time you want to login to wallabag, you'll receive a code by email." + # emailTwoFactor_label: 'Using email (receive a code by email)' + # googleTwoFactor_label: 'Using an OTP app (open the app, like Google Authenticator, to get a one time code)' delete: # title: Delete my account (a.k.a danger zone) # description: If you remove your account, ALL your articles, ALL your tags, ALL your annotations and your account will be PERMANENTLY removed (it can't be UNDONE). You'll then be logged out. @@ -531,7 +531,8 @@ user: email_label: 'E-posta' # enabled_label: 'Enabled' # last_login_label: 'Last login' - # twofactor_label: Two factor authentication + # twofactor_email_label: Two factor authentication by email + # twofactor_google_label: Two factor authentication by Google # save: Save # delete: Delete # delete_confirm: Are you sure? diff --git a/src/Wallabag/CoreBundle/Resources/views/themes/baggy/Config/index.html.twig b/src/Wallabag/CoreBundle/Resources/views/themes/baggy/Config/index.html.twig index bcc57dac..5c4e44dd 100644 --- a/src/Wallabag/CoreBundle/Resources/views/themes/baggy/Config/index.html.twig +++ b/src/Wallabag/CoreBundle/Resources/views/themes/baggy/Config/index.html.twig @@ -176,43 +176,36 @@
- {{ form_label(form.user.twoFactorAuthentication) }} - {{ form_errors(form.user.twoFactorAuthentication) }} - {{ form_widget(form.user.twoFactorAuthentication) }} + {{ form_label(form.user.emailTwoFactor) }} + {{ form_errors(form.user.emailTwoFactor) }} + {{ form_widget(form.user.emailTwoFactor) }}
- - live_help - +
+
+ {{ form_label(form.user.googleTwoFactor) }} + {{ form_widget(form.user.googleTwoFactor) }} + {{ form_errors(form.user.googleTwoFactor) }} +
+ {% for OTPSecret in app.session.flashbag.get('OTPSecret') %} +
+ You just enabled the OTP two factor authentication, open your OTP app and use that code to get a one time password. +
+ That code will disapear after a page reload. +

+ {{ OTPSecret.code }} +

+ Or you can scan that QR Code with your app: +
+ + + +
+ {% endfor %}
{% endif %} -

{{ 'config.reset.title'|trans }}

-
-

{{ 'config.reset.description'|trans }}

- -
- {{ form_widget(form.user._token) }} {{ form_widget(form.user.save) }} @@ -277,7 +270,7 @@ {% endfor %} - {{ form_start(form.new_tagging_rule) }} + {{ form_start(form.new_tagging_rule) }} {{ form_errors(form.new_tagging_rule) }}
@@ -382,4 +375,31 @@ + +

{{ 'config.reset.title'|trans }}

+
+

{{ 'config.reset.description'|trans }}

+ +
{% endblock %} diff --git a/src/Wallabag/CoreBundle/Resources/views/themes/material/Config/index.html.twig b/src/Wallabag/CoreBundle/Resources/views/themes/material/Config/index.html.twig index 35800989..887d154f 100644 --- a/src/Wallabag/CoreBundle/Resources/views/themes/material/Config/index.html.twig +++ b/src/Wallabag/CoreBundle/Resources/views/themes/material/Config/index.html.twig @@ -112,8 +112,7 @@ @@ -198,22 +197,38 @@ {% if twofactor_auth %} -
-
+
{{ 'config.form_user.two_factor_description'|trans }} -
- - {{ form_widget(form.user.twoFactorAuthentication) }} - {{ form_label(form.user.twoFactorAuthentication) }} - {{ form_errors(form.user.twoFactorAuthentication) }} -
-
- - live_help - +
+ {{ form_widget(form.user.emailTwoFactor) }} + {{ form_label(form.user.emailTwoFactor) }} + {{ form_errors(form.user.emailTwoFactor) }} +
+
+ {{ form_widget(form.user.googleTwoFactor) }} + {{ form_label(form.user.googleTwoFactor) }} + {{ form_errors(form.user.googleTwoFactor) }} +
-
+ + {% for OTPSecret in app.session.flashbag.get('OTPSecret') %} +
+ You just enabled the OTP two factor authentication, open your OTP app and use that code to get a one time password. +
+ That code will disapear after a page reload. +

+ {{ OTPSecret.code }} +

+ Or you can scan that QR Code with your app: +
+ + + +
+ {% endfor %} {% endif %} {{ form_widget(form.user.save, {'attr': {'class': 'btn waves-effect waves-light'}}) }} -- cgit v1.2.3