Command line reset

magespecialist · Aug 11, 2017 · 65100ff · 65100ff
1 parent 336ef0c
commit 65100ff
Show file tree

Hide file tree

Showing 5 changed files with 132 additions and 11 deletions.
diff --git a/Command/Tfa.php → Command/TfaDisable.php b/Command/Tfa.php → Command/TfaDisable.php
@@ -27,7 +27,7 @@
 use Symfony\Component\Console\Output\OutputInterface;
 use MSP\TwoFactorAuth\Api\TfaInterface;
 
-class Tfa extends Command
+class TfaDisable extends Command
 {
     /**
      * @var ConfigInterface

diff --git a/Command/TfaReset.php b/Command/TfaReset.php
@@ -0,0 +1,85 @@
+<?php
+/**
+ * IDEALIAGroup srl
+ *
+ * NOTICE OF LICENSE
+ *
+ * This source file is subject to the Open Software License (OSL 3.0)
+ * that is bundled with this package in the file LICENSE.txt.
+ * It is also available through the world-wide-web at this URL:
+ * http://opensource.org/licenses/osl-3.0.php
+ * If you did not receive a copy of the license and are unable to
+ * obtain it through the world-wide-web, please send an email
+ * to info@idealiagroup.com so we can send you a copy immediately.
+ *
+ * @category   MSP
+ * @package    MSP_TwoFactorAuth
+ * @copyright  Copyright (c) 2016 IDEALIAGroup srl (http://www.idealiagroup.com)
+ * @license    http://opensource.org/licenses/osl-3.0.php  Open Software License (OSL 3.0)
+ */
+
+namespace MSP\TwoFactorAuth\Command;
+
+use Magento\Framework\Exception\LocalizedException;
+use MSP\TwoFactorAuth\Api\UserConfigManagerInterface;
+use Symfony\Component\Console\Command\Command;
+use Symfony\Component\Console\Input\InputArgument;
+use Symfony\Component\Console\Input\InputInterface;
+use Symfony\Component\Console\Output\OutputInterface;
+use Magento\User\Model\UserFactory;
+use Magento\User\Model\ResourceModel\User;
+
+class TfaReset extends Command
+{
+    /**
+     * @var UserConfigManagerInterface
+     */
+    private $userConfigManager;
+
+    /**
+     * @var User
+     */
+    private $user;
+
+    /**
+     * @var UserFactory
+     */
+    private $userFactory;
+
+    public function __construct(
+        UserConfigManagerInterface $userConfigManager,
+        UserFactory $userFactory,
+        User $user
+    ) {
+        parent::__construct();
+        $this->userConfigManager = $userConfigManager;
+        $this->user = $user;
+        $this->userFactory = $userFactory;
+    }
+
+    protected function configure()
+    {
+        $this->setName('msp:security:tfa:reset');
+        $this->setDescription('Reset configuration for one user');
+
+        $this->addArgument('user', InputArgument::REQUIRED, __('Username'));
+        $this->addArgument('provider', InputArgument::REQUIRED, __('Provider code (google, authy, u2fkey)'));
+
+        parent::configure();
+    }
+
+    protected function execute(InputInterface $input, OutputInterface $output)
+    {
+        $userName = $input->getArgument('user');
+        $provider = $input->getArgument('provider');
+
+        $user = $this->userFactory->create();
+
+        $this->user->load($user, $userName, 'username');
+        if (!$user->getId()) {
+            throw new LocalizedException(__('Unknown user %1', $userName));
+        }
+
+        $this->userConfigManager->resetProviderConfig($user, $provider);
+    }
+}
diff --git a/README.md b/README.md
@@ -1,4 +1,4 @@
-# MSP TwoFactorAuth
+MSP TwoFactorAuth
 
 Two Factor Authentication module for maximum **backend access protection** in Magento 2.
 
@@ -8,6 +8,27 @@ Two Factor Authentication module for maximum **backend access protection** in Ma
 
 Did you lock yourself out from Magento backend? <a href="https://github.com/magespecialist/m2-MSP_TwoFactorAuth#emergency-commandline-disable">click here.</a>
 
+## Main features:
+
+* Providers:
+    * Google authenticator
+        * QR code enroll
+    * Authy
+        * SMS
+        * Call
+        * Token
+        * One touch
+    * U2F keys (Yubico and others)
+    * Duo Security
+        * SMS
+        * Push notification
+* Trusted devices
+    * High security rolling codes
+* Trusted devices revoke list
+* Central security suite events logging
+* Per user configuration
+* Forced global 2FA configuration
+
 ## Installing on Magento2:
 
 **1. Install using composer**
@@ -24,28 +45,42 @@ Enable from **Store > Config > SecuritySuite > Two Factor Authentication**.
 
 **3. Enable two factor authentication for your user**
 
-You can select between a set of different 2FA providers.
+You can select between a set of different 2FA providers. **Multiple concurrent providers** are supported.
 
 <img src="https://raw.githubusercontent.com/magespecialist/m2-MSP_TwoFactorAuth/master/screenshots/user_tfa.png" />
 
-**4. Google Authenticator example**
+**4. Subscribe / Configure your 2FA provider(s):**
+
+**4.1 Google Authenticator example**
+
+<img src="https://raw.githubusercontent.com/magespecialist/m2-MSP_TwoFactorAuth/master/screenshots/google_qr.png" />
 
-**4.1. Scan the QR code with your Two Factor Authentication application**
+**4.2. Duo Security example**
 
-<img src="https://raw.githubusercontent.com/magespecialist/m2-MSP_TwoFactorAuth/master/screenshots/token.png" />
+<img src="https://raw.githubusercontent.com/magespecialist/m2-MSP_TwoFactorAuth/master/screenshots/duo_auth.png" />
 
-**4.2. Login and type a valid two factor authentication code**
+**4.3. U2F key (Yubico and others) example**
 
-<img src="https://raw.githubusercontent.com/magespecialist/m2-MSP_TwoFactorAuth/master/screenshots/login_token.png" />
+<img src="https://raw.githubusercontent.com/magespecialist/m2-MSP_TwoFactorAuth/master/screenshots/u2f_auth.png" />
 
-**5. Duo Security example**
+**4.4. Authy example**
 
-<img src="https://raw.githubusercontent.com/magespecialist/m2-MSP_TwoFactorAuth/master/screenshots/duo.png" />
+<img src="https://raw.githubusercontent.com/magespecialist/m2-MSP_TwoFactorAuth/master/screenshots/authy_auth.png" />
 
 ## Emergency commandline disable:
 
 If you messed up with two factor authentication you can disable it from command-line:
 
 `php bin/magento msp:security:tfa:disable`
 
+If you need to manually reset one single user configuration (so you can restart configuration / subscription), type:
+
+`php bin/magento msp:security:tfa:reset <username> <provider>`
+
+e.g.:
+
+`php bin/magento msp:security:tfa:reset admin google`
+`php bin/magento msp:security:tfa:reset admin u2fkey`
+`php bin/magento msp:security:tfa:reset admin authy`
+
 This will disable two factor auth globally.
diff --git a/etc/di.xml b/etc/di.xml
@@ -31,7 +31,8 @@
     <type name="Magento\Framework\Console\CommandList">
         <arguments>
             <argument name="commands" xsi:type="array">
-                <item name="msp_twofactorauth" xsi:type="object">MSP\TwoFactorAuth\Command\Tfa</item>
+                <item name="msp_twofactorauth_disable" xsi:type="object">MSP\TwoFactorAuth\Command\TfaDisable</item>
+                <item name="msp_twofactorauth_reset" xsi:type="object">MSP\TwoFactorAuth\Command\TfaReset</item>
             </argument>
         </arguments>
     </type>

diff --git a/screenshots/token.png → screenshots/google_qr.png b/screenshots/token.png → screenshots/google_qr.png