From 41271bc153663ff9b8fb2f98fdd604055338f194 Mon Sep 17 00:00:00 2001 From: Kevin Decherf Date: Sat, 19 Dec 2020 12:53:29 +0100 Subject: [PATCH] otp: show secret as plaintext if a user can't scan qrcode Fixes #4818 Signed-off-by: Kevin Decherf --- src/Wallabag/CoreBundle/Controller/ConfigController.php | 1 + .../CoreBundle/Resources/translations/messages.en.yml | 1 + .../CoreBundle/Resources/translations/messages.fr.yml | 1 + .../Resources/views/themes/material/Config/otp_app.html.twig | 4 ++++ 4 files changed, 7 insertions(+) diff --git a/src/Wallabag/CoreBundle/Controller/ConfigController.php b/src/Wallabag/CoreBundle/Controller/ConfigController.php index 3efc7bb32..42f8aff35 100644 --- a/src/Wallabag/CoreBundle/Controller/ConfigController.php +++ b/src/Wallabag/CoreBundle/Controller/ConfigController.php @@ -344,6 +344,7 @@ class ConfigController extends Controller return $this->render('WallabagCoreBundle:Config:otp_app.html.twig', [ 'backupCodes' => $backupCodes, 'qr_code' => $this->get('scheb_two_factor.security.google_authenticator')->getQRContent($user), + 'secret' => $secret, ]); } diff --git a/src/Wallabag/CoreBundle/Resources/translations/messages.en.yml b/src/Wallabag/CoreBundle/Resources/translations/messages.en.yml index 083d18219..6c75a1b03 100644 --- a/src/Wallabag/CoreBundle/Resources/translations/messages.en.yml +++ b/src/Wallabag/CoreBundle/Resources/translations/messages.en.yml @@ -209,6 +209,7 @@ config: two_factor_code_description_2: 'You can scan that QR Code with your app:' two_factor_code_description_3: 'Also, save these backup codes in a safe place, you can use them in case you lose access to your OTP app:' two_factor_code_description_4: 'Test an OTP code from your configured app:' + two_factor_code_description_5: "If you can't see the QR Code or can't scan it, enter the following secret in your app:" cancel: Cancel enable: Enable entry: diff --git a/src/Wallabag/CoreBundle/Resources/translations/messages.fr.yml b/src/Wallabag/CoreBundle/Resources/translations/messages.fr.yml index 180861ac7..65989d2be 100644 --- a/src/Wallabag/CoreBundle/Resources/translations/messages.fr.yml +++ b/src/Wallabag/CoreBundle/Resources/translations/messages.fr.yml @@ -209,6 +209,7 @@ config: two_factor_code_description_2: 'Vous pouvez scanner le code QR avec votre application :' two_factor_code_description_3: 'N’oubliez pas de sauvegarder ces codes de secours dans un endroit sûr, vous pourrez les utiliser si vous ne pouvez plus accéder à votre application A2F :' two_factor_code_description_4: 'Testez un code généré par votre application A2F :' + two_factor_code_description_5: 'Si vous ne voyez pas le code QR ou ne pouvez pas le scanner, saisissez la clé suivante dans votre application :' cancel: Annuler enable: Activer entry: diff --git a/src/Wallabag/CoreBundle/Resources/views/themes/material/Config/otp_app.html.twig b/src/Wallabag/CoreBundle/Resources/views/themes/material/Config/otp_app.html.twig index 6f405d7f3..b620a533d 100644 --- a/src/Wallabag/CoreBundle/Resources/views/themes/material/Config/otp_app.html.twig +++ b/src/Wallabag/CoreBundle/Resources/views/themes/material/Config/otp_app.html.twig @@ -20,6 +20,10 @@ document.getElementById('2faQrcode').src = jrQrcode.getQrBase64('{{ qr_code }}');

+ +

+ {{ 'config.otp.app.two_factor_code_description_5'|trans }} 

{{ secret }}
+

  • {{ 'config.otp.app.two_factor_code_description_3'|trans }}