diff --git a/app/config/config.yml b/app/config/config.yml index 2f3dabded..62c1a500c 100644 --- a/app/config/config.yml +++ b/app/config/config.yml @@ -201,15 +201,15 @@ scheb_two_factor: lifetime: 2592000 backup_codes: - enabled: "%twofactor_auth%" + enabled: true google: - enabled: "%twofactor_auth%" + enabled: true issuer: "%server_name%" template: "@WallabagUser/Authentication/form.html.twig" email: - enabled: "%twofactor_auth%" + enabled: true sender_email: "%twofactor_sender%" digits: 6 template: "@WallabagUser/Authentication/form.html.twig" diff --git a/app/config/parameters.yml.dist b/app/config/parameters.yml.dist index 94074d942..1c9a0c26f 100644 --- a/app/config/parameters.yml.dist +++ b/app/config/parameters.yml.dist @@ -34,7 +34,6 @@ parameters: secret: CHANGE_ME_TO_SOMETHING_SECRET_AND_RANDOM # two factor stuff - twofactor_auth: true twofactor_sender: no-reply@wallabag.org # fosuser stuff diff --git a/docker/php/config/parameters.yml b/docker/php/config/parameters.yml index 21437d443..3bf5a6295 100644 --- a/docker/php/config/parameters.yml +++ b/docker/php/config/parameters.yml @@ -22,7 +22,6 @@ parameters: secret: ${SECRET:-~} # two factor stuff - twofactor_auth: ${TWOFACTOR_AUTH:-true} twofactor_sender: ${TWOFACTOR_SENDER:-no-reply@wallabag.org} # fosuser stuff diff --git a/src/Wallabag/CoreBundle/Controller/ConfigController.php b/src/Wallabag/CoreBundle/Controller/ConfigController.php index 4d7ea0a50..9adc4c29b 100644 --- a/src/Wallabag/CoreBundle/Controller/ConfigController.php +++ b/src/Wallabag/CoreBundle/Controller/ConfigController.php @@ -246,7 +246,6 @@ class ConfigController extends AbstractController 'username' => $user->getUsername(), 'token' => $config->getFeedToken(), ], - 'twofactor_auth' => $this->getParameter('twofactor_auth'), 'wallabag_url' => $this->getParameter('domain_name'), 'enabled_users' => $userRepository->getSumEnabledUsers(), ]); @@ -259,10 +258,6 @@ class ConfigController extends AbstractController */ public function disableOtpEmailAction() { - if (!$this->getParameter('twofactor_auth')) { - return $this->createNotFoundException('two_factor not enabled'); - } - $user = $this->getUser(); $user->setEmailTwoFactor(false); @@ -283,10 +278,6 @@ class ConfigController extends AbstractController */ public function otpEmailAction() { - if (!$this->getParameter('twofactor_auth')) { - return $this->createNotFoundException('two_factor not enabled'); - } - $user = $this->getUser(); $user->setGoogleAuthenticatorSecret(null); @@ -310,10 +301,6 @@ class ConfigController extends AbstractController */ public function disableOtpAppAction() { - if (!$this->getParameter('twofactor_auth')) { - return $this->createNotFoundException('two_factor not enabled'); - } - $user = $this->getUser(); $user->setGoogleAuthenticatorSecret(''); @@ -336,10 +323,6 @@ class ConfigController extends AbstractController */ public function otpAppAction(GoogleAuthenticatorInterface $googleAuthenticator) { - if (!$this->getParameter('twofactor_auth')) { - return $this->createNotFoundException('two_factor not enabled'); - } - $user = $this->getUser(); $secret = $googleAuthenticator->generateSecret(); @@ -377,10 +360,6 @@ class ConfigController extends AbstractController */ public function otpAppCancelAction() { - if (!$this->getParameter('twofactor_auth')) { - return $this->createNotFoundException('two_factor not enabled'); - } - $user = $this->getUser(); $user->setGoogleAuthenticatorSecret(null); $user->setBackupCodes(null); diff --git a/src/Wallabag/CoreBundle/Resources/views/Config/index.html.twig b/src/Wallabag/CoreBundle/Resources/views/Config/index.html.twig index e9031b0af..8681b20c2 100644 --- a/src/Wallabag/CoreBundle/Resources/views/Config/index.html.twig +++ b/src/Wallabag/CoreBundle/Resources/views/Config/index.html.twig @@ -209,38 +209,36 @@ {{ form_widget(form.user.save, {'attr': {'class': 'btn waves-effect waves-light'}}) }} - {% if twofactor_auth %} -
-
-
-
{{ 'config.otp.page_title'|trans }}
+
+
+
+
{{ 'config.otp.page_title'|trans }}
-

{{ 'config.form_user.two_factor_description'|trans }}

+

{{ 'config.form_user.two_factor_description'|trans }}

- - - - - - - - +
{{ 'config.form_user.two_factor.table_method'|trans }}{{ 'config.form_user.two_factor.table_state'|trans }}{{ 'config.form_user.two_factor.table_action'|trans }}
+ + + + + + + - - - - - - - - - - - - -
{{ 'config.form_user.two_factor.table_method'|trans }}{{ 'config.form_user.two_factor.table_state'|trans }}{{ 'config.form_user.two_factor.table_action'|trans }}
{{ 'config.form_user.two_factor.emailTwoFactor_label'|trans }}{% if app.user.isEmailTwoFactor %}{{ 'config.form_user.two_factor.state_enabled'|trans }}{% else %}{{ 'config.form_user.two_factor.state_disabled'|trans }}{% endif %}{{ 'config.form_user.two_factor.action_email'|trans }} {% if app.user.isEmailTwoFactor %}Disable{% endif %}
{{ 'config.form_user.two_factor.googleTwoFactor_label'|trans }}{% if app.user.isGoogleTwoFactor %}{{ 'config.form_user.two_factor.state_enabled'|trans }}{% else %}{{ 'config.form_user.two_factor.state_disabled'|trans }}{% endif %}{{ 'config.form_user.two_factor.action_app'|trans }} {% if app.user.isGoogleTwoFactor %}Disable{% endif %}
-
- {% endif %} + + + {{ 'config.form_user.two_factor.emailTwoFactor_label'|trans }} + {% if app.user.isEmailTwoFactor %}{{ 'config.form_user.two_factor.state_enabled'|trans }}{% else %}{{ 'config.form_user.two_factor.state_disabled'|trans }}{% endif %} + {{ 'config.form_user.two_factor.action_email'|trans }} {% if app.user.isEmailTwoFactor %}Disable{% endif %} + + + {{ 'config.form_user.two_factor.googleTwoFactor_label'|trans }} + {% if app.user.isGoogleTwoFactor %}{{ 'config.form_user.two_factor.state_enabled'|trans }}{% else %}{{ 'config.form_user.two_factor.state_disabled'|trans }}{% endif %} + {{ 'config.form_user.two_factor.action_app'|trans }} {% if app.user.isGoogleTwoFactor %}Disable{% endif %} + + + +
{{ form_widget(form.user._token) }} diff --git a/src/Wallabag/UserBundle/Controller/ManageController.php b/src/Wallabag/UserBundle/Controller/ManageController.php index 06e7c8466..fb7b5b2e5 100644 --- a/src/Wallabag/UserBundle/Controller/ManageController.php +++ b/src/Wallabag/UserBundle/Controller/ManageController.php @@ -85,19 +85,17 @@ class ManageController extends AbstractController $form->handleRequest($request); // `googleTwoFactor` isn't a field within the User entity, we need to define it's value in a different way - if ($this->getParameter('twofactor_auth') && true === $user->isGoogleAuthenticatorEnabled() && false === $form->isSubmitted()) { + if (true === $user->isGoogleAuthenticatorEnabled() && false === $form->isSubmitted()) { $form->get('googleTwoFactor')->setData(true); } if ($form->isSubmitted() && $form->isValid()) { // handle creation / reset of the OTP secret if checkbox changed from the previous state - if ($this->getParameter('twofactor_auth')) { - if (true === $form->get('googleTwoFactor')->getData() && false === $user->isGoogleAuthenticatorEnabled()) { - $user->setGoogleAuthenticatorSecret($googleAuthenticator->generateSecret()); - $user->setEmailTwoFactor(false); - } elseif (false === $form->get('googleTwoFactor')->getData() && true === $user->isGoogleAuthenticatorEnabled()) { - $user->setGoogleAuthenticatorSecret(null); - } + if (true === $form->get('googleTwoFactor')->getData() && false === $user->isGoogleAuthenticatorEnabled()) { + $user->setGoogleAuthenticatorSecret($googleAuthenticator->generateSecret()); + $user->setEmailTwoFactor(false); + } elseif (false === $form->get('googleTwoFactor')->getData() && true === $user->isGoogleAuthenticatorEnabled()) { + $user->setGoogleAuthenticatorSecret(null); } $userManager->updateUser($user); @@ -114,7 +112,6 @@ class ManageController extends AbstractController 'user' => $user, 'edit_form' => $form->createView(), 'delete_form' => $deleteForm->createView(), - 'twofactor_auth' => $this->getParameter('twofactor_auth'), ]); } diff --git a/src/Wallabag/UserBundle/Resources/views/Manage/edit.html.twig b/src/Wallabag/UserBundle/Resources/views/Manage/edit.html.twig index f32dd3df2..07d99e766 100644 --- a/src/Wallabag/UserBundle/Resources/views/Manage/edit.html.twig +++ b/src/Wallabag/UserBundle/Resources/views/Manage/edit.html.twig @@ -47,7 +47,6 @@ - {% if twofactor_auth %}
{{ form_widget(edit_form.emailTwoFactor) }} @@ -60,7 +59,6 @@ {{ form_errors(edit_form.googleTwoFactor) }}
- {% endif %}
diff --git a/tests/Wallabag/CoreBundle/Controller/SecurityControllerTest.php b/tests/Wallabag/CoreBundle/Controller/SecurityControllerTest.php index 518fb7ede..cb33df278 100644 --- a/tests/Wallabag/CoreBundle/Controller/SecurityControllerTest.php +++ b/tests/Wallabag/CoreBundle/Controller/SecurityControllerTest.php @@ -32,12 +32,6 @@ class SecurityControllerTest extends WallabagCoreTestCase { $client = $this->getTestClient(); - if (!$client->getContainer()->getParameter('twofactor_auth')) { - $this->markTestSkipped('twofactor_auth is not enabled.'); - - return; - } - $client->followRedirects(); $em = $client->getContainer()->get(EntityManagerInterface::class); @@ -65,12 +59,6 @@ class SecurityControllerTest extends WallabagCoreTestCase { $client = $this->getTestClient(); - if (!$client->getContainer()->getParameter('twofactor_auth')) { - $this->markTestSkipped('twofactor_auth is not enabled.'); - - return; - } - $client->followRedirects(); $em = $client->getContainer()->get(EntityManagerInterface::class);