Added: Two factor authentication support, needs more testing. Thanks …

…Johan.
DomotiGa · Jun 1, 2016 · 3512c7d · 3512c7d
1 parent 9e1fbfa
commit 3512c7d
Show file tree

Hide file tree

Showing 16 changed files with 790 additions and 120 deletions.
diff --git a/DomotiGa3/.src/CModbus.class b/DomotiGa3/.src/CModbus.class
@@ -582,6 +582,7 @@ Private Sub Decode_Message()
           WriteLog("ERROR: Devicetype is using 16-bit, but received data is not!")
           Return
         Endif
+
         ' calculate value
         vValue = (RecBuf[3] * 256) + RecBuf[4]
 
@@ -598,7 +599,7 @@ Private Sub Decode_Message()
 
       Case 679, 708, 709, 710 ' Read Holding Register 32-bit
         If RecBuf[2] <> 4 Then
-          Main.WriteDebugLog(LogLabel & "Devicetype is using 32-bit, but received data is not!")
+          WriteDebugLog("ERROR: Devicetype is using 32-bit, but received data is not!")
           Return
         Endif
         ' calculate value

diff --git a/DomotiGa3/.src/Edit/FEditUsers.class b/DomotiGa3/.src/Edit/FEditUsers.class
@@ -31,6 +31,8 @@ Private iBonusSymbols As Integer
 Private iBonusCombo As Integer
 Private iScoreMin As Integer
 
+Public iUsersID As Integer
+Public sUsersname As String
 '~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 '
 '~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
@@ -41,11 +43,14 @@ Public Sub Form_Open()
   ' allows users to maintain their own private data
   If Main.bUserisAdmin Then
     dsUsers.Filter = ""
+    dcTFAEnabled.Enabled = True
   Else
     dsUsers.Filter = Subst("username = '&1'", Main.sActiveUser)
     dcUserName.Enabled = False
     dcAdmin.Enabled = False
     Me.Title = "Edit User Account"
+    '' ordinary user may not change tfa settings
+    dcTFAEnabled.Enabled = False
   Endif
 
   With dbUsers.View
@@ -59,7 +64,13 @@ Public Sub Form_Open()
     .Columns[3].Width = 140
     .Columns[4].Text = ("E-mail")
     .Columns[4].Width = 140
-    .Columns[5].Text = ("Comments")
+    .Columns[5].Width = 10
+    .Columns[5].Text = ("TFA")
+    .Columns[6].Width = 16
+    .Columns[6].Text = ("TFA Secret")
+    .Columns[7].Text = ("Comments")
+
+
   End With
 
   'next line: hide pwd line with "*"
@@ -86,6 +97,9 @@ Public Sub Form_Open()
   iBonusSymbols = 5
   iBonusCombo = 0
 
+'' set tfa button text
+
+
 End
 
 '~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
@@ -95,6 +109,8 @@ End
 '~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 Public Sub dbUsers_Data(Row As Integer, Column As Integer, Value As Variant)
 
+  Row = Row
+
   If Column = 2 Then
     dbUsers.Data.Text = IIf(Value = 0, ("No"), ("Yes"))
     dbUsers.Data.Alignment = Align.Center
@@ -123,14 +139,42 @@ Public Sub dsUsers_Change()
   Else
     chkAdmin.Value = False
   Endif
+
+ '' initialize btTFA
+ init_btTFA(dcTFAEnabled.Value, dcTFASecret.Value)
 
 End
 
+Public Sub init_btTFA(TFAEnabled As Boolean, Optional TFASecret As String)
+
+  ''set btTFA button settings
+   If TFAEnabled And TFASecret = "" Then
+    btTFA.Text = "Setup TFA"
+    btTFA.Tooltip = "Setup TFA"
+    btTFA.Enabled = True
+  Else If Not TFAEnabled Then
+    btTFA.Text = ""
+    btTFA.Tooltip = "No function. Enable TFA first."
+    btTFA.Enabled = False
+  Else If Len(TFASecret) = 16 Then
+    btTFA.Text = "Delete secret"
+    btTFA.Enabled = True
+  Else ''should never happen  
+    btTFA.Text = "error"
+  Endif
+
+End
+
+
+
+
 '~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 '
 '~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 Public Sub dcAdmin_Validate(Value As Variant)
 
+  Value = Value
+
   If chkAdmin.Value Then
     dcAdmin.Value = -1
   Else
@@ -144,6 +188,8 @@ End
 '~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 Public Sub dcUserName_Validate(Value As Variant)
 
+  Value = Value
+
   If Len(dcUserName.Value) = 0 Then
     Balloon(("Username is a mandatory field"), dcUserName)
     Stop Event
@@ -156,6 +202,8 @@ End
 '~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 Public Sub dcPassword_Validate(Value As Variant)
 
+  Value = Value
+
   ' Don't do any checks if this is a second not-intended call
   If $bPasswordValidate Then Return
 
@@ -313,3 +361,54 @@ Private Sub AnalysePasswordStrength(sPwdText As String)
   iScore = iBaseScore + (iNumExcess * iBonusExcess) + (iNumUpper * iBonusUpper) + (iNumNumbers * iBonusNumbers) + (iNumSymbols * iBonusSymbols) + iBonusCombo + iBonusFlatLower + iBonusFlatNumber
 
 End
+
+'--------------------------------
+'set bTFA button settings if user enable/disable TFA
+'--------------------------------
+Public Sub dcTFAEnabled_Click()
+
+  init_btTFA(dcTFAEnabled.Value, dcTFASecret.Value)
+
+End
+
+
+'--------------------------------
+'setup/initialize or delte TFA when bTFA button is pushed
+'--------------------------------
+Public Sub btTFA_Click()
+
+  ' check is username is filled in.
+  If Len(dcUserName.Value) = 0 Then
+    Balloon(("Fill in username first"), dcUserName)
+  Else
+    '' change btTFA.text and take action
+    Select btTFA.Text
+      ' case text bTFA is "setup"
+      Case "Setup TFA"
+        ' open setup screen
+        ''iUsersID = dcID.Value
+        sUsersName = dcUserName.Value
+        If (FTFASetup.Showmodal()) Then
+          btTFA.Text = "Delete secret"
+        Else
+          ''No setup of tfa completed succesfully.
+      Endif
+      ' case text bTA is "delete secret"
+      Case "Delete secret"
+        DeleteTFASecret(dcUserName.Value)
+      Case Else
+        ''error''
+    End Select
+  Endif
+End
+'~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+' Remove Two Factor Authentication secret for given user, return errors.
+'~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+Public Sub DeleteTFASecret(sUsername As String)
+
+  Main.hDB.Exec("UPDATE users SET tfasecret = null WHERE username = &1", sUsername)
+  ' update text of button
+  btTFA.Text = "Setup TFA"
+End
+