forked from wallabag/wallabag
Enable OTP 2FA
- Update SchebTwoFactorBundle to version 3
- Enable Google 2fa on the bundle
- Disallow ability to use both email and google as 2fa
- Update Ocramius Proxy Manager to handle typed function & attributes (from PHP 7)
- use `$this->addFlash` shortcut instead of `$this->get('session')->getFlashBag()->add`
- update admin to be able to create/reset the 2fa
This commit is contained in:
Jeremy Benoist
@ -176,43 +176,36 @@
|
||||
|
||||
<fieldset class="w500p inline">
|
||||
<div class="row">
|
||||
{{ form_label(form.user.twoFactorAuthentication) }}
|
||||
{{ form_errors(form.user.twoFactorAuthentication) }}
|
||||
{{ form_widget(form.user.twoFactorAuthentication) }}
|
||||
{{ form_label(form.user.emailTwoFactor) }}
|
||||
{{ form_errors(form.user.emailTwoFactor) }}
|
||||
{{ form_widget(form.user.emailTwoFactor) }}
|
||||
</div>
|
||||
<a href="#" title="{{ 'config.form_user.help_twoFactorAuthentication'|trans }}">
|
||||
<i class="material-icons">live_help</i>
|
||||
</a>
|
||||
<br/>
|
||||
<div class="row">
|
||||
{{ form_label(form.user.googleTwoFactor) }}
|
||||
{{ form_widget(form.user.googleTwoFactor) }}
|
||||
{{ form_errors(form.user.googleTwoFactor) }}
|
||||
</div>
|
||||
{% for OTPSecret in app.session.flashbag.get('OTPSecret') %}
|
||||
<div class="row">
|
||||
You just enabled the OTP two factor authentication, open your OTP app and use that code to get a one time password.
|
||||
<br/>
|
||||
That code will disapear after a page reload.
|
||||
<br/><br/>
|
||||
<strong>{{ OTPSecret.code }}</strong>
|
||||
<br/><br/>
|
||||
Or you can scan that QR Code with your app:
|
||||
<br/>
|
||||
<img id="2faQrcode" class="hide-on-med-and-down" />
|
||||
|
||||
<script>
|
||||
document.getElementById('2faQrcode').src = jrQrcode.getQrBase64('{{ OTPSecret.qrCode }}');;
|
||||
</script>
|
||||
</div>
|
||||
{% endfor %}
|
||||
</fieldset>
|
||||
{% endif %}
|
||||
|
||||
<h2>{{ 'config.reset.title'|trans }}</h2>
|
||||
<fieldset class="w500p inline">
|
||||
<p>{{ 'config.reset.description'|trans }}</p>
|
||||
<ul>
|
||||
<li>
|
||||
<a href="{{ path('config_reset', { type: 'annotations'}) }}" onclick="return confirm('{{ 'config.reset.confirm'|trans|escape('js') }}')" class="waves-effect waves-light btn red">
|
||||
{{ 'config.reset.annotations'|trans }}
|
||||
</a>
|
||||
</li>
|
||||
<li>
|
||||
<a href="{{ path('config_reset', { type: 'tags'}) }}" onclick="return confirm('{{ 'config.reset.confirm'|trans|escape('js') }}')" class="waves-effect waves-light btn red">
|
||||
{{ 'config.reset.tags'|trans }}
|
||||
</a>
|
||||
</li>
|
||||
<li>
|
||||
<a href="{{ path('config_reset', { type: 'archived'}) }}" onclick="return confirm('{{ 'config.reset.confirm'|trans|escape('js') }}')" class="waves-effect waves-light btn red">
|
||||
{{ 'config.reset.archived'|trans }}
|
||||
</a>
|
||||
</li>
|
||||
<li>
|
||||
<a href="{{ path('config_reset', { type: 'entries'}) }}" onclick="return confirm('{{ 'config.reset.confirm'|trans|escape('js') }}')" class="waves-effect waves-light btn red">
|
||||
{{ 'config.reset.entries'|trans }}
|
||||
</a>
|
||||
</li>
|
||||
</ul>
|
||||
</fieldset>
|
||||
|
||||
{{ form_widget(form.user._token) }}
|
||||
{{ form_widget(form.user.save) }}
|
||||
</form>
|
||||
@ -277,7 +270,7 @@
|
||||
{% endfor %}
|
||||
</ul>
|
||||
|
||||
{{ form_start(form.new_tagging_rule) }}
|
||||
{{ form_start(form.new_tagging_rule) }}
|
||||
{{ form_errors(form.new_tagging_rule) }}
|
||||
|
||||
<fieldset class="w500p inline">
|
||||
@ -382,4 +375,31 @@
|
||||
</table>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<h2>{{ 'config.reset.title'|trans }}</h2>
|
||||
<fieldset class="w500p inline">
|
||||
<p>{{ 'config.reset.description'|trans }}</p>
|
||||
<ul>
|
||||
<li>
|
||||
<a href="{{ path('config_reset', { type: 'annotations'}) }}" onclick="return confirm('{{ 'config.reset.confirm'|trans|escape('js') }}')" class="waves-effect waves-light btn red">
|
||||
{{ 'config.reset.annotations'|trans }}
|
||||
</a>
|
||||
</li>
|
||||
<li>
|
||||
<a href="{{ path('config_reset', { type: 'tags'}) }}" onclick="return confirm('{{ 'config.reset.confirm'|trans|escape('js') }}')" class="waves-effect waves-light btn red">
|
||||
{{ 'config.reset.tags'|trans }}
|
||||
</a>
|
||||
</li>
|
||||
<li>
|
||||
<a href="{{ path('config_reset', { type: 'archived'}) }}" onclick="return confirm('{{ 'config.reset.confirm'|trans|escape('js') }}')" class="waves-effect waves-light btn red">
|
||||
{{ 'config.reset.archived'|trans }}
|
||||
</a>
|
||||
</li>
|
||||
<li>
|
||||
<a href="{{ path('config_reset', { type: 'entries'}) }}" onclick="return confirm('{{ 'config.reset.confirm'|trans|escape('js') }}')" class="waves-effect waves-light btn red">
|
||||
{{ 'config.reset.entries'|trans }}
|
||||
</a>
|
||||
</li>
|
||||
</ul>
|
||||
</fieldset>
|
||||
{% endblock %}
|
||||
|
||||
@ -112,8 +112,7 @@
|
||||
<img id="androidQrcode" class="hide-on-med-and-down" />
|
||||
</div>
|
||||
<script>
|
||||
const imgBase64 = jrQrcode.getQrBase64('wallabag://{{ app.user.username }}@{{ wallabag_url }}');
|
||||
document.getElementById('androidQrcode').src = imgBase64;
|
||||
document.getElementById('androidQrcode').src = jrQrcode.getQrBase64('wallabag://{{ app.user.username }}@{{ wallabag_url }}');;
|
||||
</script>
|
||||
</div>
|
||||
|
||||
@ -198,22 +197,38 @@
|
||||
</div>
|
||||
|
||||
{% if twofactor_auth %}
|
||||
<div class="row">
|
||||
<div class="input-field col s11">
|
||||
<div class="row">
|
||||
{{ 'config.form_user.two_factor_description'|trans }}
|
||||
|
||||
<br />
|
||||
<div class="input-field col s11">
|
||||
{{ form_widget(form.user.emailTwoFactor) }}
|
||||
{{ form_label(form.user.emailTwoFactor) }}
|
||||
{{ form_errors(form.user.emailTwoFactor) }}
|
||||
</div>
|
||||
<div class="input-field col s11">
|
||||
{{ form_widget(form.user.googleTwoFactor) }}
|
||||
{{ form_label(form.user.googleTwoFactor) }}
|
||||
{{ form_errors(form.user.googleTwoFactor) }}
|
||||
</div>
|
||||
</div>
|
||||
|
||||
{{ form_widget(form.user.twoFactorAuthentication) }}
|
||||
{{ form_label(form.user.twoFactorAuthentication) }}
|
||||
{{ form_errors(form.user.twoFactorAuthentication) }}
|
||||
</div>
|
||||
<div class="input-field col s1">
|
||||
<a href="#" class="tooltipped" data-position="left" data-delay="50" data-tooltip="{{ 'config.form_user.help_twoFactorAuthentication'|trans }}">
|
||||
<i class="material-icons">live_help</i>
|
||||
</a>
|
||||
</div>
|
||||
</div>
|
||||
{% for OTPSecret in app.session.flashbag.get('OTPSecret') %}
|
||||
<div class="card-panel yellow darken-1 black-text">
|
||||
You just enabled the OTP two factor authentication, open your OTP app and use that code to get a one time password.
|
||||
<br/>
|
||||
That code will disapear after a page reload.
|
||||
<br/><br/>
|
||||
<strong>{{ OTPSecret.code }}</strong>
|
||||
<br/><br/>
|
||||
Or you can scan that QR Code with your app:
|
||||
<br/>
|
||||
<img id="2faQrcode" class="hide-on-med-and-down" />
|
||||
|
||||
<script>
|
||||
document.getElementById('2faQrcode').src = jrQrcode.getQrBase64('{{ OTPSecret.qrCode }}');;
|
||||
</script>
|
||||
</div>
|
||||
{% endfor %}
|
||||
{% endif %}
|
||||
|
||||
{{ form_widget(form.user.save, {'attr': {'class': 'btn waves-effect waves-light'}}) }}
|
||||
|
||||
Reference in New Issue
Block a user