deepcrayon
/
lila
1
0
Fork 0
Code Releases Activity

port 2fa to scalatags

pull/4877/head
Niklas Fiekas 2019-02-04 17:44:29 +01:00
parent 3c4bcf97be
commit 4fdd6280fe
5 changed files with 66 additions and 54 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
app/controllers/Account.scala
View File

@ -186,11 +186,11 @@ object Account extends LilaController {
def twoFactor = Auth { implicit ctx => me =>
if (me.totpSecret.isDefined)
Env.security.forms.disableTwoFactor(me) map { form =>
html.account.disableTwoFactor(me, form)
html.account.twoFactor.disable(me, form)
}
else
Env.security.forms.setupTwoFactor(me) map { form =>
html.account.setupTwoFactor(me, form)
html.account.twoFactor.setup(me, form)
}
}
@ -200,7 +200,7 @@ object Account extends LilaController {
val currentSessionId = ~Env.security.api.reqSessionId(ctx.req)
Env.security.forms.setupTwoFactor(me) flatMap { form =>
FormFuResult(form) { err =>
fuccess(html.account.setupTwoFactor(me, err))
fuccess(html.account.twoFactor.setup(me, err))
} { data =>
UserRepo.setupTwoFactor(me.id, TotpSecret(data.secret)) >>
lila.security.Store.closeUserExceptSessionId(me.id, currentSessionId) inject
@ -215,7 +215,7 @@ object Account extends LilaController {
implicit val req = ctx.body
Env.security.forms.disableTwoFactor(me) flatMap { form =>
FormFuResult(form) { err =>
fuccess(html.account.disableTwoFactor(me, err))
fuccess(html.account.twoFactor.disable(me, err))
} { _ =>
UserRepo.disableTwoFactor(me.id) inject Redirect(routes.Account.twoFactor)
}

18
app/views/account/disableTwoFactor.scala.html
View File

@ -1,18 +0,0 @@
@(u: User, form: Form[_])(implicit ctx: Context)
@import lila.app.ui.ScalatagsTwirlForm._
@account.layout(
title = s"${u.username} - Two-factor authentication",
active = "twofactor",
evenMoreCss = cssTag("form3.css")) {
<div class="content_box small_box high twofactor">
<h1 class="lichess_title"><i data-icon="E" class="is-green"></i> Two-factor authentication enabled</h1>
<p class="explanation">Your account is protected with two-factor authentication.</p>
<form class="form3" action="@routes.Account.disableTwoFactor" method="POST">
<p class="explanation">You need your password and an authentication code from your authenticator app to disable two-factor authentication.</p>
@form3.password(form("passwd"), trans.password.frag()).toHtml
@form3.group(form("token"), raw("Authentication code"))(form3.input(_)(*.pattern := "[0-9]{6}", *.autocomplete := "off"))
@form3.actionHtml(form3.submit(raw("Disable two-factor authentication"), icon = None))
</form>
</div>
}.toHtml

31
app/views/account/setupTwoFactor.scala.html
View File

@ -1,31 +0,0 @@
@(u: User, form: Form[_])(implicit ctx: Context)
@import lila.app.ui.ScalatagsTwirlForm._
@moreJs = {
@jsAt("javascripts/vendor/qrcode.min.js")
@jsTag("twofactor.form.js")
}
@account.layout(
title = s"${u.username} - Two-factor authentication",
active = "twofactor",
evenMoreCss = cssTag("form3.css"),
evenMoreJs = moreJs) {
<div class="content_box small_box high twofactor">
<h1 class="lichess_title">Setup two-factor authentication</h1>
<form class="form3" action="@routes.Account.setupTwoFactor" method="POST">
<div class="form-group">Two-factor authentication adds another layer of security to your account.</div>
<div class="form-group">Get an app for two-factor authentication, for example Google Authenticator for <a class="blue" href="https://play.google.com/store/apps/details?id=com.google.android.apps.authenticator2">Android</a> or <a class="blue" href="https://itunes.apple.com/app/google-authenticator/id388497605?mt=8">iOS.</a></div>
<div class="form-group">Scan the QR code with the app.</div>
<div style="width: 276px; height: 275px; padding: 10px; background: white; margin: 2em auto;">
<div id="qrcode" style="width: 256px; height: 256px;"></div>
</div>
<div class="form-group explanation">Enter your password and the authentication code generated by the app to complete the setup. You will need an authentication code every time you log in.</div>
@form3.hidden(form("secret"))
@form3.password(form("passwd"), trans.password.frag()).toHtml
@form3.group(form("token"), raw("Authentication code"))(form3.input(_)(*.pattern := "[0-9]{6}", *.autocomplete := "off"))
@form3.globalError(form)
@form3.actionHtml(form3.submit(raw("Enable two-factor authentication")))
</form>
</div>
}.toHtml

61
app/views/account/twoFactor.scala 100644
View File

@ -0,0 +1,61 @@
package views.html
package account
import lila.api.Context
import lila.app.templating.Environment._
import lila.app.ui.ScalatagsTemplate._
import controllers.routes
object twoFactor {
private val qrCode = raw("""<div style="width: 276px; height: 275px; padding: 10px; background: white; margin: 2em auto;"><div id="qrcode" style="width: 256px; height: 256px;"></div></div>""")
def setup(u: lila.user.User, form: play.api.data.Form[_])(implicit ctx: Context) = account.layout(
title = s"${u.username} - Two-factor authentication",
active = "twofactor",
evenMoreCss = cssTag("form3.css"),
evenMoreJs = frag(
jsAt("javascripts/vendor/qrcode.min.js"),
jsTag("twofactor.form.js")
)
) {
div(cls := "content_box small_box high twofactor")(
h1(cls := "lichess_title")("Setup two-factor authentication"),
st.form(cls := "form3", action := routes.Account.setupTwoFactor, method := "POST")(
div(cls := "form-group")("Two-factor authentication adds another layer of security to your account."),
div(cls := "form-group")(
raw("""Get an app for two-factor authentication, for example Google Authenticator for <a class="blue" href="https://play.google.com/store/apps/details?id=com.google.android.apps.authenticator2">Android</a> or <a class="blue" href="https://itunes.apple.com/app/google-authenticator/id388497605?mt=8">iOS.</a>""")
),
div(cls := "form-group")("Scan the QR code with the app."),
qrCode,
div(cls := "form-group explanation")("Enter your password and the authentication code generated by the app to complete the setup. You will need an authentication code every time you log in."),
form3.hidden(form("secret")),
form3.password(form("passwd"), trans.password.frag()),
form3.group(form("token"), raw("Authentication code"))(form3.input(_)(pattern := "[0-9]{6}", autocomplete := "off", required := "")),
form3.globalError(form),
form3.actionHtml(form3.submit(raw("Enable two-factor authentication")))
)
)
}
def disable(u: lila.user.User, form: play.api.data.Form[_])(implicit ctx: Context) = account.layout(
title = s"${u.username} - Two-factor authentication",
active = "twofactor",
evenMoreCss = cssTag("form3.css")
) {
div(cls := "content_box small_box high twofactor")(
h1(cls := "lichess_title")(
raw("""<i data-icon="E" class="is-green"></i> """),
"Two-factor authentication enabled"
),
p(cls := "explanation")("Your account is protected with two-factor authentication."),
st.form(cls := "form3", action := routes.Account.disableTwoFactor, method := "POST")(
p(cls := "explanation")("You need your password and an authentication code from your authenticator app to disable two-factor authentication."),
form3.password(form("passwd"), trans.password.frag()),
form3.group(form("token"), raw("Authentication code"))(form3.input(_)(pattern := "[0-9]{6}", autocomplete := "off", required := "")),
form3.actionHtml(form3.submit(raw("Disable two-factor authentication"), icon = None))
)
)
}
}

2
modules/security/src/main/DataForm.scala
View File

@ -133,7 +133,7 @@ final class DataForm(
def disableTwoFactor(u: User) = authenticator loginCandidate u map { candidate =>
Form(tuple(
"passwd" -> passwordMapping(candidate),
"token" -> text.verifying("invalidAuthenticationToken", t => u.totpSecret.??(_.verify(TotpToken(t))))
"token" -> text.verifying("invalidAuthenticationCode", t => u.totpSecret.??(_.verify(TotpToken(t))))
))
}