Nemcio/Grav-Admin-Plugin
1
0
Fork 0
mirror of https://github.com/getgrav/grav-plugin-admin.git synced 2025-11-03 03:46:30 +01:00
Code Issues Packages Projects Releases Activity

2FA logic optimization

Browse Source
This commit is contained in:
Andy Miller
2017-08-26 11:10:41 -06:00
parent 9495e32866
commit 7705ac7477
3 changed files with 50 additions and 31 deletions
Download Patch File Download Diff File Expand all files Collapse all files

30
classes/admin.php
View File

@@ -1733,4 +1733,34 @@ class Admin
$twofa = new TwoFactorAuth('Grav', 6, 30, 'sha1', $provider);
return $twofa;
}
public function get2FAData($secret = null)
{
try {
$user = $this->grav['user'];
$twofa = $this->get2FA();
// generate secret if needed
if (!$secret) {
$secret = $twofa->createSecret(160);
}
$email = $user->email;
$image = $twofa->getQRCodeImageAsDataUri($email, $secret);
$user->twofa_secret = $secret;
$user->save();
$this->json_response = ['status' => 'success', 'image' => $image, 'secret' => trim(chunk_split($secret, 4, ' '))];
} catch (\Exception $e) {
$this->json_response = ['status' => 'error', 'message' => $e->getMessage()];
return false;
}
return true;
}
}

25
classes/admincontroller.php
View File

@@ -2244,34 +2244,13 @@ class AdminController extends AdminBaseController
$this->setRedirect('/tools');
}
public function taskRegenerate2FASecret()
public function taskRegenerate2FASecret($secret = null)
{
if (!$this->authorizeTask('regenerate 2FA Secret', ['admin.login'])) {
return false;
}
try {
$user = $this->grav['user'];
$twofa = $this->admin->get2FA();
$secret = $twofa->createSecret(160);
$email = $user->email;
$image = $twofa->getQRCodeImageAsDataUri($email, $secret);
$user->twofa_secret = $secret;
$user->save();
$this->admin->json_response = ['status' => 'success', 'image' => $image, 'secret' => trim(chunk_split($secret, 4, ' '))];
} catch (\Exception $e) {
$this->admin->json_response = ['status' => 'error', 'message' => $e->getMessage()];
return false;
}
return true;
return $this->admin->get2FAData($secret);
}

20
themes/grav/templates/forms/fields/2fa_secret/2fa_secret.html.twig
View File

@@ -2,15 +2,25 @@
{% block input %}
<div class="form-input-wrapper twofa-wrapper">
{% set two_fa = admin.get2FA() %}
{% set value = (value is null ? two_fa.createSecret(160) : value) %}
{% do admin.get2FAData(value) %}
{% set data = admin.json_response %}
<img style="border: 1px solid #ddd" data-2fa-image src="{{ two_fa.getQRCodeImageAsDataUri(grav.user.email, value) }}" />
{{ dump(data) }}
{% if data.status == 'success' %}
<img style="border: 1px solid #ddd" data-2fa-image src="{{ data.image }}" />
<div>
<span>{{ 'PLUGIN_ADMIN.2FA_SECRET'|tu }}: </span><span class="twofa-secret-code" data-2fa-secret>{{ value|chunkSplit(4, ' ') }}</span>
<span>{{ 'PLUGIN_ADMIN.2FA_SECRET'|tu }}: </span><span class="twofa-secret-code" data-2fa-secret>{{ data.secret }}</span>
</div>
<button class="button button-small" data-2fa-regenerate><i class="fa fa-fw fa-refresh"></i> {{ 'PLUGIN_ADMIN.2FA_REGENERATE'|t }}</button>
<input type="text" style="display:none;" name="{{ (scope ~ field.name)|fieldName }}" data-2fa-value value="{{ value|join(', ') }}" />
<input type="text" style="display:none;" name="{{ (scope ~ field.name)|fieldName }}" data-2fa-value value="{{ data.secret|replace({' ':''}) }}" />
{% else %}
<div class="notice error">
<p>{{ data.message }}</p>
</div>
{% endif %}
</div>
{% endblock %}