Skip to content
Snippets Groups Projects
Verified Commit 67dfbcd0 authored by Jonas Leder's avatar Jonas Leder
Browse files

verify one code before enabling

parent b8588c1a
Branches
No related tags found
No related merge requests found
Show whitespace changes
Inline Side-by-side
migrations/Version20221125200723.php 0 → 100644
+ 31
0
View file @ 67dfbcd0
<?php
declare(strict_types=1);
namespace DoctrineMigrations;
use Doctrine\DBAL\Schema\Schema;
use Doctrine\Migrations\AbstractMigration;
/**
* Auto-generated Migration: Please modify to your needs!
*/
final class Version20221125200723 extends AbstractMigration
{
public function getDescription(): string
{
return '';
}
public function up(Schema $schema): void
{
// this up() migration is auto-generated, please modify it to your needs
$this->addSql('ALTER TABLE users ADD two_factor_enabled TINYINT(1) NOT NULL');
}
public function down(Schema $schema): void
{
// this down() migration is auto-generated, please modify it to your needs
$this->addSql('ALTER TABLE users DROP two_factor_enabled');
}
}
src/Controller/ProfileController.php
+ 22
1
View file @ 67dfbcd0
......@@ -71,7 +71,8 @@ class ProfileController extends AbstractController
}
#[Route('/profile/totp/config', methods: ['GET'])]
public function totpConfig(GoogleAuthenticatorInterface $totpInterface, ManagerRegistry $doctrine) {
public function totpConfig(GoogleAuthenticatorInterface $totpInterface, ManagerRegistry $doctrine): Response
{
/**
* @var Users $user
*/
......@@ -87,4 +88,24 @@ class ProfileController extends AbstractController
]
);
}
#[Route('/profile/totp/enable', methods: ['POST'], name: 'app_profile_totp_enable')]
public function totpEnable(GoogleAuthenticatorInterface $totpInterface, ManagerRegistry $doctrine, Request $request): Response
{
$code = $request->request->get('code');
/**
* @var Users $user
*/
$user = $this->getUser();
if (!$totpInterface->checkCode($user, $code)) {
$this->addFlash('error', [
'title' => 'TOTP not enabled',
'message'=> 'The code you entered is invalid, please try again.'
]);
return $this->redirectToRoute('app_profile');
}
$user->setGoogleAuthenticatorEnabled(true);
$doctrine->getManager()->flush();
return $this->redirectToRoute('app_profile');
}
}
src/Entity/Users.php
+ 11
1
View file @ 67dfbcd0
......@@ -42,6 +42,9 @@ class Users implements UserInterface, PasswordAuthenticatedUserInterface, TwoFa
#[ORM\Column(length: 255, nullable: true)]
private ?string $totpSecret = null;
#[ORM\Column]
private ?bool $twoFactorEnabled = false;
public function __construct()
{
$this->webResetter = new ArrayCollection();
......@@ -187,7 +190,7 @@ class Users implements UserInterface, PasswordAuthenticatedUserInterface, TwoFa
public function isGoogleAuthenticatorEnabled(): bool
{
return $this->totpSecret != null;
return $this->twoFactorEnabled;
}
public function getGoogleAuthenticatorUsername(): string
......@@ -207,4 +210,11 @@ class Users implements UserInterface, PasswordAuthenticatedUserInterface, TwoFa
return $this;
}
public function setGoogleAuthenticatorEnabled(bool $enabled): self
{
$this->twoFactorEnabled = $enabled;
return $this;
}
}
templates/pages/profile.html.twig
+ 9
0
View file @ 67dfbcd0
......@@ -36,6 +36,15 @@
<div id="totpSetup" style="display: none">
<img src="" alt="TOTP QR Code">
<p>Alternative you can use this code: <code></code></p>
<form method="post" action="{{ path('app_profile_totp_enable') }}">
<div class="form-group">
<label for="inputTwoFactorCode">2FA Code</label>
<input type="number" class="form-control" id="inputTwoFactorCode" name="code" aria-describedby="inputTwoFactorCode" placeholder="123456" required min="100000" max="999999">
</div>
<div class="form-group">
<button type="submit" class="btn btn-primary mt-2">Enable</button>
</div>
</form>
</div>
{% endif %}
</div>
......
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment