Skip to content

Commit

Permalink
Merge pull request #6723 from wallabag/remove-2fa-parameter
Browse files Browse the repository at this point in the history 
Remove `twofactor_auth` parameter
  • Loading branch information
@nicosomb
nicosomb committed Jul 17, 2023
2 parents 90281b8 + c75d3e6 commit 11617ca
Show file tree
Hide file tree
Showing 8 changed files with 39 additions and 81 deletions.
6 changes: 3 additions & 3 deletions app/config/config.yml
View file
Expand Up @@ -201,15 +201,15 @@ scheb_two_factor:
lifetime: 2592000

backup_codes:
enabled: "%twofactor_auth%"
enabled: true

google:
enabled: "%twofactor_auth%"
enabled: true
issuer: "%server_name%"
template: "@WallabagUser/Authentication/form.html.twig"

email:
enabled: "%twofactor_auth%"
enabled: true
sender_email: "%twofactor_sender%"
digits: 6
template: "@WallabagUser/Authentication/form.html.twig"
Expand Down
1 change: 0 additions & 1 deletion app/config/parameters.yml.dist
View file
Expand Up @@ -34,7 +34,6 @@ parameters:
secret: CHANGE_ME_TO_SOMETHING_SECRET_AND_RANDOM

# two factor stuff
twofactor_auth: true
twofactor_sender: no-reply@wallabag.org

# fosuser stuff
Expand Down
1 change: 0 additions & 1 deletion docker/php/config/parameters.yml
View file
Expand Up @@ -22,7 +22,6 @@ parameters:
secret: ${SECRET:-~}

# two factor stuff
twofactor_auth: ${TWOFACTOR_AUTH:-true}
twofactor_sender: ${TWOFACTOR_SENDER:-no-reply@wallabag.org}

# fosuser stuff
Expand Down
21 changes: 0 additions & 21 deletions src/Wallabag/CoreBundle/Controller/ConfigController.php
View file
Expand Up @@ -246,7 +246,6 @@ public function indexAction(Request $request, Config $craueConfig, TaggingRuleRe
'username' => $user->getUsername(),
'token' => $config->getFeedToken(),
],
'twofactor_auth' => $this->getParameter('twofactor_auth'),
'wallabag_url' => $this->getParameter('domain_name'),
'enabled_users' => $userRepository->getSumEnabledUsers(),
]);
Expand All @@ -259,10 +258,6 @@ public function indexAction(Request $request, Config $craueConfig, TaggingRuleRe
*/
public function disableOtpEmailAction()
{
if (!$this->getParameter('twofactor_auth')) {
return $this->createNotFoundException('two_factor not enabled');
}

$user = $this->getUser();
$user->setEmailTwoFactor(false);

Expand All @@ -283,10 +278,6 @@ public function disableOtpEmailAction()
*/
public function otpEmailAction()
{
if (!$this->getParameter('twofactor_auth')) {
return $this->createNotFoundException('two_factor not enabled');
}

$user = $this->getUser();

$user->setGoogleAuthenticatorSecret(null);
Expand All @@ -310,10 +301,6 @@ public function otpEmailAction()
*/
public function disableOtpAppAction()
{
if (!$this->getParameter('twofactor_auth')) {
return $this->createNotFoundException('two_factor not enabled');
}

$user = $this->getUser();

$user->setGoogleAuthenticatorSecret('');
Expand All @@ -336,10 +323,6 @@ public function disableOtpAppAction()
*/
public function otpAppAction(GoogleAuthenticatorInterface $googleAuthenticator)
{
if (!$this->getParameter('twofactor_auth')) {
return $this->createNotFoundException('two_factor not enabled');
}

$user = $this->getUser();
$secret = $googleAuthenticator->generateSecret();

Expand Down Expand Up @@ -377,10 +360,6 @@ function ($backupCode) {
*/
public function otpAppCancelAction()
{
if (!$this->getParameter('twofactor_auth')) {
return $this->createNotFoundException('two_factor not enabled');
}

$user = $this->getUser();
$user->setGoogleAuthenticatorSecret(null);
$user->setBackupCodes(null);
Expand Down
62 changes: 30 additions & 32 deletions src/Wallabag/CoreBundle/Resources/views/Config/index.html.twig
View file
Expand Up @@ -209,38 +209,36 @@

{{ form_widget(form.user.save, {'attr': {'class': 'btn waves-effect waves-light'}}) }}

{% if twofactor_auth %}
<br/>
<br/>
<div class="row">
<h5>{{ 'config.otp.page_title'|trans }}</h5>

<p>{{ 'config.form_user.two_factor_description'|trans }}</p>

<table>
<thead>
<tr>
<th>{{ 'config.form_user.two_factor.table_method'|trans }}</th>
<th>{{ 'config.form_user.two_factor.table_state'|trans }}</th>
<th>{{ 'config.form_user.two_factor.table_action'|trans }}</th>
</tr>
</thead>

<tbody>
<tr>
<td>{{ 'config.form_user.two_factor.emailTwoFactor_label'|trans }}</td>
<td>{% if app.user.isEmailTwoFactor %}<b>{{ 'config.form_user.two_factor.state_enabled'|trans }}</b>{% else %}{{ 'config.form_user.two_factor.state_disabled'|trans }}{% endif %}</td>
<td><a href="{{ path('config_otp_email') }}" class="waves-effect waves-light btn{% if app.user.isEmailTwoFactor %} disabled{% endif %}">{{ 'config.form_user.two_factor.action_email'|trans }}</a> {% if app.user.isEmailTwoFactor %}<a href="{{ path('disable_otp_email') }}" class="waves-effect waves-light btn red">Disable</a>{% endif %}</td>
</tr>
<tr>
<td>{{ 'config.form_user.two_factor.googleTwoFactor_label'|trans }}</td>
<td>{% if app.user.isGoogleTwoFactor %}<b>{{ 'config.form_user.two_factor.state_enabled'|trans }}</b>{% else %}{{ 'config.form_user.two_factor.state_disabled'|trans }}{% endif %}</td>
<td><a href="{{ path('config_otp_app') }}" class="waves-effect waves-light btn{% if app.user.isGoogleTwoFactor %} disabled{% endif %}">{{ 'config.form_user.two_factor.action_app'|trans }}</a> {% if app.user.isGoogleTwoFactor %}<a href="{{ path('disable_otp_app') }}" class="waves-effect waves-light btn red">Disable</a>{% endif %}</td>
</tr>
</tbody>
</table>
</div>
{% endif %}
<br/>
<br/>
<div class="row">
<h5>{{ 'config.otp.page_title'|trans }}</h5>

<p>{{ 'config.form_user.two_factor_description'|trans }}</p>

<table>
<thead>
<tr>
<th>{{ 'config.form_user.two_factor.table_method'|trans }}</th>
<th>{{ 'config.form_user.two_factor.table_state'|trans }}</th>
<th>{{ 'config.form_user.two_factor.table_action'|trans }}</th>
</tr>
</thead>

<tbody>
<tr>
<td>{{ 'config.form_user.two_factor.emailTwoFactor_label'|trans }}</td>
<td>{% if app.user.isEmailTwoFactor %}<b>{{ 'config.form_user.two_factor.state_enabled'|trans }}</b>{% else %}{{ 'config.form_user.two_factor.state_disabled'|trans }}{% endif %}</td>
<td><a href="{{ path('config_otp_email') }}" class="waves-effect waves-light btn{% if app.user.isEmailTwoFactor %} disabled{% endif %}">{{ 'config.form_user.two_factor.action_email'|trans }}</a> {% if app.user.isEmailTwoFactor %}<a href="{{ path('disable_otp_email') }}" class="waves-effect waves-light btn red">Disable</a>{% endif %}</td>
</tr>
<tr>
<td>{{ 'config.form_user.two_factor.googleTwoFactor_label'|trans }}</td>
<td>{% if app.user.isGoogleTwoFactor %}<b>{{ 'config.form_user.two_factor.state_enabled'|trans }}</b>{% else %}{{ 'config.form_user.two_factor.state_disabled'|trans }}{% endif %}</td>
<td><a href="{{ path('config_otp_app') }}" class="waves-effect waves-light btn{% if app.user.isGoogleTwoFactor %} disabled{% endif %}">{{ 'config.form_user.two_factor.action_app'|trans }}</a> {% if app.user.isGoogleTwoFactor %}<a href="{{ path('disable_otp_app') }}" class="waves-effect waves-light btn red">Disable</a>{% endif %}</td>
</tr>
</tbody>
</table>
</div>
{{ form_widget(form.user._token) }}
</form>
</div>
Expand Down
15 changes: 6 additions & 9 deletions src/Wallabag/UserBundle/Controller/ManageController.php
View file
Expand Up @@ -85,19 +85,17 @@ public function editAction(Request $request, User $user, UserManagerInterface $u
$form->handleRequest($request);

// `googleTwoFactor` isn't a field within the User entity, we need to define it's value in a different way
if ($this->getParameter('twofactor_auth') && true === $user->isGoogleAuthenticatorEnabled() && false === $form->isSubmitted()) {
if (true === $user->isGoogleAuthenticatorEnabled() && false === $form->isSubmitted()) {
$form->get('googleTwoFactor')->setData(true);
}

if ($form->isSubmitted() && $form->isValid()) {
// handle creation / reset of the OTP secret if checkbox changed from the previous state
if ($this->getParameter('twofactor_auth')) {
if (true === $form->get('googleTwoFactor')->getData() && false === $user->isGoogleAuthenticatorEnabled()) {
$user->setGoogleAuthenticatorSecret($googleAuthenticator->generateSecret());
$user->setEmailTwoFactor(false);
} elseif (false === $form->get('googleTwoFactor')->getData() && true === $user->isGoogleAuthenticatorEnabled()) {
$user->setGoogleAuthenticatorSecret(null);
}
if (true === $form->get('googleTwoFactor')->getData() && false === $user->isGoogleAuthenticatorEnabled()) {
$user->setGoogleAuthenticatorSecret($googleAuthenticator->generateSecret());
$user->setEmailTwoFactor(false);
} elseif (false === $form->get('googleTwoFactor')->getData() && true === $user->isGoogleAuthenticatorEnabled()) {
$user->setGoogleAuthenticatorSecret(null);
}

$userManager->updateUser($user);
Expand All @@ -114,7 +112,6 @@ public function editAction(Request $request, User $user, UserManagerInterface $u
'user' => $user,
'edit_form' => $form->createView(),
'delete_form' => $deleteForm->createView(),
'twofactor_auth' => $this->getParameter('twofactor_auth'),
]);
}

Expand Down
2 changes: 0 additions & 2 deletions src/Wallabag/UserBundle/Resources/views/Manage/edit.html.twig
View file
Expand Up @@ -47,7 +47,6 @@
</div>
</div>

{% if twofactor_auth %}
<div class="row">
<div class="input-field col s12">
{{ form_widget(edit_form.emailTwoFactor) }}
Expand All @@ -60,7 +59,6 @@
{{ form_errors(edit_form.googleTwoFactor) }}
</div>
</div>
{% endif %}

<br/>

Expand Down
12 changes: 0 additions & 12 deletions tests/Wallabag/CoreBundle/Controller/SecurityControllerTest.php
View file
Expand Up @@ -32,12 +32,6 @@ public function testLoginWith2FactorEmail()
{
$client = $this->getTestClient();

if (!$client->getContainer()->getParameter('twofactor_auth')) {
$this->markTestSkipped('twofactor_auth is not enabled.');

return;
}

$client->followRedirects();

$em = $client->getContainer()->get(EntityManagerInterface::class);
Expand Down Expand Up @@ -65,12 +59,6 @@ public function testLoginWith2FactorGoogle()
{
$client = $this->getTestClient();

if (!$client->getContainer()->getParameter('twofactor_auth')) {
$this->markTestSkipped('twofactor_auth is not enabled.');

return;
}

$client->followRedirects();

$em = $client->getContainer()->get(EntityManagerInterface::class);
Expand Down

0 comments on commit 11617ca

Please sign in to comment.