Nemcio/Grav-Admin-Plugin
1
0
Fork 0
mirror of https://github.com/getgrav/grav-plugin-admin.git synced 2025-11-08 06:16:02 +01:00
Code Issues Packages Projects Releases Activity

initial commit at dedicated page

Browse Source
This commit is contained in:
Andy Miller
2017-08-26 18:25:34 -06:00
parent 853acb2057
commit 8ca011dcd6
8 changed files with 70 additions and 27 deletions
Download Patch File Download Diff File Expand all files Collapse all files

25
classes/admin.php
View File

@@ -364,7 +364,6 @@ class Admin
} }
if ($user->exists()) { if ($user->exists()) {
$user->authenticated = true;
// Authenticate user. // Authenticate user.
$result = $user->authenticate($data['password']); $result = $user->authenticate($data['password']);
@@ -375,22 +374,20 @@ class Admin
} }
} }
$action = [];
$twofa_admin_enabled = $this->grav['config']->get('plugins.admin.twofa_enabled', false);
if ($twofa_admin_enabled && isset($user->twofa_enabled) &&
$user->twofa_enabled == true && !$user->authenticated) {
$this->session->redirect = $post['redirect'];
$this->session->user = $user;
$this->grav->redirect($this->base . '/twofa');
}
if ($user->authorize('admin.login')) { if ($user->authorize('admin.login')) {
$twofa_admin_enabled = $this->grav['config']->get('plugins.admin.twofa_enabled', false); $user->authenticated = true;
if ($twofa_admin_enabled && isset($user->twofa_enabled) && $user->twofa_enabled == true) {
$twofa = $this->get2FA();
$secret = isset($user->twofa_secret) ? $user->twofa_secret : null;
if (!(isset($data['2fa_code']) && $twofa->verifyCode($secret, $data['2fa_code']))) {
return false;
}
}
$this->user = $this->session->user = $user; $this->user = $this->session->user = $user;

6
classes/adminbasecontroller.php
View File

@@ -93,9 +93,9 @@ class AdminBaseController
return false; return false;
} }
// if (!$this->validateNonce()) { if (!$this->validateNonce()) {
// return false; return false;
// } }
$method = 'task' . ucfirst($this->task); $method = 'task' . ucfirst($this->task);

13
classes/admincontroller.php
View File

@@ -699,6 +699,19 @@ class AdminController extends AdminBaseController
return true; return true;
} }
protected function task2faverify()
{
$twofa = $this->admin->get2FA();
$user = $this->grav['user'];
$secret = isset($user->twofa_secret) ? $user->twofa_secret : null;
if (!(isset($this->data['2fa_code']) && $twofa->verifyCode($secret, $this->data['2fa_code']))) {
$this->admin->setMessage($this->admin->translate('PLUGIN_ADMIN.2FA_FAILED'), 'error');
return true;
}
}
/** /**
* Handle logout. * Handle logout.
* *

1
languages/en.yaml
View File

@@ -684,6 +684,7 @@ PLUGIN_ADMIN:
ENABLE_AUTO_METADATA_HELP: "Automatically generate metadata files for images with exif information" ENABLE_AUTO_METADATA_HELP: "Automatically generate metadata files for images with exif information"
2FA_TITLE: "2-Factor Authentication" 2FA_TITLE: "2-Factor Authentication"
2FA_LABEL: "Admin Access" 2FA_LABEL: "Admin Access"
2FA_FAILED: "Invalid 2-Factor Authentication code, please try again..."
2FA_ENABLED: "2FA Enabled" 2FA_ENABLED: "2FA Enabled"
2FA_CODE_INPUT: "2FA Code (if enabled)" 2FA_CODE_INPUT: "2FA Code (if enabled)"
2FA_SECRET: "2FA Secret" 2FA_SECRET: "2FA Secret"

18
pages/admin/login.md
View File

@@ -20,13 +20,13 @@ form:
validate: validate:
required: true required: true
twofa_check: # twofa_check:
type: conditional # type: conditional
condition: config.plugins.admin.twofa_enabled # condition: config.plugins.admin.twofa_enabled
#
fields: # fields:
#
2fa_code: # 2fa_code:
type: text # type: text
placeholder: PLUGIN_ADMIN.2FA_CODE_INPUT # placeholder: PLUGIN_ADMIN.2FA_CODE_INPUT
--- ---

13
pages/admin/twofa.md Normal file
View File

@@ -0,0 +1,13 @@
---
title: 2-Factor Authentication
form:
fields:
2fa_instructions:
type: display
markdown: true
content: These are some **important** instructions
2fa_code:
type: text
placeholder: PLUGIN_ADMIN.2FA_CODE_INPUT
---

4
themes/grav/templates/partials/login.html.twig
View File

@@ -13,10 +13,12 @@
{% block instructions %}{% endblock %} {% block instructions %}{% endblock %}
{% set redirect = redirect ?: uri.route(false) %}
<form method="post" action="{{ base_url_relative }}"> <form method="post" action="{{ base_url_relative }}">
<div class="padding"> <div class="padding">
{% block form %}{% endblock %} {% block form %}{% endblock %}
<input type="hidden" name="redirect" value="{{ uri.route(false) }}" /> <input type="hidden" name="redirect" value="{{ redirect }}" />
{{ nonce_field('admin-form', 'admin-nonce')|raw }} {{ nonce_field('admin-form', 'admin-nonce')|raw }}
</div> </div>
</form> </form>

17
themes/grav/templates/twofa.html.twig Normal file
View File

@@ -0,0 +1,17 @@
{% embed 'partials/login.html.twig' with {title:'Grav 2-Factor Authentication', redirect: admin.session.redirect} %}
{% block form %}
{% for field in form.fields %}
{% if field.type %}
<div>
{% include ["forms/fields/#{field.type}/#{field.type}.html.twig", 'forms/fields/text/text.html.twig'] %}
</div>
{% endif %}
{% endfor %}
<div class="form-actions primary-accent">
<button type="submit" class="button primary" name="task" value="2faverify"><i class="fa fa-sign-in"></i> {{ 'PLUGIN_ADMIN.LOGIN_BTN'|tu }}</button>
</div>
{% endblock %}
{% endembed %}