From 2db616b586f473238706e554e809086935e0f33a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Nicolas=20L=C5=93uillet?= Date: Tue, 13 Oct 2015 22:43:15 +0200 Subject: 2factor authentication via email --- src/Wallabag/UserBundle/Entity/User.php | 68 +++++++++++++++++++++- .../UserBundle/Resources/config/services.yml | 19 ++++++ .../themes/baggy/Authentication/form.html.twig | 32 ++++++++++ .../themes/material/Authentication/form.html.twig | 33 +++++++++++ 4 files changed, 151 insertions(+), 1 deletion(-) create mode 100644 src/Wallabag/UserBundle/Resources/views/themes/baggy/Authentication/form.html.twig create mode 100644 src/Wallabag/UserBundle/Resources/views/themes/material/Authentication/form.html.twig (limited to 'src/Wallabag/UserBundle') diff --git a/src/Wallabag/UserBundle/Entity/User.php b/src/Wallabag/UserBundle/Entity/User.php index 8f02e070..d2efd200 100644 --- a/src/Wallabag/UserBundle/Entity/User.php +++ b/src/Wallabag/UserBundle/Entity/User.php @@ -4,6 +4,8 @@ namespace Wallabag\UserBundle\Entity; use Doctrine\Common\Collections\ArrayCollection; use Doctrine\ORM\Mapping as ORM; +use Scheb\TwoFactorBundle\Model\Email\TwoFactorInterface; +use Scheb\TwoFactorBundle\Model\TrustedComputerInterface; use Symfony\Bridge\Doctrine\Validator\Constraints\UniqueEntity; use Symfony\Component\Security\Core\User\UserInterface; use JMS\Serializer\Annotation\ExclusionPolicy; @@ -24,7 +26,7 @@ use Wallabag\CoreBundle\Entity\Tag; * @UniqueEntity("email") * @UniqueEntity("username") */ -class User extends BaseUser +class User extends BaseUser implements TwoFactorInterface, TrustedComputerInterface { /** * @var int @@ -72,6 +74,22 @@ class User extends BaseUser */ protected $tags; + /** + * @ORM\Column(type="integer", nullable=true) + */ + private $authCode; + + /** + * @var bool Enabled yes/no + * @ORM\Column(type="boolean") + */ + private $twoFactorAuthentication = false; + + /** + * @ORM\Column(type="json_array", nullable=true) + */ + private $trusted; + public function __construct() { parent::__construct(); @@ -201,4 +219,52 @@ class User extends BaseUser { return $this->config; } + + /** + * @return bool + */ + public function isTwoFactorAuthentication() + { + return $this->twoFactorAuthentication; + } + + /** + * @param bool $twoFactorAuthentication + */ + public function setTwoFactorAuthentication($twoFactorAuthentication) + { + $this->twoFactorAuthentication = $twoFactorAuthentication; + } + + public function isEmailAuthEnabled() + { + return $this->twoFactorAuthentication; + } + + public function getEmailAuthCode() + { + return $this->authCode; + } + + public function setEmailAuthCode($authCode) + { + $this->authCode = $authCode; + } + + public function addTrustedComputer($token, \DateTime $validUntil) + { + $this->trusted[$token] = $validUntil->format('r'); + } + + public function isTrustedComputer($token) + { + if (isset($this->trusted[$token])) { + $now = new \DateTime(); + $validUntil = new \DateTime($this->trusted[$token]); + + return $now < $validUntil; + } + + return false; + } } diff --git a/src/Wallabag/UserBundle/Resources/config/services.yml b/src/Wallabag/UserBundle/Resources/config/services.yml index e69de29b..9cdd247d 100644 --- a/src/Wallabag/UserBundle/Resources/config/services.yml +++ b/src/Wallabag/UserBundle/Resources/config/services.yml @@ -0,0 +1,19 @@ +parameters: + wallabag_user.twofactor.email.provider.class: Wallabag\UserBundle\Security\TwoFactor\Email\Helper + wallabag_user.twofactor.email.interactive_login_listener.class: Wallabag\UserBundle\Security\TwoFactor\Email\InteractiveLoginListener + wallabag_user.twofactor.email.request_listener.class: Wallabag\UserBundle\Security\TwoFactor\Email\RequestListener + +services: + wallabag_user.twofactor.email.provider: + class: %wallabag_user.twofactor.email.provider.class% + arguments: ['@doctrine.orm.entity_manager', '@mailer'] + wallabag_user.twofactor.email.interactive_login_listener: + class: %wallabag_user.twofactor.email.interactive_login_listener.class% + tags: + - { name: kernel.event_listener, event: security.interactive_login, method: onSecurityInteractiveLogin } + arguments: ['@wallabag_user.twofactor.email.provider'] + wallabag_user.twofactor.email.request_listener: + class: %wallabag_user.twofactor.email.request_listener.class% + tags: + - { name: kernel.event_listener, event: kernel.request, method: onCoreRequest, priority: -1 } + arguments: ['@wallabag_user.twofactor.email.provider', '@security.context', '@templating', '@router'] diff --git a/src/Wallabag/UserBundle/Resources/views/themes/baggy/Authentication/form.html.twig b/src/Wallabag/UserBundle/Resources/views/themes/baggy/Authentication/form.html.twig new file mode 100644 index 00000000..5bb91081 --- /dev/null +++ b/src/Wallabag/UserBundle/Resources/views/themes/baggy/Authentication/form.html.twig @@ -0,0 +1,32 @@ +{% extends "WallabagUserBundle::layout.html.twig" %} + +{% block fos_user_content %} +
+
+ {% for flashMessage in app.session.flashbag.get("two_factor") %} +

{{ flashMessage|trans }}

+ {% endfor %} + +
+ + +
+ + {% if useTrustedOption %} +
+ + +
+ {% endif %} + +
+ {% trans %}Cancel{% endtrans %} + +
+
+ +
+{% endblock %} diff --git a/src/Wallabag/UserBundle/Resources/views/themes/material/Authentication/form.html.twig b/src/Wallabag/UserBundle/Resources/views/themes/material/Authentication/form.html.twig new file mode 100644 index 00000000..fa0e3dc1 --- /dev/null +++ b/src/Wallabag/UserBundle/Resources/views/themes/material/Authentication/form.html.twig @@ -0,0 +1,33 @@ +{% extends "WallabagUserBundle::layout.html.twig" %} + +{% block fos_user_content %} +
+
+
+ + {% for flashMessage in app.session.flashbag.get("two_factor") %} +

{{ flashMessage|trans }}

+ {% endfor %} + +
+ + +
+ + {% if useTrustedOption %} +
+ + +
+ {% endif %} +
+
+
+ {% trans %}Cancel{% endtrans %} + +
+
+{% endblock %} -- cgit v1.2.3