Merge pull request #1484 from wallabag/v2-2factor-auth

2factor authentication via email
This commit is contained in:
Jeremy Benoist 2015-10-15 13:52:52 +02:00
commit 3d3ed955f1
15 changed files with 451 additions and 111 deletions

View file

@ -28,6 +28,7 @@ class AppKernel extends Kernel
new Lexik\Bundle\FormFilterBundle\LexikFormFilterBundle(),
new FOS\OAuthServerBundle\FOSOAuthServerBundle(),
new Wallabag\UserBundle\WallabagUserBundle(),
new Scheb\TwoFactorBundle\SchebTwoFactorBundle(),
);
if (in_array($this->getEnvironment(), array('dev', 'test'))) {

View file

@ -45,6 +45,7 @@ twig:
export_mobi: %export_mobi%
export_pdf: %export_pdf%
version: %app.version%
twofactor_auth: %twofactor_auth%
warning_message: %warning_message%
paypal_url: "https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=9UBA65LG3FX9Y&lc=gb"
flattr_url: "https://flattr.com/thing/1265480"
@ -171,3 +172,15 @@ fos_oauth_server:
auth_code_class: Wallabag\ApiBundle\Entity\AuthCode
service:
user_provider: fos_user.user_manager
scheb_two_factor:
trusted_computer:
enabled: true
cookie_name: wllbg_trusted_computer
cookie_lifetime: 2592000
email:
enabled: %twofactor_auth%
sender_email: %twofactor_sender%
digits: 6
template: WallabagUserBundle:Authentication:form.html.twig

View file

@ -29,6 +29,8 @@ parameters:
# wallabag misc
app.version: 2.0.0-alpha
twofactor_auth: true
twofactor_sender: no-reply@wallabag.org
# message to display at the bottom of the page
warning_message: >

View file

@ -29,6 +29,8 @@ parameters:
# wallabag misc
app.version: 2.0.0-alpha
twofactor_auth: true
twofactor_sender: no-reply@wallabag.org
# message to display at the bottom of the page
warning_message: >

View file

@ -29,6 +29,8 @@ parameters:
# wallabag misc
app.version: 2.0.0-alpha
twofactor_auth: true
twofactor_sender: no-reply@wallabag.org
# message to display at the bottom of the page
warning_message: >

View file

@ -29,6 +29,8 @@ parameters:
# wallabag misc
app.version: 2.0.0-alpha
twofactor_auth: true
twofactor_sender: no-reply@wallabag.org
# message to display at the bottom of the page
warning_message: >

View file

@ -54,7 +54,8 @@
"lexik/form-filter-bundle": "~4.0",
"j0k3r/graby": "~1.0",
"friendsofsymfony/user-bundle": "dev-master",
"friendsofsymfony/oauth-server-bundle": "^1.4@dev"
"friendsofsymfony/oauth-server-bundle": "^1.4@dev",
"scheb/two-factor-bundle": "~1.4"
},
"require-dev": {
"doctrine/doctrine-fixtures-bundle": "~2.2.0",

319
composer.lock generated
View file

@ -4,7 +4,7 @@
"Read more about it at https://getcomposer.org/doc/01-basic-usage.md#composer-lock-the-lock-file",
"This file is @generated automatically"
],
"hash": "7c1f2c88df608eb6e1b4bc7c5ed24acc",
"hash": "7fb67fafde0e24c1802714a2a47da5e1",
"packages": [
{
"name": "doctrine/annotations",
@ -812,52 +812,6 @@
],
"time": "2015-08-05 01:03:42"
},
{
"name": "fin1te/safecurl",
"version": "v1.1",
"source": {
"type": "git",
"url": "https://github.com/fin1te/safecurl.git",
"reference": "98aae75a1f4f8dec2194ce889d418d16c3c877e4"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/fin1te/safecurl/zipball/98aae75a1f4f8dec2194ce889d418d16c3c877e4",
"reference": "98aae75a1f4f8dec2194ce889d418d16c3c877e4",
"shasum": ""
},
"require": {
"php": ">=5.3.0"
},
"require-dev": {
"phpunit/phpunit": "3.7.*"
},
"type": "library",
"autoload": {
"psr-0": {
"fin1te\\SafeCurl": "src/"
}
},
"notification-url": "https://packagist.org/downloads/",
"license": [
"MIT"
],
"authors": [
{
"name": "Jack W",
"email": "jack@fin1te.net"
}
],
"description": "A drop-in replacement for 'curl_exec', designed to prevent SSRF attacks.",
"keywords": [
"curl",
"safe",
"safecurl",
"ssrf",
"websec"
],
"time": "2014-05-20 12:10:12"
},
{
"name": "friendsofsymfony/oauth-server-bundle",
"version": "1.4.2",
@ -1390,24 +1344,24 @@
},
{
"name": "j0k3r/graby",
"version": "1.0.0-alpha.2",
"version": "1.0.1",
"source": {
"type": "git",
"url": "https://github.com/j0k3r/graby.git",
"reference": "9cc399bbe70f12b302ea65e604a80ea738042599"
"reference": "f1d655bb680eded0dde8cf26fae1e931f69b6b12"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/j0k3r/graby/zipball/9cc399bbe70f12b302ea65e604a80ea738042599",
"reference": "9cc399bbe70f12b302ea65e604a80ea738042599",
"url": "https://api.github.com/repos/j0k3r/graby/zipball/f1d655bb680eded0dde8cf26fae1e931f69b6b12",
"reference": "f1d655bb680eded0dde8cf26fae1e931f69b6b12",
"shasum": ""
},
"require": {
"fin1te/safecurl": "~1.1",
"guzzlehttp/guzzle": "^5.2.0",
"htmlawed/htmlawed": "^1.1.19",
"j0k3r/graby-site-config": "^1.0.0",
"j0k3r/php-readability": "^1.0",
"j0k3r/safecurl": "1.1.1",
"monolog/monolog": "^1.13.1",
"neitanod/forceutf8": "^1.4",
"php": ">=5.4",
@ -1438,20 +1392,20 @@
}
],
"description": "Graby helps you extract article content from web pages",
"time": "2015-09-17 11:43:10"
"time": "2015-10-01 18:39:53"
},
{
"name": "j0k3r/graby-site-config",
"version": "1.0.3",
"version": "1.0.4",
"source": {
"type": "git",
"url": "https://github.com/j0k3r/graby-site-config.git",
"reference": "1b0ac25687aa33785c5d9d8ede92b26f757354f5"
"reference": "cf088ca2100eeec3f230cc187a5b489e61fe97f1"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/j0k3r/graby-site-config/zipball/1b0ac25687aa33785c5d9d8ede92b26f757354f5",
"reference": "1b0ac25687aa33785c5d9d8ede92b26f757354f5",
"url": "https://api.github.com/repos/j0k3r/graby-site-config/zipball/cf088ca2100eeec3f230cc187a5b489e61fe97f1",
"reference": "cf088ca2100eeec3f230cc187a5b489e61fe97f1",
"shasum": ""
},
"require": {
@ -1474,7 +1428,7 @@
}
],
"description": "Graby site config files",
"time": "2015-09-17 17:32:42"
"time": "2015-10-06 07:07:37"
},
{
"name": "j0k3r/php-readability",
@ -1539,6 +1493,54 @@
],
"time": "2015-09-23 19:09:38"
},
{
"name": "j0k3r/safecurl",
"version": "v1.1.1",
"source": {
"type": "git",
"url": "https://github.com/j0k3r/safecurl.git",
"reference": "3e8594a944ede2b74f3e24e371f2770bbfed6aa5"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/j0k3r/safecurl/zipball/3e8594a944ede2b74f3e24e371f2770bbfed6aa5",
"reference": "3e8594a944ede2b74f3e24e371f2770bbfed6aa5",
"shasum": ""
},
"require": {
"php": ">=5.3.0"
},
"type": "library",
"autoload": {
"psr-0": {
"fin1te\\SafeCurl": "src/"
}
},
"notification-url": "https://packagist.org/downloads/",
"license": [
"MIT"
],
"authors": [
{
"name": "Jeremy Benoist",
"email": "jeremy.benoist@gmail.com"
},
{
"name": "Jack W",
"email": "jack@fin1te.net",
"role": "Developer (original version)"
}
],
"description": "A drop-in replacement for 'curl_exec', designed to prevent SSRF attacks.",
"keywords": [
"curl",
"safe",
"safecurl",
"ssrf",
"websec"
],
"time": "2015-10-01 18:30:41"
},
{
"name": "jdorn/sql-formatter",
"version": "v1.2.17",
@ -2596,6 +2598,55 @@
"description": "A lightweight implementation of CommonJS Promises/A for PHP",
"time": "2015-07-03 13:48:55"
},
{
"name": "scheb/two-factor-bundle",
"version": "v1.4.7",
"source": {
"type": "git",
"url": "https://github.com/scheb/two-factor-bundle.git",
"reference": "ef6830dbbf62b22efd335db8f64bf0f51d4284a2"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/scheb/two-factor-bundle/zipball/ef6830dbbf62b22efd335db8f64bf0f51d4284a2",
"reference": "ef6830dbbf62b22efd335db8f64bf0f51d4284a2",
"shasum": ""
},
"require": {
"sonata-project/google-authenticator": "~1.0",
"symfony/symfony": "~2.1"
},
"require-dev": {
"satooshi/php-coveralls": "~0.6",
"swiftmailer/swiftmailer": ">=4.3, <6.0",
"symfony/phpunit-bridge": "~2.7"
},
"type": "symfony-bundle",
"autoload": {
"psr-4": {
"Scheb\\TwoFactorBundle\\": ""
}
},
"notification-url": "https://packagist.org/downloads/",
"license": [
"MIT"
],
"authors": [
{
"name": "Christian Scheb",
"email": "me@christianscheb.de"
}
],
"description": "Provides two-factor authenticaton for Symfony2",
"homepage": "https://github.com/scheb/two-factor-bundle",
"keywords": [
"Authentication",
"Symfony2",
"two-factor",
"two-step"
],
"time": "2015-08-25 19:58:00"
},
{
"name": "sensio/distribution-bundle",
"version": "v3.0.31",
@ -2852,6 +2903,56 @@
"homepage": "http://www.pdfparser.org",
"time": "2015-09-18 08:29:33"
},
{
"name": "sonata-project/google-authenticator",
"version": "1.0.2",
"source": {
"type": "git",
"url": "https://github.com/sonata-project/GoogleAuthenticator.git",
"reference": "72f47caddd09d09c0d3c3e046f6b435e0c004cd4"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/sonata-project/GoogleAuthenticator/zipball/72f47caddd09d09c0d3c3e046f6b435e0c004cd4",
"reference": "72f47caddd09d09c0d3c3e046f6b435e0c004cd4",
"shasum": ""
},
"require": {
"php": ">=5.3.0"
},
"type": "library",
"autoload": {
"psr-4": {
"Google\\Authenticator\\": "lib/",
"Google\\Authenticator\\Tests\\": "tests/"
}
},
"notification-url": "https://packagist.org/downloads/",
"license": [
"MIT"
],
"authors": [
{
"name": "Thomas Rabaix",
"email": "thomas.rabaix@gmail.com",
"homepage": "http://sonata-project.org/"
},
{
"name": "Christian Stocker",
"email": "me@chregu.tv"
},
{
"name": "Andre DeMarre",
"homepage": "http://www.devnetwork.net/viewtopic.php?f=50&t=94989"
}
],
"description": "Library to integrate Google Authenticator into a PHP project",
"homepage": "https://github.com/sonata-project/GoogleAuthenticator",
"keywords": [
"google authenticator"
],
"time": "2014-03-31 09:18:53"
},
{
"name": "swiftmailer/swiftmailer",
"version": "v5.4.1",
@ -2977,34 +3078,34 @@
},
{
"name": "symfony/monolog-bundle",
"version": "v2.7.1",
"version": "2.8.1",
"source": {
"type": "git",
"url": "https://github.com/symfony/monolog-bundle.git",
"reference": "9320b6863404c70ebe111e9040dab96f251de7ac"
"reference": "7117b9a145722e3c5768db4585f6ad0643ed5c4a"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/symfony/monolog-bundle/zipball/9320b6863404c70ebe111e9040dab96f251de7ac",
"reference": "9320b6863404c70ebe111e9040dab96f251de7ac",
"url": "https://api.github.com/repos/symfony/monolog-bundle/zipball/7117b9a145722e3c5768db4585f6ad0643ed5c4a",
"reference": "7117b9a145722e3c5768db4585f6ad0643ed5c4a",
"shasum": ""
},
"require": {
"monolog/monolog": "~1.8",
"php": ">=5.3.2",
"symfony/config": "~2.3",
"symfony/dependency-injection": "~2.3",
"symfony/http-kernel": "~2.3",
"symfony/monolog-bridge": "~2.3"
"symfony/config": "~2.3|3.*",
"symfony/dependency-injection": "~2.3|3.*",
"symfony/http-kernel": "~2.3|3.*",
"symfony/monolog-bridge": "~2.3|3.*"
},
"require-dev": {
"symfony/console": "~2.3",
"symfony/console": "~2.3|3.*",
"symfony/yaml": "~2.3"
},
"type": "symfony-bundle",
"extra": {
"branch-alias": {
"dev-master": "2.7.x-dev"
"dev-master": "2.8.x-dev"
}
},
"autoload": {
@ -3032,7 +3133,7 @@
"log",
"logging"
],
"time": "2015-01-04 20:21:17"
"time": "2015-10-02 11:51:59"
},
{
"name": "symfony/swiftmailer-bundle",
@ -3093,20 +3194,20 @@
},
{
"name": "symfony/symfony",
"version": "v2.7.4",
"version": "v2.7.5",
"source": {
"type": "git",
"url": "https://github.com/symfony/symfony.git",
"reference": "1fdf23fe28876844b887b0e1935c9adda43ee645"
"reference": "619528a274647cffc1792063c3ea04c4fa8266a0"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/symfony/symfony/zipball/1fdf23fe28876844b887b0e1935c9adda43ee645",
"reference": "1fdf23fe28876844b887b0e1935c9adda43ee645",
"url": "https://api.github.com/repos/symfony/symfony/zipball/619528a274647cffc1792063c3ea04c4fa8266a0",
"reference": "619528a274647cffc1792063c3ea04c4fa8266a0",
"shasum": ""
},
"require": {
"doctrine/common": "~2.3",
"doctrine/common": "~2.4",
"php": ">=5.3.9",
"psr/log": "~1.0",
"twig/twig": "~1.20|~2.0"
@ -3159,9 +3260,9 @@
},
"require-dev": {
"doctrine/data-fixtures": "1.0.*",
"doctrine/dbal": "~2.2",
"doctrine/dbal": "~2.4",
"doctrine/doctrine-bundle": "~1.2",
"doctrine/orm": "~2.2,>=2.2.3",
"doctrine/orm": "~2.4,>=2.4.5",
"egulias/email-validator": "~1.2",
"ircmaxell/password-compat": "~1.0",
"monolog/monolog": "~1.11",
@ -3211,7 +3312,7 @@
"keywords": [
"framework"
],
"time": "2015-09-08 14:26:39"
"time": "2015-09-25 11:16:52"
},
{
"name": "tecnickcom/tcpdf",
@ -3330,16 +3431,16 @@
},
{
"name": "twig/twig",
"version": "v1.22.2",
"version": "v1.22.3",
"source": {
"type": "git",
"url": "https://github.com/twigphp/Twig.git",
"reference": "79249fc8c9ff62e41e217e0c630e2e00bcadda6a"
"reference": "ebfc36b7e77b0c1175afe30459cf943010245540"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/twigphp/Twig/zipball/79249fc8c9ff62e41e217e0c630e2e00bcadda6a",
"reference": "79249fc8c9ff62e41e217e0c630e2e00bcadda6a",
"url": "https://api.github.com/repos/twigphp/Twig/zipball/ebfc36b7e77b0c1175afe30459cf943010245540",
"reference": "ebfc36b7e77b0c1175afe30459cf943010245540",
"shasum": ""
},
"require": {
@ -3387,7 +3488,7 @@
"keywords": [
"templating"
],
"time": "2015-09-22 13:59:32"
"time": "2015-10-13 07:07:02"
},
{
"name": "willdurand/hateoas",
@ -3548,16 +3649,16 @@
},
{
"name": "willdurand/negotiation",
"version": "1.4.0",
"version": "1.5.0",
"source": {
"type": "git",
"url": "https://github.com/willdurand/Negotiation.git",
"reference": "8a84c5956e765f432542fc52a8c6e9aff4508eb3"
"reference": "2a59f2376557303e3fa91465ab691abb82945edf"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/willdurand/Negotiation/zipball/8a84c5956e765f432542fc52a8c6e9aff4508eb3",
"reference": "8a84c5956e765f432542fc52a8c6e9aff4508eb3",
"url": "https://api.github.com/repos/willdurand/Negotiation/zipball/2a59f2376557303e3fa91465ab691abb82945edf",
"reference": "2a59f2376557303e3fa91465ab691abb82945edf",
"shasum": ""
},
"require": {
@ -3566,7 +3667,7 @@
"type": "library",
"extra": {
"branch-alias": {
"dev-master": "1.4-dev"
"dev-master": "1.5-dev"
}
},
"autoload": {
@ -3580,7 +3681,7 @@
],
"authors": [
{
"name": "William DURAND",
"name": "William Durand",
"email": "william.durand1@gmail.com"
}
],
@ -3593,7 +3694,7 @@
"header",
"negotiation"
],
"time": "2015-07-28 13:10:50"
"time": "2015-10-01 07:42:40"
}
],
"packages-dev": [
@ -3822,16 +3923,16 @@
},
{
"name": "phpunit/php-code-coverage",
"version": "2.2.3",
"version": "2.2.4",
"source": {
"type": "git",
"url": "https://github.com/sebastianbergmann/php-code-coverage.git",
"reference": "ef1ca6835468857944d5c3b48fa503d5554cff2f"
"reference": "eabf68b476ac7d0f73793aada060f1c1a9bf8979"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/sebastianbergmann/php-code-coverage/zipball/ef1ca6835468857944d5c3b48fa503d5554cff2f",
"reference": "ef1ca6835468857944d5c3b48fa503d5554cff2f",
"url": "https://api.github.com/repos/sebastianbergmann/php-code-coverage/zipball/eabf68b476ac7d0f73793aada060f1c1a9bf8979",
"reference": "eabf68b476ac7d0f73793aada060f1c1a9bf8979",
"shasum": ""
},
"require": {
@ -3880,7 +3981,7 @@
"testing",
"xunit"
],
"time": "2015-09-14 06:51:16"
"time": "2015-10-06 15:47:00"
},
{
"name": "phpunit/php-file-iterator",
@ -4062,16 +4163,16 @@
},
{
"name": "phpunit/phpunit",
"version": "4.8.9",
"version": "4.8.12",
"source": {
"type": "git",
"url": "https://github.com/sebastianbergmann/phpunit.git",
"reference": "73fad41adb5b7bc3a494bb930d90648df1d5e74b"
"reference": "00194eb95989190a73198390ceca081ad3441a7f"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/sebastianbergmann/phpunit/zipball/73fad41adb5b7bc3a494bb930d90648df1d5e74b",
"reference": "73fad41adb5b7bc3a494bb930d90648df1d5e74b",
"url": "https://api.github.com/repos/sebastianbergmann/phpunit/zipball/00194eb95989190a73198390ceca081ad3441a7f",
"reference": "00194eb95989190a73198390ceca081ad3441a7f",
"shasum": ""
},
"require": {
@ -4130,20 +4231,20 @@
"testing",
"xunit"
],
"time": "2015-09-20 12:56:44"
"time": "2015-10-12 03:36:47"
},
{
"name": "phpunit/phpunit-mock-objects",
"version": "2.3.7",
"version": "2.3.8",
"source": {
"type": "git",
"url": "https://github.com/sebastianbergmann/phpunit-mock-objects.git",
"reference": "5e2645ad49d196e020b85598d7c97e482725786a"
"reference": "ac8e7a3db35738d56ee9a76e78a4e03d97628983"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/sebastianbergmann/phpunit-mock-objects/zipball/5e2645ad49d196e020b85598d7c97e482725786a",
"reference": "5e2645ad49d196e020b85598d7c97e482725786a",
"url": "https://api.github.com/repos/sebastianbergmann/phpunit-mock-objects/zipball/ac8e7a3db35738d56ee9a76e78a4e03d97628983",
"reference": "ac8e7a3db35738d56ee9a76e78a4e03d97628983",
"shasum": ""
},
"require": {
@ -4186,7 +4287,7 @@
"mock",
"xunit"
],
"time": "2015-08-19 09:14:08"
"time": "2015-10-02 06:51:40"
},
{
"name": "sebastian/comparator",
@ -4422,16 +4523,16 @@
},
{
"name": "sebastian/global-state",
"version": "1.0.0",
"version": "1.1.1",
"source": {
"type": "git",
"url": "https://github.com/sebastianbergmann/global-state.git",
"reference": "c7428acdb62ece0a45e6306f1ae85e1c05b09c01"
"reference": "bc37d50fea7d017d3d340f230811c9f1d7280af4"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/sebastianbergmann/global-state/zipball/c7428acdb62ece0a45e6306f1ae85e1c05b09c01",
"reference": "c7428acdb62ece0a45e6306f1ae85e1c05b09c01",
"url": "https://api.github.com/repos/sebastianbergmann/global-state/zipball/bc37d50fea7d017d3d340f230811c9f1d7280af4",
"reference": "bc37d50fea7d017d3d340f230811c9f1d7280af4",
"shasum": ""
},
"require": {
@ -4469,7 +4570,7 @@
"keywords": [
"global state"
],
"time": "2014-10-06 09:23:50"
"time": "2015-10-12 03:26:01"
},
{
"name": "sebastian/recursion-context",

View file

@ -13,6 +13,7 @@ class UserInformationType extends AbstractType
$builder
->add('name', 'text')
->add('email', 'email')
->add('twoFactorAuthentication', 'checkbox', array('required' => false))
->add('save', 'submit')
->remove('username')
->remove('plainPassword')

View file

@ -100,6 +100,16 @@
</div>
</fieldset>
{% if twofactor_auth %}
<fieldset class="w500p inline">
<div class="row">
{{ form_label(form.user.twoFactorAuthentication) }}
{{ form_errors(form.user.twoFactorAuthentication) }}
{{ form_widget(form.user.twoFactorAuthentication) }}
</div>
</fieldset>
{% endif %}
{{ form_rest(form.user) }}
</form>

View file

@ -132,6 +132,16 @@
</div>
</div>
{% if twofactor_auth %}
<div class="row">
<div class="input-field col s12">
{{ form_widget(form.user.twoFactorAuthentication) }}
{{ form_label(form.user.twoFactorAuthentication) }}
{{ form_errors(form.user.twoFactorAuthentication) }}
</div>
</div>
{% endif %}
<div class="hidden">{{ form_rest(form.user) }}</div>
<button class="btn waves-effect waves-light" type="submit" name="action">
{% trans %}Save{% endtrans %}

View file

@ -0,0 +1,64 @@
<?php
namespace Wallabag\CoreBundle\Tests\Controller;
use Wallabag\CoreBundle\Tests\WallabagCoreTestCase;
class SecurityControllerTest extends WallabagCoreTestCase
{
public function testLoginWithout2Factor()
{
$this->logInAs('admin');
$client = $this->getClient();
$client->followRedirects();
$client->request('GET', '/config');
$this->assertContains('RSS', $client->getResponse()->getContent());
}
public function testLoginWith2Factor()
{
$client = $this->getClient();
if ($client->getContainer()->getParameter('twofactor_auth')) {
$client->followRedirects();
$em = $client->getContainer()->get('doctrine.orm.entity_manager');
$user = $em
->getRepository('WallabagUserBundle:User')
->findOneByUsername('admin');
$user->setTwoFactorAuthentication(true);
$em->persist($user);
$em->flush();
$this->logInAs('admin');
$client->request('GET', '/config');
$this->assertContains('trusted computer', $client->getResponse()->getContent());
// restore user
$user = $em
->getRepository('WallabagUserBundle:User')
->findOneByUsername('admin');
$user->setTwoFactorAuthentication(false);
$em->persist($user);
$em->flush();
}
}
public function testTrustedComputer()
{
$client = $this->getClient();
if ($client->getContainer()->getParameter('twofactor_auth')) {
$em = $client->getContainer()->get('doctrine.orm.entity_manager');
$user = $em
->getRepository('WallabagUserBundle:User')
->findOneByUsername('admin');
$date = new \DateTime();
$user->addTrustedComputer('ABCDEF', $date->add(new \DateInterval('P1M')));
$this->assertTrue($user->isTrustedComputer('ABCDEF'));
$this->assertFalse($user->isTrustedComputer('FEDCBA'));
}
}
}

View file

@ -4,6 +4,8 @@ namespace Wallabag\UserBundle\Entity;
use Doctrine\Common\Collections\ArrayCollection;
use Doctrine\ORM\Mapping as ORM;
use Scheb\TwoFactorBundle\Model\Email\TwoFactorInterface;
use Scheb\TwoFactorBundle\Model\TrustedComputerInterface;
use Symfony\Bridge\Doctrine\Validator\Constraints\UniqueEntity;
use Symfony\Component\Security\Core\User\UserInterface;
use JMS\Serializer\Annotation\ExclusionPolicy;
@ -24,7 +26,7 @@ use Wallabag\CoreBundle\Entity\Tag;
* @UniqueEntity("email")
* @UniqueEntity("username")
*/
class User extends BaseUser
class User extends BaseUser implements TwoFactorInterface, TrustedComputerInterface
{
/**
* @var int
@ -72,6 +74,22 @@ class User extends BaseUser
*/
protected $tags;
/**
* @ORM\Column(type="integer", nullable=true)
*/
private $authCode;
/**
* @var bool Enabled yes/no
* @ORM\Column(type="boolean")
*/
private $twoFactorAuthentication = false;
/**
* @ORM\Column(type="json_array", nullable=true)
*/
private $trusted;
public function __construct()
{
parent::__construct();
@ -201,4 +219,52 @@ class User extends BaseUser
{
return $this->config;
}
/**
* @return bool
*/
public function isTwoFactorAuthentication()
{
return $this->twoFactorAuthentication;
}
/**
* @param bool $twoFactorAuthentication
*/
public function setTwoFactorAuthentication($twoFactorAuthentication)
{
$this->twoFactorAuthentication = $twoFactorAuthentication;
}
public function isEmailAuthEnabled()
{
return $this->twoFactorAuthentication;
}
public function getEmailAuthCode()
{
return $this->authCode;
}
public function setEmailAuthCode($authCode)
{
$this->authCode = $authCode;
}
public function addTrustedComputer($token, \DateTime $validUntil)
{
$this->trusted[$token] = $validUntil->format('r');
}
public function isTrustedComputer($token)
{
if (isset($this->trusted[$token])) {
$now = new \DateTime();
$validUntil = new \DateTime($this->trusted[$token]);
return $now < $validUntil;
}
return false;
}
}

View file

@ -0,0 +1,32 @@
{% extends "WallabagUserBundle::layout.html.twig" %}
{% block fos_user_content %}
<form class="form" action="" method="post">
<fieldset class="w500p center">
{% for flashMessage in app.session.flashbag.get("two_factor") %}
<p class="error">{{ flashMessage|trans }}</p>
{% endfor %}
<div class="row">
<label for="_auth_code">{{ "scheb_two_factor.auth_code"|trans }}</label>
<input id="_auth_code" type="text" autocomplete="off" name="_auth_code" />
</div>
{% if useTrustedOption %}
<div class="row">
<input id="_trusted" type="checkbox" name="_trusted" />
<label for="_trusted">{{ "scheb_two_factor.trusted"|trans }}</label>
</div>
{% endif %}
<div class="row mts txtcenter">
<a href="{{ path('fos_user_security_logout') }}" class="waves-effect waves-light grey btn"><i class="material-icons left"></i> {% trans %}Cancel{% endtrans %}</a>
<button type="submit" name="send">
{{ "scheb_two_factor.login"|trans }}
<i class="mdi-content-send right"></i>
</button>
</div>
</fieldset>
</form>
{% endblock %}

View file

@ -0,0 +1,33 @@
{% extends "WallabagUserBundle::layout.html.twig" %}
{% block fos_user_content %}
<form class="form" action="" method="post">
<div class="card-content">
<div class="row">
{% for flashMessage in app.session.flashbag.get("two_factor") %}
<p class="error">{{ flashMessage|trans }}</p>
{% endfor %}
<div class="input-field col s12">
<label for="_auth_code">{{ "scheb_two_factor.auth_code"|trans }}</label>
<input id="_auth_code" type="text" autocomplete="off" name="_auth_code" />
</div>
{% if useTrustedOption %}
<div class="input-field col s12">
<input id="_trusted" type="checkbox" name="_trusted" />
<label for="_trusted">{{ "scheb_two_factor.trusted"|trans }}</label>
</div>
{% endif %}
</div>
</div>
<div class="card-action center">
<a href="{{ path('fos_user_security_logout') }}" class="waves-effect waves-light grey btn"><i class="material-icons left"></i> {% trans %}Cancel{% endtrans %}</a>
<button class="btn waves-effect waves-light" type="submit" name="send">
{{ "scheb_two_factor.login"|trans }}
<i class="mdi-content-send right"></i>
</button>
</div>
</form>
{% endblock %}