mirror of
https://github.com/wallabag/wallabag.git
synced 2025-09-15 18:57:05 +00:00
Merge remote-tracking branch 'origin/2.6' into port/2.6.7
Signed-off-by: Kevin Decherf <kevin@kdecherf.com>
This commit is contained in:
Kevin Decherf
commit
4a5f769428
15 changed files with 192 additions and 128 deletions
|
|
@ -262,10 +262,14 @@ class ConfigController extends AbstractController
|
|||
/**
|
||||
* Disable 2FA using email.
|
||||
*
|
||||
* @Route("/config/otp/email/disable", name="disable_otp_email")
|
||||
* @Route("/config/otp/email/disable", name="disable_otp_email", methods={"POST"})
|
||||
*/
|
||||
public function disableOtpEmailAction()
|
||||
public function disableOtpEmailAction(Request $request)
|
||||
{
|
||||
if (!$this->isCsrfTokenValid('otp', $request->request->get('token'))) {
|
||||
throw $this->createAccessDeniedException('Bad CSRF token.');
|
||||
}
|
||||
|
||||
$user = $this->getUser();
|
||||
$user->setEmailTwoFactor(false);
|
||||
|
||||
|
|
@ -282,10 +286,14 @@ class ConfigController extends AbstractController
|
|||
/**
|
||||
* Enable 2FA using email.
|
||||
*
|
||||
* @Route("/config/otp/email", name="config_otp_email")
|
||||
* @Route("/config/otp/email", name="config_otp_email", methods={"POST"})
|
||||
*/
|
||||
public function otpEmailAction()
|
||||
public function otpEmailAction(Request $request)
|
||||
{
|
||||
if (!$this->isCsrfTokenValid('otp', $request->request->get('token'))) {
|
||||
throw $this->createAccessDeniedException('Bad CSRF token.');
|
||||
}
|
||||
|
||||
$user = $this->getUser();
|
||||
|
||||
$user->setGoogleAuthenticatorSecret(null);
|
||||
|
|
@ -305,10 +313,14 @@ class ConfigController extends AbstractController
|
|||
/**
|
||||
* Disable 2FA using OTP app.
|
||||
*
|
||||
* @Route("/config/otp/app/disable", name="disable_otp_app")
|
||||
* @Route("/config/otp/app/disable", name="disable_otp_app", methods={"POST"})
|
||||
*/
|
||||
public function disableOtpAppAction()
|
||||
public function disableOtpAppAction(Request $request)
|
||||
{
|
||||
if (!$this->isCsrfTokenValid('otp', $request->request->get('token'))) {
|
||||
throw $this->createAccessDeniedException('Bad CSRF token.');
|
||||
}
|
||||
|
||||
$user = $this->getUser();
|
||||
|
||||
$user->setGoogleAuthenticatorSecret('');
|
||||
|
|
@ -327,10 +339,14 @@ class ConfigController extends AbstractController
|
|||
/**
|
||||
* Enable 2FA using OTP app, user will need to confirm the generated code from the app.
|
||||
*
|
||||
* @Route("/config/otp/app", name="config_otp_app")
|
||||
* @Route("/config/otp/app", name="config_otp_app", methods={"POST"})
|
||||
*/
|
||||
public function otpAppAction(GoogleAuthenticatorInterface $googleAuthenticator)
|
||||
public function otpAppAction(Request $request, GoogleAuthenticatorInterface $googleAuthenticator)
|
||||
{
|
||||
if (!$this->isCsrfTokenValid('otp', $request->request->get('token'))) {
|
||||
throw $this->createAccessDeniedException('Bad CSRF token.');
|
||||
}
|
||||
|
||||
$user = $this->getUser();
|
||||
$secret = $googleAuthenticator->generateSecret();
|
||||
|
||||
|
|
@ -365,8 +381,10 @@ class ConfigController extends AbstractController
|
|||
* Cancelling 2FA using OTP app.
|
||||
*
|
||||
* @Route("/config/otp/app/cancel", name="config_otp_app_cancel")
|
||||
*
|
||||
* XXX: commented until we rewrite 2fa with a real two-steps activation
|
||||
*/
|
||||
public function otpAppCancelAction()
|
||||
/*public function otpAppCancelAction()
|
||||
{
|
||||
$user = $this->getUser();
|
||||
$user->setGoogleAuthenticatorSecret(null);
|
||||
|
|
@ -375,15 +393,19 @@ class ConfigController extends AbstractController
|
|||
$this->userManager->updateUser($user, true);
|
||||
|
||||
return $this->redirect($this->generateUrl('config') . '#set3');
|
||||
}
|
||||
}*/
|
||||
|
||||
/**
|
||||
* Validate OTP code.
|
||||
*
|
||||
* @Route("/config/otp/app/check", name="config_otp_app_check")
|
||||
* @Route("/config/otp/app/check", name="config_otp_app_check", methods={"POST"})
|
||||
*/
|
||||
public function otpAppCheckAction(Request $request, GoogleAuthenticatorInterface $googleAuthenticator)
|
||||
{
|
||||
if (!$this->isCsrfTokenValid('otp', $request->request->get('token'))) {
|
||||
throw $this->createAccessDeniedException('Bad CSRF token.');
|
||||
}
|
||||
|
||||
$isValid = $googleAuthenticator->checkCode(
|
||||
$this->getUser(),
|
||||
$request->get('_auth_code')
|
||||
|
|
@ -403,7 +425,12 @@ class ConfigController extends AbstractController
|
|||
'scheb_two_factor.code_invalid'
|
||||
);
|
||||
|
||||
return $this->redirect($this->generateUrl('config_otp_app'));
|
||||
$this->addFlash(
|
||||
'notice',
|
||||
'scheb_two_factor.code_invalid'
|
||||
);
|
||||
|
||||
return $this->redirect($this->generateUrl('config') . '#set3');
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue