mirrors/wallabag
1
0
Fork 0
mirror of https://github.com/wallabag/wallabag.git synced 2024-11-23 09:31:04 +00:00
Code Issues Projects Releases Wiki Activity

Merge pull request #6723 from wallabag/remove-2fa-parameter

Browse source 
Remove `twofactor_auth` parameter
This commit is contained in:
Nicolas Lœuillet 2023-07-17 13:39:48 +02:00 committed by GitHub
commit 11617ca7e1
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
8 changed files with 36 additions and 78 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
app/config/config.yml
View file

@ -201,15 +201,15 @@ scheb_two_factor:
lifetime: 2592000 lifetime: 2592000
backup_codes: backup_codes:
enabled: "%twofactor_auth%" enabled: true
google: google:
enabled: "%twofactor_auth%" enabled: true
issuer: "%server_name%" issuer: "%server_name%"
template: "@WallabagUser/Authentication/form.html.twig" template: "@WallabagUser/Authentication/form.html.twig"
email: email:
enabled: "%twofactor_auth%" enabled: true
sender_email: "%twofactor_sender%" sender_email: "%twofactor_sender%"
digits: 6 digits: 6
template: "@WallabagUser/Authentication/form.html.twig" template: "@WallabagUser/Authentication/form.html.twig"

1
app/config/parameters.yml.dist
View file

@ -34,7 +34,6 @@ parameters:
secret: CHANGE_ME_TO_SOMETHING_SECRET_AND_RANDOM secret: CHANGE_ME_TO_SOMETHING_SECRET_AND_RANDOM
# two factor stuff # two factor stuff
twofactor_auth: true
twofactor_sender: no-reply@wallabag.org twofactor_sender: no-reply@wallabag.org
# fosuser stuff # fosuser stuff

1
docker/php/config/parameters.yml
View file

@ -22,7 +22,6 @@ parameters:
secret: ${SECRET:-~} secret: ${SECRET:-~}
# two factor stuff # two factor stuff
twofactor_auth: ${TWOFACTOR_AUTH:-true}
twofactor_sender: ${TWOFACTOR_SENDER:-no-reply@wallabag.org} twofactor_sender: ${TWOFACTOR_SENDER:-no-reply@wallabag.org}
# fosuser stuff # fosuser stuff

21
src/Wallabag/CoreBundle/Controller/ConfigController.php
View file

@ -246,7 +246,6 @@ class ConfigController extends AbstractController
'username' => $user->getUsername(), 'username' => $user->getUsername(),
'token' => $config->getFeedToken(), 'token' => $config->getFeedToken(),
], ],
'twofactor_auth' => $this->getParameter('twofactor_auth'),
'wallabag_url' => $this->getParameter('domain_name'), 'wallabag_url' => $this->getParameter('domain_name'),
'enabled_users' => $userRepository->getSumEnabledUsers(), 'enabled_users' => $userRepository->getSumEnabledUsers(),
]); ]);
@ -259,10 +258,6 @@ class ConfigController extends AbstractController
*/ */
public function disableOtpEmailAction() public function disableOtpEmailAction()
{ {
if (!$this->getParameter('twofactor_auth')) {
return $this->createNotFoundException('two_factor not enabled');
}
$user = $this->getUser(); $user = $this->getUser();
$user->setEmailTwoFactor(false); $user->setEmailTwoFactor(false);
@ -283,10 +278,6 @@ class ConfigController extends AbstractController
*/ */
public function otpEmailAction() public function otpEmailAction()
{ {
if (!$this->getParameter('twofactor_auth')) {
return $this->createNotFoundException('two_factor not enabled');
}
$user = $this->getUser(); $user = $this->getUser();
$user->setGoogleAuthenticatorSecret(null); $user->setGoogleAuthenticatorSecret(null);
@ -310,10 +301,6 @@ class ConfigController extends AbstractController
*/ */
public function disableOtpAppAction() public function disableOtpAppAction()
{ {
if (!$this->getParameter('twofactor_auth')) {
return $this->createNotFoundException('two_factor not enabled');
}
$user = $this->getUser(); $user = $this->getUser();
$user->setGoogleAuthenticatorSecret(''); $user->setGoogleAuthenticatorSecret('');
@ -336,10 +323,6 @@ class ConfigController extends AbstractController
*/ */
public function otpAppAction(GoogleAuthenticatorInterface $googleAuthenticator) public function otpAppAction(GoogleAuthenticatorInterface $googleAuthenticator)
{ {
if (!$this->getParameter('twofactor_auth')) {
return $this->createNotFoundException('two_factor not enabled');
}
$user = $this->getUser(); $user = $this->getUser();
$secret = $googleAuthenticator->generateSecret(); $secret = $googleAuthenticator->generateSecret();
@ -377,10 +360,6 @@ class ConfigController extends AbstractController
*/ */
public function otpAppCancelAction() public function otpAppCancelAction()
{ {
if (!$this->getParameter('twofactor_auth')) {
return $this->createNotFoundException('two_factor not enabled');
}
$user = $this->getUser(); $user = $this->getUser();
$user->setGoogleAuthenticatorSecret(null); $user->setGoogleAuthenticatorSecret(null);
$user->setBackupCodes(null); $user->setBackupCodes(null);

56
src/Wallabag/CoreBundle/Resources/views/Config/index.html.twig
View file

@ -209,38 +209,36 @@
{{ form_widget(form.user.save, {'attr': {'class': 'btn waves-effect waves-light'}}) }} {{ form_widget(form.user.save, {'attr': {'class': 'btn waves-effect waves-light'}}) }}
{% if twofactor_auth %} <br/>
<br/> <br/>
<br/> <div class="row">
<div class="row"> <h5>{{ 'config.otp.page_title'|trans }}</h5>
<h5>{{ 'config.otp.page_title'|trans }}</h5>
<p>{{ 'config.form_user.two_factor_description'|trans }}</p> <p>{{ 'config.form_user.two_factor_description'|trans }}</p>
<table> <table>
<thead> <thead>
<tr> <tr>
<th>{{ 'config.form_user.two_factor.table_method'|trans }}</th> <th>{{ 'config.form_user.two_factor.table_method'|trans }}</th>
<th>{{ 'config.form_user.two_factor.table_state'|trans }}</th> <th>{{ 'config.form_user.two_factor.table_state'|trans }}</th>
<th>{{ 'config.form_user.two_factor.table_action'|trans }}</th> <th>{{ 'config.form_user.two_factor.table_action'|trans }}</th>
</tr> </tr>
</thead> </thead>
<tbody> <tbody>
<tr> <tr>
<td>{{ 'config.form_user.two_factor.emailTwoFactor_label'|trans }}</td> <td>{{ 'config.form_user.two_factor.emailTwoFactor_label'|trans }}</td>
<td>{% if app.user.isEmailTwoFactor %}<b>{{ 'config.form_user.two_factor.state_enabled'|trans }}</b>{% else %}{{ 'config.form_user.two_factor.state_disabled'|trans }}{% endif %}</td> <td>{% if app.user.isEmailTwoFactor %}<b>{{ 'config.form_user.two_factor.state_enabled'|trans }}</b>{% else %}{{ 'config.form_user.two_factor.state_disabled'|trans }}{% endif %}</td>
<td><a href="{{ path('config_otp_email') }}" class="waves-effect waves-light btn{% if app.user.isEmailTwoFactor %} disabled{% endif %}">{{ 'config.form_user.two_factor.action_email'|trans }}</a> {% if app.user.isEmailTwoFactor %}<a href="{{ path('disable_otp_email') }}" class="waves-effect waves-light btn red">Disable</a>{% endif %}</td> <td><a href="{{ path('config_otp_email') }}" class="waves-effect waves-light btn{% if app.user.isEmailTwoFactor %} disabled{% endif %}">{{ 'config.form_user.two_factor.action_email'|trans }}</a> {% if app.user.isEmailTwoFactor %}<a href="{{ path('disable_otp_email') }}" class="waves-effect waves-light btn red">Disable</a>{% endif %}</td>
</tr> </tr>
<tr> <tr>
<td>{{ 'config.form_user.two_factor.googleTwoFactor_label'|trans }}</td> <td>{{ 'config.form_user.two_factor.googleTwoFactor_label'|trans }}</td>
<td>{% if app.user.isGoogleTwoFactor %}<b>{{ 'config.form_user.two_factor.state_enabled'|trans }}</b>{% else %}{{ 'config.form_user.two_factor.state_disabled'|trans }}{% endif %}</td> <td>{% if app.user.isGoogleTwoFactor %}<b>{{ 'config.form_user.two_factor.state_enabled'|trans }}</b>{% else %}{{ 'config.form_user.two_factor.state_disabled'|trans }}{% endif %}</td>
<td><a href="{{ path('config_otp_app') }}" class="waves-effect waves-light btn{% if app.user.isGoogleTwoFactor %} disabled{% endif %}">{{ 'config.form_user.two_factor.action_app'|trans }}</a> {% if app.user.isGoogleTwoFactor %}<a href="{{ path('disable_otp_app') }}" class="waves-effect waves-light btn red">Disable</a>{% endif %}</td> <td><a href="{{ path('config_otp_app') }}" class="waves-effect waves-light btn{% if app.user.isGoogleTwoFactor %} disabled{% endif %}">{{ 'config.form_user.two_factor.action_app'|trans }}</a> {% if app.user.isGoogleTwoFactor %}<a href="{{ path('disable_otp_app') }}" class="waves-effect waves-light btn red">Disable</a>{% endif %}</td>
</tr> </tr>
</tbody> </tbody>
</table> </table>
</div> </div>
{% endif %}
{{ form_widget(form.user._token) }} {{ form_widget(form.user._token) }}
</form> </form>
</div> </div>

15
src/Wallabag/UserBundle/Controller/ManageController.php
View file

@ -85,19 +85,17 @@ class ManageController extends AbstractController
$form->handleRequest($request); $form->handleRequest($request);
// `googleTwoFactor` isn't a field within the User entity, we need to define it's value in a different way // `googleTwoFactor` isn't a field within the User entity, we need to define it's value in a different way
if ($this->getParameter('twofactor_auth') && true === $user->isGoogleAuthenticatorEnabled() && false === $form->isSubmitted()) { if (true === $user->isGoogleAuthenticatorEnabled() && false === $form->isSubmitted()) {
$form->get('googleTwoFactor')->setData(true); $form->get('googleTwoFactor')->setData(true);
} }
if ($form->isSubmitted() && $form->isValid()) { if ($form->isSubmitted() && $form->isValid()) {
// handle creation / reset of the OTP secret if checkbox changed from the previous state // handle creation / reset of the OTP secret if checkbox changed from the previous state
if ($this->getParameter('twofactor_auth')) { if (true === $form->get('googleTwoFactor')->getData() && false === $user->isGoogleAuthenticatorEnabled()) {
if (true === $form->get('googleTwoFactor')->getData() && false === $user->isGoogleAuthenticatorEnabled()) { $user->setGoogleAuthenticatorSecret($googleAuthenticator->generateSecret());
$user->setGoogleAuthenticatorSecret($googleAuthenticator->generateSecret()); $user->setEmailTwoFactor(false);
$user->setEmailTwoFactor(false); } elseif (false === $form->get('googleTwoFactor')->getData() && true === $user->isGoogleAuthenticatorEnabled()) {
} elseif (false === $form->get('googleTwoFactor')->getData() && true === $user->isGoogleAuthenticatorEnabled()) { $user->setGoogleAuthenticatorSecret(null);
$user->setGoogleAuthenticatorSecret(null);
}
} }
$userManager->updateUser($user); $userManager->updateUser($user);
@ -114,7 +112,6 @@ class ManageController extends AbstractController
'user' => $user, 'user' => $user,
'edit_form' => $form->createView(), 'edit_form' => $form->createView(),
'delete_form' => $deleteForm->createView(), 'delete_form' => $deleteForm->createView(),
'twofactor_auth' => $this->getParameter('twofactor_auth'),
]); ]);
} }

2
src/Wallabag/UserBundle/Resources/views/Manage/edit.html.twig
View file

@ -47,7 +47,6 @@
</div> </div>
</div> </div>
{% if twofactor_auth %}
<div class="row"> <div class="row">
<div class="input-field col s12"> <div class="input-field col s12">
{{ form_widget(edit_form.emailTwoFactor) }} {{ form_widget(edit_form.emailTwoFactor) }}
@ -60,7 +59,6 @@
{{ form_errors(edit_form.googleTwoFactor) }} {{ form_errors(edit_form.googleTwoFactor) }}
</div> </div>
</div> </div>
{% endif %}
<br/> <br/>

12
tests/Wallabag/CoreBundle/Controller/SecurityControllerTest.php
View file

@ -32,12 +32,6 @@ class SecurityControllerTest extends WallabagCoreTestCase
{ {
$client = $this->getTestClient(); $client = $this->getTestClient();
if (!$client->getContainer()->getParameter('twofactor_auth')) {
$this->markTestSkipped('twofactor_auth is not enabled.');
return;
}
$client->followRedirects(); $client->followRedirects();
$em = $client->getContainer()->get(EntityManagerInterface::class); $em = $client->getContainer()->get(EntityManagerInterface::class);
@ -65,12 +59,6 @@ class SecurityControllerTest extends WallabagCoreTestCase
{ {
$client = $this->getTestClient(); $client = $this->getTestClient();
if (!$client->getContainer()->getParameter('twofactor_auth')) {
$this->markTestSkipped('twofactor_auth is not enabled.');
return;
}
$client->followRedirects(); $client->followRedirects();
$em = $client->getContainer()->get(EntityManagerInterface::class); $em = $client->getContainer()->get(EntityManagerInterface::class);