forked from wallabag/wallabag
Merge pull request #1484 from wallabag/v2-2factor-auth
2factor authentication via email
This commit is contained in:
Jeremy Benoist
@ -13,6 +13,7 @@ class UserInformationType extends AbstractType
|
||||
$builder
|
||||
->add('name', 'text')
|
||||
->add('email', 'email')
|
||||
->add('twoFactorAuthentication', 'checkbox', array('required' => false))
|
||||
->add('save', 'submit')
|
||||
->remove('username')
|
||||
->remove('plainPassword')
|
||||
|
||||
@ -100,6 +100,16 @@
|
||||
</div>
|
||||
</fieldset>
|
||||
|
||||
{% if twofactor_auth %}
|
||||
<fieldset class="w500p inline">
|
||||
<div class="row">
|
||||
{{ form_label(form.user.twoFactorAuthentication) }}
|
||||
{{ form_errors(form.user.twoFactorAuthentication) }}
|
||||
{{ form_widget(form.user.twoFactorAuthentication) }}
|
||||
</div>
|
||||
</fieldset>
|
||||
{% endif %}
|
||||
|
||||
{{ form_rest(form.user) }}
|
||||
</form>
|
||||
|
||||
|
||||
@ -132,6 +132,16 @@
|
||||
</div>
|
||||
</div>
|
||||
|
||||
{% if twofactor_auth %}
|
||||
<div class="row">
|
||||
<div class="input-field col s12">
|
||||
{{ form_widget(form.user.twoFactorAuthentication) }}
|
||||
{{ form_label(form.user.twoFactorAuthentication) }}
|
||||
{{ form_errors(form.user.twoFactorAuthentication) }}
|
||||
</div>
|
||||
</div>
|
||||
{% endif %}
|
||||
|
||||
<div class="hidden">{{ form_rest(form.user) }}</div>
|
||||
<button class="btn waves-effect waves-light" type="submit" name="action">
|
||||
{% trans %}Save{% endtrans %}
|
||||
|
||||
@ -0,0 +1,64 @@
|
||||
<?php
|
||||
|
||||
namespace Wallabag\CoreBundle\Tests\Controller;
|
||||
|
||||
use Wallabag\CoreBundle\Tests\WallabagCoreTestCase;
|
||||
|
||||
class SecurityControllerTest extends WallabagCoreTestCase
|
||||
{
|
||||
public function testLoginWithout2Factor()
|
||||
{
|
||||
$this->logInAs('admin');
|
||||
$client = $this->getClient();
|
||||
$client->followRedirects();
|
||||
|
||||
$client->request('GET', '/config');
|
||||
$this->assertContains('RSS', $client->getResponse()->getContent());
|
||||
}
|
||||
|
||||
public function testLoginWith2Factor()
|
||||
{
|
||||
$client = $this->getClient();
|
||||
|
||||
if ($client->getContainer()->getParameter('twofactor_auth')) {
|
||||
$client->followRedirects();
|
||||
|
||||
$em = $client->getContainer()->get('doctrine.orm.entity_manager');
|
||||
$user = $em
|
||||
->getRepository('WallabagUserBundle:User')
|
||||
->findOneByUsername('admin');
|
||||
$user->setTwoFactorAuthentication(true);
|
||||
$em->persist($user);
|
||||
$em->flush();
|
||||
|
||||
$this->logInAs('admin');
|
||||
$client->request('GET', '/config');
|
||||
$this->assertContains('trusted computer', $client->getResponse()->getContent());
|
||||
|
||||
// restore user
|
||||
$user = $em
|
||||
->getRepository('WallabagUserBundle:User')
|
||||
->findOneByUsername('admin');
|
||||
$user->setTwoFactorAuthentication(false);
|
||||
$em->persist($user);
|
||||
$em->flush();
|
||||
}
|
||||
}
|
||||
|
||||
public function testTrustedComputer()
|
||||
{
|
||||
$client = $this->getClient();
|
||||
|
||||
if ($client->getContainer()->getParameter('twofactor_auth')) {
|
||||
$em = $client->getContainer()->get('doctrine.orm.entity_manager');
|
||||
$user = $em
|
||||
->getRepository('WallabagUserBundle:User')
|
||||
->findOneByUsername('admin');
|
||||
|
||||
$date = new \DateTime();
|
||||
$user->addTrustedComputer('ABCDEF', $date->add(new \DateInterval('P1M')));
|
||||
$this->assertTrue($user->isTrustedComputer('ABCDEF'));
|
||||
$this->assertFalse($user->isTrustedComputer('FEDCBA'));
|
||||
}
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user