nexus/vuefilemanager
2
0
Fork 0
mirror of https://github.com/VueFileManager/vuefilemanager.git synced 2026-04-05 18:23:48 +00:00
Code Issues Packages Projects Releases Wiki Activity

confirm token in 2fa challenge

Browse Source
This commit is contained in:
Čarodej
2022-04-05 09:52:49 +02:00
parent 9f783fcd95
commit 10d8b592ea
13 changed files with 127 additions and 66 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
composer.json
View File

@@ -21,7 +21,7 @@
"intervention/image": "^2.7.1", "intervention/image": "^2.7.1",
"jaybizzle/laravel-crawler-detect": "^1.2", "jaybizzle/laravel-crawler-detect": "^1.2",
"kyslik/column-sortable": "^6.4.1", "kyslik/column-sortable": "^6.4.1",
"laravel/fortify": "^1.10.0", "laravel/fortify": "^1.12.0",
"laravel/framework": "^9.2", "laravel/framework": "^9.2",
"laravel/sanctum": "^2.14.2", "laravel/sanctum": "^2.14.2",
"laravel/socialite": "^5.5.1", "laravel/socialite": "^5.5.1",

14
composer.lock generated
View File

@@ -4,7 +4,7 @@
"Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies", "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies",
"This file is @generated automatically" "This file is @generated automatically"
], ],
"content-hash": "669354d19fcd40d6005df2082a0f91c4", "content-hash": "e528b8d32f34a87acd381ac8c3f3cef1",
"packages": [ "packages": [
{ {
"name": "amphp/amp", "name": "amphp/amp",
@@ -280,16 +280,16 @@
}, },
{ {
"name": "aws/aws-sdk-php", "name": "aws/aws-sdk-php",
"version": "3.218.1", "version": "3.218.2",
"source": { "source": {
"type": "git", "type": "git",
"url": "https://github.com/aws/aws-sdk-php.git", "url": "https://github.com/aws/aws-sdk-php.git",
"reference": "fd902a4766d61afac98f7e7746736ba741d4dcce" "reference": "dd981c2e95fd1dd65d8e05b30e257b8413d63071"
}, },
"dist": { "dist": {
"type": "zip", "type": "zip",
"url": "https://api.github.com/repos/aws/aws-sdk-php/zipball/fd902a4766d61afac98f7e7746736ba741d4dcce", "url": "https://api.github.com/repos/aws/aws-sdk-php/zipball/dd981c2e95fd1dd65d8e05b30e257b8413d63071",
"reference": "fd902a4766d61afac98f7e7746736ba741d4dcce", "reference": "dd981c2e95fd1dd65d8e05b30e257b8413d63071",
"shasum": "" "shasum": ""
}, },
"require": { "require": {
@@ -365,9 +365,9 @@
"support": { "support": {
"forum": "https://forums.aws.amazon.com/forum.jspa?forumID=80", "forum": "https://forums.aws.amazon.com/forum.jspa?forumID=80",
"issues": "https://github.com/aws/aws-sdk-php/issues", "issues": "https://github.com/aws/aws-sdk-php/issues",
"source": "https://github.com/aws/aws-sdk-php/tree/3.218.1" "source": "https://github.com/aws/aws-sdk-php/tree/3.218.2"
}, },
"time": "2022-04-01T18:14:25+00:00" "time": "2022-04-04T18:18:52+00:00"
}, },
{ {
"name": "bacon/bacon-qr-code", "name": "bacon/bacon-qr-code",

6
config/fortify.php
View File

@@ -131,12 +131,8 @@ return [
*/ */
'features' => [ 'features' => [
// Features::registration(),
//Features::resetPasswords(),
// Features::emailVerification(),
Features::updateProfileInformation(),
//Features::updatePasswords(),
Features::twoFactorAuthentication([ Features::twoFactorAuthentication([
'confirm' => true,
'confirmPassword' => true, 'confirmPassword' => true,
]), ]),
], ],

4
config/language-translations.php
View File

@@ -656,7 +656,6 @@ return [
'confirm_your_password' => 'Confirm Your Password', 'confirm_your_password' => 'Confirm Your Password',
'popup_2fa.help' => 'Scan the image above with the <b class="text-theme dark-text-theme">two-factor authentication app</b> on your phone.', 'popup_2fa.help' => 'Scan the image above with the <b class="text-theme dark-text-theme">two-factor authentication app</b> on your phone.',
'confirm' => 'Confirm', 'confirm' => 'Confirm',
'popup_2fa.disappear_qr' => 'Really disappear this QR code?',
'popup_2fa.toaster_enabled' => 'Your 2FA was enabled successfully!', 'popup_2fa.toaster_enabled' => 'Your 2FA was enabled successfully!',
'popup_2fa.toaster_disabled' => 'Your 2FA was disabled!', 'popup_2fa.toaster_disabled' => 'Your 2FA was disabled!',
'popup_2fa.switch_title' => 'Enable / Disable Two Factor Authentication', 'popup_2fa.switch_title' => 'Enable / Disable Two Factor Authentication',
@@ -938,5 +937,8 @@ return [
'server_settings' => 'Server / Settings', 'server_settings' => 'Server / Settings',
'user_features' => 'User Features', 'user_features' => 'User Features',
'upload_settings' => 'Upload Settings', 'upload_settings' => 'Upload Settings',
'set_up_2fa_app' => 'Set up Your Authenticator App',
'confirm_your_code' => 'Confirm Your Code',
'paste_code_from_2fa_app' => 'Paste the latest code from 2fa app...',
], ],
]; ];

3
config/vuefilemanager.php
View File

@@ -1,7 +1,7 @@
<?php <?php
return [ return [
'version' => '2.0.13', 'version' => '2.0.14',
'is_demo' => env('APP_DEMO', false), 'is_demo' => env('APP_DEMO', false),
@@ -61,5 +61,6 @@ return [
'updates' => [ 'updates' => [
'2_0_10', '2_0_10',
'2_0_13', '2_0_13',
'2_0_14',
], ],
]; ];

34
database/migrations/2022_04_05_161750_update_tables_to_v2.0.14_table.php Normal file
View File

@@ -0,0 +1,34 @@
<?php
use Illuminate\Database\Migrations\Migration;
use Illuminate\Database\Schema\Blueprint;
use Illuminate\Support\Facades\Schema;
return new class extends Migration
{
/**
* Run the migrations.
*
* @return void
*/
public function up()
{
Schema::table('users', function (Blueprint $table) {
$table->timestamp('two_factor_confirmed_at')
->after('two_factor_recovery_codes')
->nullable();
});
}
/**
* Reverse the migrations.
*
* @return void
*/
public function down()
{
Schema::table('users', function (Blueprint $table) {
$table->dropColumn('two_factor_confirmed_at');
});
}
};

4
public/mix-manifest.json
View File

@@ -57,9 +57,9 @@
"/chunks/sign-up.js": "/chunks/sign-up.js?id=bb92bad614e60d45", "/chunks/sign-up.js": "/chunks/sign-up.js?id=bb92bad614e60d45",
"/chunks/forgotten-password.js": "/chunks/forgotten-password.js?id=50a1bc5e4ed86ec9", "/chunks/forgotten-password.js": "/chunks/forgotten-password.js?id=50a1bc5e4ed86ec9",
"/chunks/create-new-password.js": "/chunks/create-new-password.js?id=f652de052dba55c1", "/chunks/create-new-password.js": "/chunks/create-new-password.js?id=f652de052dba55c1",
"/chunks/settings.js": "/chunks/settings.js?id=71119613323ea819", "/chunks/settings.js": "/chunks/settings.js?id=1d4093d2045bac71",
"/chunks/profile.js": "/chunks/profile.js?id=0eca231475e267ab", "/chunks/profile.js": "/chunks/profile.js?id=0eca231475e267ab",
"/chunks/settings-password.js": "/chunks/settings-password.js?id=11d4331650cac280", "/chunks/settings-password.js": "/chunks/settings-password.js?id=3755d41eaf50a5b1",
"/chunks/settings-storage.js": "/chunks/settings-storage.js?id=994b669a56fd417b", "/chunks/settings-storage.js": "/chunks/settings-storage.js?id=994b669a56fd417b",
"/chunks/billing.js": "/chunks/billing.js?id=40e758c87bcf6e89", "/chunks/billing.js": "/chunks/billing.js?id=40e758c87bcf6e89",
"/chunks/platform.js": "/chunks/platform.js?id=490c3586a4dca9fb", "/chunks/platform.js": "/chunks/platform.js?id=490c3586a4dca9fb",

2
resources/js/components/Others/ConfirmPassword.vue
View File

@@ -68,7 +68,7 @@ export default {
data() { data() {
return { return {
isLoading: false, isLoading: false,
password: '', password: undefined,
args: undefined, args: undefined,
} }
}, },

97
resources/js/components/Others/TwoFactorQrSetupPopup.vue
View File

@@ -1,6 +1,6 @@
<template> <template>
<PopupWrapper name="two-factor-qr-setup"> <PopupWrapper name="two-factor-qr-setup">
<PopupHeader :title="$t('confirm_your_password')" icon="edit" /> <PopupHeader :title="$t('set_up_2fa_app')" icon="edit" />
<PopupContent> <PopupContent>
<div v-if="qrCode" class="flex justify-center"> <div v-if="qrCode" class="flex justify-center">
@@ -10,27 +10,42 @@
<InfoBox style="margin-bottom: 0"> <InfoBox style="margin-bottom: 0">
<p v-html="$t('popup_2fa.help')"></p> <p v-html="$t('popup_2fa.help')"></p>
</InfoBox> </InfoBox>
<ValidationObserver @submit.prevent="confirm2FaSetup" ref="codeForm" v-slot="{ invalid }" tag="form" class="mt-5">
<ValidationProvider tag="div" mode="passive" name="Code" rules="required" v-slot="{ errors }">
<AppInputText :title="$t('confirm')" :error="errors[0]" :is-last="true">
<input
v-model="code"
:class="{ '!border-rose-600': errors[0] }"
type="text"
ref="input"
class="focus-border-theme input-dark"
:placeholder="$t('paste_code_from_2fa_app')"
/>
</AppInputText>
</ValidationProvider>
</ValidationObserver>
</PopupContent> </PopupContent>
<PopupActions> <PopupActions>
<ButtonBase class="w-full" @click.native="closeQrCodePopup" :button-style="closeQrButtonStyle"> <ButtonBase @click.native="confirm2FaSetup" class="w-full" button-style="theme" :loading="isLoading">
{{ closeQrButtonText }} {{ $t('confirm_your_code') }}
</ButtonBase> </ButtonBase>
</PopupActions> </PopupActions>
</PopupWrapper> </PopupWrapper>
</template> </template>
<script> <script>
import AppInputText from '../Admin/AppInputText'
import { ValidationProvider, ValidationObserver } from 'vee-validate/dist/vee-validate.full' import { ValidationProvider, ValidationObserver } from 'vee-validate/dist/vee-validate.full'
import { required } from 'vee-validate/dist/rules'
import ButtonBase from '../FilesView/ButtonBase'
import AppInputText from '../Admin/AppInputText'
import PopupWrapper from './Popup/PopupWrapper' import PopupWrapper from './Popup/PopupWrapper'
import PopupActions from './Popup/PopupActions' import PopupActions from './Popup/PopupActions'
import PopupContent from './Popup/PopupContent' import PopupContent from './Popup/PopupContent'
import PopupHeader from './Popup/PopupHeader' import PopupHeader from './Popup/PopupHeader'
import ButtonBase from '../FilesView/ButtonBase'
import InfoBox from './Forms/InfoBox' import InfoBox from './Forms/InfoBox'
import { required } from 'vee-validate/dist/rules'
import { mapGetters } from 'vuex'
import { events } from '../../bus' import { events } from '../../bus'
import axios from 'axios' import axios from 'axios'
@@ -48,31 +63,49 @@ export default {
required, required,
InfoBox, InfoBox,
}, },
computed: {
...mapGetters(['user']),
closeQrButtonText() {
return this.isConfirmedClose ? this.$t('popup_2fa.disappear_qr') : this.$t('awesome_iam_done')
},
closeQrButtonStyle() {
return this.isConfirmedClose ? 'danger' : 'theme'
},
},
data() { data() {
return { return {
qrCode: undefined,
isLoading: false, isLoading: false,
qrCode: '', code: undefined
isConfirmedClose: false,
} }
}, },
methods: { methods: {
async confirm2FaSetup() {
// Validate fields
const isValid = await this.$refs.codeForm.validate()
if (!isValid) return
this.isLoading = true
axios
.post('/user/confirmed-two-factor-authentication', {code: this.code})
.then(() => {
this.$store.commit('CHANGE_TWO_FACTOR_AUTHENTICATION_STATE', true)
this.$closePopup()
events.$emit('toaster', {
type: 'success',
message: this.$t('popup_2fa.toaster_enabled'),
})
})
.catch((error) => {
if (error.response.status === 422) {
this.$refs.codeForm.setErrors({
'Code': error.response.data.errors['code'][0],
})
}
})
.finally(() => this.isLoading = false)
},
enable() { enable() {
axios axios
.post('/user/two-factor-authentication') .post('/user/two-factor-authentication')
.then(() => { .then(() => {
this.$store.commit('CHANGE_TWO_FACTOR_AUTHENTICATION_STATE', true) this.getQrCode()
})
this.getQrCode()
})
.catch(() => { .catch(() => {
this.$isSomethingWrong() this.$isSomethingWrong()
}) })
@@ -87,28 +120,12 @@ export default {
this.$isSomethingWrong() this.$isSomethingWrong()
}) })
}, },
closeQrCodePopup() {
if (!this.isConfirmedClose) {
this.isConfirmedClose = true
} else {
events.$emit('toaster', {
type: 'success',
message: this.$t('popup_2fa.toaster_enabled'),
})
this.qrCode = undefined
this.isConfirmedClose = false
this.$closePopup()
}
},
}, },
created() { created() {
// Show popup
events.$on('popup:open', (args) => { events.$on('popup:open', (args) => {
if (args.name !== 'two-factor-qr-setup') return if (args.name !== 'two-factor-qr-setup') return
this.enable() this.enable()
}) })
}, },
} }

2
resources/js/store/modules/userAuth.js vendored
View File

@@ -135,7 +135,7 @@ const actions = {
const mutations = { const mutations = {
CHANGE_TWO_FACTOR_AUTHENTICATION_STATE(state, condition) { CHANGE_TWO_FACTOR_AUTHENTICATION_STATE(state, condition) {
state.user.data.attributes.two_factor_authentication = condition state.user.data.attributes.two_factor_confirmed_at = condition
}, },
RETRIEVE_USER(state, user) { RETRIEVE_USER(state, user) {
state.user = user state.user = user

10
resources/js/views/User/Password.vue
View File

@@ -8,18 +8,18 @@
<AppInputSwitch <AppInputSwitch
:title="$t('popup_2fa.switch_title')" :title="$t('popup_2fa.switch_title')"
:description="$t('popup_2fa.switch_info')" :description="$t('popup_2fa.switch_info')"
:is-last="!user.data.attributes.two_factor_authentication" :is-last="!user.data.attributes.two_factor_confirmed_at"
> >
<SwitchInput <SwitchInput
@click.native="toggle2Fa" @click.native="toggle2Fa"
:is-disabled="true" :is-disabled="true"
v-model="user.data.attributes.two_factor_authentication" v-model="user.data.attributes.two_factor_confirmed_at"
class="switch" class="switch"
:state="user.data.attributes.two_factor_authentication" :state="user.data.attributes.two_factor_confirmed_at"
/> />
</AppInputSwitch> </AppInputSwitch>
<AppInputButton <AppInputButton
v-if="user && user.data.attributes.two_factor_authentication" v-if="user && user.data.attributes.two_factor_confirmed_at"
:title="$t('show_recovery_codes')" :title="$t('show_recovery_codes')"
:description="$t('popup_2fa.codes_info')" :description="$t('popup_2fa.codes_info')"
:is-last="true" :is-last="true"
@@ -184,7 +184,7 @@ export default {
}, },
methods: { methods: {
toggle2Fa() { toggle2Fa() {
this.user.data.attributes.two_factor_authentication ? this.disable2faPopup() : this.enable2faPopup() this.user.data.attributes.two_factor_confirmed_at ? this.disable2faPopup() : this.enable2faPopup()
}, },
async resetPassword() { async resetPassword() {
// Validate fields // Validate fields

5
src/App/Users/Resources/UserResource.php
View File

@@ -36,8 +36,9 @@ class UserResource extends JsonResource
'avatar' => $this->settings->avatar, 'avatar' => $this->settings->avatar,
'email' => is_demo() ? obfuscate_email($this->email) : $this->email, 'email' => is_demo() ? obfuscate_email($this->email) : $this->email,
'role' => $this->role, 'role' => $this->role,
'two_factor_authentication' => (bool) $this->two_factor_secret, 'two_factor_authentication' => (bool)$this->two_factor_secret,
'socialite_account' => ! (bool) $this->password, 'two_factor_confirmed_at' => $this->two_factor_confirmed_at,
'socialite_account' => !(bool)$this->password,
'storage' => $this->storage, 'storage' => $this->storage,
'created_at' => format_date($this->created_at, 'd. M. Y'), 'created_at' => format_date($this->created_at, 'd. M. Y'),
'updated_at' => format_date($this->updated_at, 'd. M. Y'), 'updated_at' => format_date($this->updated_at, 'd. M. Y'),

10
src/Domain/Maintenance/Controllers/UpgradeSystemController.php
View File

@@ -5,6 +5,7 @@ use DB;
use Schema; use Schema;
use Storage; use Storage;
use Artisan; use Artisan;
use App\Users\Models\User;
use Illuminate\Support\Arr; use Illuminate\Support\Arr;
use Illuminate\Http\Request; use Illuminate\Http\Request;
use Domain\Files\Models\File; use Domain\Files\Models\File;
@@ -133,4 +134,13 @@ class UpgradeSystemController extends Controller
Artisan::call('subscription:synchronize-plans'); Artisan::call('subscription:synchronize-plans');
} }
} }
private function upgrade_to_2_0_14(): void
{
($this->upgradeDatabase)();
User::whereNotNull('two_factor_secret')
->cursor()
->each(fn ($user) => $user->forceFill(['two_factor_confirmed_at' => now()])->save());
}
} }