nexus/vuefilemanager
2
0
Fork 0
mirror of https://github.com/VueFileManager/vuefilemanager.git synced 2026-04-05 18:23:48 +00:00
Code Issues Packages Projects Releases Wiki Activity

confirm token in 2fa challenge

Browse Source
This commit is contained in:
Čarodej
2022-04-05 09:52:49 +02:00
parent 9f783fcd95
commit 10d8b592ea
13 changed files with 127 additions and 66 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
composer.json
View File

@@ -21,7 +21,7 @@
"intervention/image": "^2.7.1",
"jaybizzle/laravel-crawler-detect": "^1.2",
"kyslik/column-sortable": "^6.4.1",
"laravel/fortify": "^1.10.0",
"laravel/fortify": "^1.12.0",
"laravel/framework": "^9.2",
"laravel/sanctum": "^2.14.2",
"laravel/socialite": "^5.5.1",

14
composer.lock generated
View File

@@ -4,7 +4,7 @@
"Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies",
"This file is @generated automatically"
],
"content-hash": "669354d19fcd40d6005df2082a0f91c4",
"content-hash": "e528b8d32f34a87acd381ac8c3f3cef1",
"packages": [
{
"name": "amphp/amp",
@@ -280,16 +280,16 @@
},
{
"name": "aws/aws-sdk-php",
"version": "3.218.1",
"version": "3.218.2",
"source": {
"type": "git",
"url": "https://github.com/aws/aws-sdk-php.git",
"reference": "fd902a4766d61afac98f7e7746736ba741d4dcce"
"reference": "dd981c2e95fd1dd65d8e05b30e257b8413d63071"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/aws/aws-sdk-php/zipball/fd902a4766d61afac98f7e7746736ba741d4dcce",
"reference": "fd902a4766d61afac98f7e7746736ba741d4dcce",
"url": "https://api.github.com/repos/aws/aws-sdk-php/zipball/dd981c2e95fd1dd65d8e05b30e257b8413d63071",
"reference": "dd981c2e95fd1dd65d8e05b30e257b8413d63071",
"shasum": ""
},
"require": {
@@ -365,9 +365,9 @@
"support": {
"forum": "https://forums.aws.amazon.com/forum.jspa?forumID=80",
"issues": "https://github.com/aws/aws-sdk-php/issues",
"source": "https://github.com/aws/aws-sdk-php/tree/3.218.1"
"source": "https://github.com/aws/aws-sdk-php/tree/3.218.2"
},
"time": "2022-04-01T18:14:25+00:00"
"time": "2022-04-04T18:18:52+00:00"
},
{
"name": "bacon/bacon-qr-code",

6
config/fortify.php
View File

@@ -131,12 +131,8 @@ return [
*/
'features' => [
// Features::registration(),
//Features::resetPasswords(),
// Features::emailVerification(),
Features::updateProfileInformation(),
//Features::updatePasswords(),
Features::twoFactorAuthentication([
'confirm' => true,
'confirmPassword' => true,
]),
],

4
config/language-translations.php
View File

@@ -656,7 +656,6 @@ return [
'confirm_your_password' => 'Confirm Your Password',
'popup_2fa.help' => 'Scan the image above with the <b class="text-theme dark-text-theme">two-factor authentication app</b> on your phone.',
'confirm' => 'Confirm',
'popup_2fa.disappear_qr' => 'Really disappear this QR code?',
'popup_2fa.toaster_enabled' => 'Your 2FA was enabled successfully!',
'popup_2fa.toaster_disabled' => 'Your 2FA was disabled!',
'popup_2fa.switch_title' => 'Enable / Disable Two Factor Authentication',
@@ -938,5 +937,8 @@ return [
'server_settings' => 'Server / Settings',
'user_features' => 'User Features',
'upload_settings' => 'Upload Settings',
'set_up_2fa_app' => 'Set up Your Authenticator App',
'confirm_your_code' => 'Confirm Your Code',
'paste_code_from_2fa_app' => 'Paste the latest code from 2fa app...',
],
];

3
config/vuefilemanager.php
View File

@@ -1,7 +1,7 @@
<?php
return [
'version' => '2.0.13',
'version' => '2.0.14',
'is_demo' => env('APP_DEMO', false),
@@ -61,5 +61,6 @@ return [
'updates' => [
'2_0_10',
'2_0_13',
'2_0_14',
],
];

34
database/migrations/2022_04_05_161750_update_tables_to_v2.0.14_table.php Normal file
View File

@@ -0,0 +1,34 @@
<?php
use Illuminate\Database\Migrations\Migration;
use Illuminate\Database\Schema\Blueprint;
use Illuminate\Support\Facades\Schema;
return new class extends Migration
{
/**
* Run the migrations.
*
* @return void
*/
public function up()
{
Schema::table('users', function (Blueprint $table) {
$table->timestamp('two_factor_confirmed_at')
->after('two_factor_recovery_codes')
->nullable();
});
}
/**
* Reverse the migrations.
*
* @return void
*/
public function down()
{
Schema::table('users', function (Blueprint $table) {
$table->dropColumn('two_factor_confirmed_at');
});
}
};

4
public/mix-manifest.json
View File

@@ -57,9 +57,9 @@
"/chunks/sign-up.js": "/chunks/sign-up.js?id=bb92bad614e60d45",
"/chunks/forgotten-password.js": "/chunks/forgotten-password.js?id=50a1bc5e4ed86ec9",
"/chunks/create-new-password.js": "/chunks/create-new-password.js?id=f652de052dba55c1",
"/chunks/settings.js": "/chunks/settings.js?id=71119613323ea819",
"/chunks/settings.js": "/chunks/settings.js?id=1d4093d2045bac71",
"/chunks/profile.js": "/chunks/profile.js?id=0eca231475e267ab",
"/chunks/settings-password.js": "/chunks/settings-password.js?id=11d4331650cac280",
"/chunks/settings-password.js": "/chunks/settings-password.js?id=3755d41eaf50a5b1",
"/chunks/settings-storage.js": "/chunks/settings-storage.js?id=994b669a56fd417b",
"/chunks/billing.js": "/chunks/billing.js?id=40e758c87bcf6e89",
"/chunks/platform.js": "/chunks/platform.js?id=490c3586a4dca9fb",

2
resources/js/components/Others/ConfirmPassword.vue
View File

@@ -68,7 +68,7 @@ export default {
data() {
return {
isLoading: false,
password: '',
password: undefined,
args: undefined,
}
},

89
resources/js/components/Others/TwoFactorQrSetupPopup.vue
View File

@@ -1,6 +1,6 @@
<template>
<PopupWrapper name="two-factor-qr-setup">
<PopupHeader :title="$t('confirm_your_password')" icon="edit" />
<PopupHeader :title="$t('set_up_2fa_app')" icon="edit" />
<PopupContent>
<div v-if="qrCode" class="flex justify-center">
@@ -10,27 +10,42 @@
<InfoBox style="margin-bottom: 0">
<p v-html="$t('popup_2fa.help')"></p>
</InfoBox>
<ValidationObserver @submit.prevent="confirm2FaSetup" ref="codeForm" v-slot="{ invalid }" tag="form" class="mt-5">
<ValidationProvider tag="div" mode="passive" name="Code" rules="required" v-slot="{ errors }">
<AppInputText :title="$t('confirm')" :error="errors[0]" :is-last="true">
<input
v-model="code"
:class="{ '!border-rose-600': errors[0] }"
type="text"
ref="input"
class="focus-border-theme input-dark"
:placeholder="$t('paste_code_from_2fa_app')"
/>
</AppInputText>
</ValidationProvider>
</ValidationObserver>
</PopupContent>
<PopupActions>
<ButtonBase class="w-full" @click.native="closeQrCodePopup" :button-style="closeQrButtonStyle">
{{ closeQrButtonText }}
<ButtonBase @click.native="confirm2FaSetup" class="w-full" button-style="theme" :loading="isLoading">
{{ $t('confirm_your_code') }}
</ButtonBase>
</PopupActions>
</PopupWrapper>
</template>
<script>
import AppInputText from '../Admin/AppInputText'
import { ValidationProvider, ValidationObserver } from 'vee-validate/dist/vee-validate.full'
import { required } from 'vee-validate/dist/rules'
import ButtonBase from '../FilesView/ButtonBase'
import AppInputText from '../Admin/AppInputText'
import PopupWrapper from './Popup/PopupWrapper'
import PopupActions from './Popup/PopupActions'
import PopupContent from './Popup/PopupContent'
import PopupHeader from './Popup/PopupHeader'
import ButtonBase from '../FilesView/ButtonBase'
import InfoBox from './Forms/InfoBox'
import { required } from 'vee-validate/dist/rules'
import { mapGetters } from 'vuex'
import { events } from '../../bus'
import axios from 'axios'
@@ -48,29 +63,47 @@ export default {
required,
InfoBox,
},
computed: {
...mapGetters(['user']),
closeQrButtonText() {
return this.isConfirmedClose ? this.$t('popup_2fa.disappear_qr') : this.$t('awesome_iam_done')
},
closeQrButtonStyle() {
return this.isConfirmedClose ? 'danger' : 'theme'
},
},
data() {
return {
qrCode: undefined,
isLoading: false,
qrCode: '',
isConfirmedClose: false,
code: undefined
}
},
methods: {
async confirm2FaSetup() {
// Validate fields
const isValid = await this.$refs.codeForm.validate()
if (!isValid) return
this.isLoading = true
axios
.post('/user/confirmed-two-factor-authentication', {code: this.code})
.then(() => {
this.$store.commit('CHANGE_TWO_FACTOR_AUTHENTICATION_STATE', true)
this.$closePopup()
events.$emit('toaster', {
type: 'success',
message: this.$t('popup_2fa.toaster_enabled'),
})
})
.catch((error) => {
if (error.response.status === 422) {
this.$refs.codeForm.setErrors({
'Code': error.response.data.errors['code'][0],
})
}
})
.finally(() => this.isLoading = false)
},
enable() {
axios
.post('/user/two-factor-authentication')
.then(() => {
this.$store.commit('CHANGE_TWO_FACTOR_AUTHENTICATION_STATE', true)
this.getQrCode()
})
.catch(() => {
@@ -87,24 +120,8 @@ export default {
this.$isSomethingWrong()
})
},
closeQrCodePopup() {
if (!this.isConfirmedClose) {
this.isConfirmedClose = true
} else {
events.$emit('toaster', {
type: 'success',
message: this.$t('popup_2fa.toaster_enabled'),
})
this.qrCode = undefined
this.isConfirmedClose = false
this.$closePopup()
}
},
},
created() {
// Show popup
events.$on('popup:open', (args) => {
if (args.name !== 'two-factor-qr-setup') return

2
resources/js/store/modules/userAuth.js vendored
View File

@@ -135,7 +135,7 @@ const actions = {
const mutations = {
CHANGE_TWO_FACTOR_AUTHENTICATION_STATE(state, condition) {
state.user.data.attributes.two_factor_authentication = condition
state.user.data.attributes.two_factor_confirmed_at = condition
},
RETRIEVE_USER(state, user) {
state.user = user

10
resources/js/views/User/Password.vue
View File

@@ -8,18 +8,18 @@
<AppInputSwitch
:title="$t('popup_2fa.switch_title')"
:description="$t('popup_2fa.switch_info')"
:is-last="!user.data.attributes.two_factor_authentication"
:is-last="!user.data.attributes.two_factor_confirmed_at"
>
<SwitchInput
@click.native="toggle2Fa"
:is-disabled="true"
v-model="user.data.attributes.two_factor_authentication"
v-model="user.data.attributes.two_factor_confirmed_at"
class="switch"
:state="user.data.attributes.two_factor_authentication"
:state="user.data.attributes.two_factor_confirmed_at"
/>
</AppInputSwitch>
<AppInputButton
v-if="user && user.data.attributes.two_factor_authentication"
v-if="user && user.data.attributes.two_factor_confirmed_at"
:title="$t('show_recovery_codes')"
:description="$t('popup_2fa.codes_info')"
:is-last="true"
@@ -184,7 +184,7 @@ export default {
},
methods: {
toggle2Fa() {
this.user.data.attributes.two_factor_authentication ? this.disable2faPopup() : this.enable2faPopup()
this.user.data.attributes.two_factor_confirmed_at ? this.disable2faPopup() : this.enable2faPopup()
},
async resetPassword() {
// Validate fields

1
src/App/Users/Resources/UserResource.php
View File

@@ -37,6 +37,7 @@ class UserResource extends JsonResource
'email' => is_demo() ? obfuscate_email($this->email) : $this->email,
'role' => $this->role,
'two_factor_authentication' => (bool)$this->two_factor_secret,
'two_factor_confirmed_at' => $this->two_factor_confirmed_at,
'socialite_account' => !(bool)$this->password,
'storage' => $this->storage,
'created_at' => format_date($this->created_at, 'd. M. Y'),

10
src/Domain/Maintenance/Controllers/UpgradeSystemController.php
View File

@@ -5,6 +5,7 @@ use DB;
use Schema;
use Storage;
use Artisan;
use App\Users\Models\User;
use Illuminate\Support\Arr;
use Illuminate\Http\Request;
use Domain\Files\Models\File;
@@ -133,4 +134,13 @@ class UpgradeSystemController extends Controller
Artisan::call('subscription:synchronize-plans');
}
}
private function upgrade_to_2_0_14(): void
{
($this->upgradeDatabase)();
User::whereNotNull('two_factor_secret')
->cursor()
->each(fn ($user) => $user->forceFill(['two_factor_confirmed_at' => now()])->save());
}
}