mirror of
https://github.com/pixelfed/pixelfed.git
synced 2024-11-10 08:44:49 +00:00
Merge pull request #705 from pixelfed/frontend-ui-refactor
Frontend ui refactor
This commit is contained in:
daniel
GitHub
commit
137788b00c
5 changed files with 71 additions and 12 deletions
|
|
@ -339,6 +339,11 @@ class AccountController extends Controller
|
||||||
$request->session()->push('2fa.session.active', true);
|
$request->session()->push('2fa.session.active', true);
|
||||||
return redirect('/');
|
return redirect('/');
|
||||||
} else {
|
} else {
|
||||||
|
|
||||||
|
if($this->twoFactorBackupCheck($request, $code, $user)) {
|
||||||
|
return redirect('/');
|
||||||
|
}
|
||||||
|
|
||||||
if($request->session()->has('2fa.attempts')) {
|
if($request->session()->has('2fa.attempts')) {
|
||||||
$count = (int) $request->session()->has('2fa.attempts');
|
$count = (int) $request->session()->has('2fa.attempts');
|
||||||
$request->session()->push('2fa.attempts', $count + 1);
|
$request->session()->push('2fa.attempts', $count + 1);
|
||||||
|
|
@ -350,4 +355,31 @@ class AccountController extends Controller
|
||||||
]);
|
]);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
protected function twoFactorBackupCheck($request, $code, User $user)
|
||||||
|
{
|
||||||
|
$backupCodes = $user->{'2fa_backup_codes'};
|
||||||
|
if($backupCodes) {
|
||||||
|
$codes = json_decode($backupCodes, true);
|
||||||
|
foreach ($codes as $c) {
|
||||||
|
if(hash_equals($c, $code)) {
|
||||||
|
// remove code
|
||||||
|
$codes = array_flatten(array_diff($codes, [$code]));
|
||||||
|
$user->{'2fa_backup_codes'} = json_encode($codes);
|
||||||
|
$user->save();
|
||||||
|
$request->session()->push('2fa.session.active', true);
|
||||||
|
return true;
|
||||||
|
} else {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
public function accountRestored(Request $request)
|
||||||
|
{
|
||||||
|
//
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -110,6 +110,19 @@ trait SecuritySettings
|
||||||
return view('settings.security.2fa.recovery-codes', compact('user', 'codes'));
|
return view('settings.security.2fa.recovery-codes', compact('user', 'codes'));
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public function securityTwoFactorRecoveryCodesRegenerate(Request $request)
|
||||||
|
{
|
||||||
|
$user = Auth::user();
|
||||||
|
|
||||||
|
if(!$user->{'2fa_enabled'} || !$user->{'2fa_secret'}) {
|
||||||
|
abort(403);
|
||||||
|
}
|
||||||
|
$backups = $this->generateBackupCodes();
|
||||||
|
$user->{'2fa_backup_codes'} = json_encode($backups);
|
||||||
|
$user->save();
|
||||||
|
return redirect(route('settings.security.2fa.recovery'));
|
||||||
|
}
|
||||||
|
|
||||||
public function securityTwoFactorUpdate(Request $request)
|
public function securityTwoFactorUpdate(Request $request)
|
||||||
{
|
{
|
||||||
$user = Auth::user();
|
$user = Auth::user();
|
||||||
|
|
|
||||||
|
|
@ -23,7 +23,7 @@ return [
|
||||||
| This value is the version of your PixelFed instance.
|
| This value is the version of your PixelFed instance.
|
||||||
|
|
|
|
||||||
*/
|
*/
|
||||||
'version' => '0.7.5',
|
'version' => '0.7.6',
|
||||||
|
|
||||||
/*
|
/*
|
||||||
|--------------------------------------------------------------------------
|
|--------------------------------------------------------------------------
|
||||||
|
|
|
||||||
|
|
@ -7,16 +7,26 @@
|
||||||
</div>
|
</div>
|
||||||
|
|
||||||
<hr>
|
<hr>
|
||||||
|
@if(count($codes) > 0)
|
||||||
<p class="lead pb-3">
|
<p class="lead pb-3">
|
||||||
Each code can only be used once.
|
Each code can only be used once.
|
||||||
</p>
|
</p>
|
||||||
|
<ul class="list-group">
|
||||||
<p class="lead"></p>
|
@foreach($codes as $code)
|
||||||
<ul class="list-group">
|
<li class="list-group-item"><code>{{$code}}</code></li>
|
||||||
@foreach($codes as $code)
|
@endforeach
|
||||||
<li class="list-group-item"><code>{{$code}}</code></li>
|
</ul>
|
||||||
@endforeach
|
@else
|
||||||
</ul>
|
<div class="pt-5">
|
||||||
|
<h4 class="font-weight-bold">You are out of recovery codes</h4>
|
||||||
|
<p class="lead">Generate more recovery codes and store them in a safe place.</p>
|
||||||
|
<p>
|
||||||
|
<form method="post">
|
||||||
|
@csrf
|
||||||
|
<button type="submit" class="btn btn-primary font-weight-bold">Generate Recovery Codes</button>
|
||||||
|
</form>
|
||||||
|
</p>
|
||||||
|
</div>
|
||||||
|
@endif
|
||||||
|
|
||||||
@endsection
|
@endsection
|
||||||
|
|
@ -166,6 +166,10 @@ Route::domain(config('pixelfed.domain.app'))->middleware(['validemail', 'twofact
|
||||||
'2fa/recovery-codes',
|
'2fa/recovery-codes',
|
||||||
'SettingsController@securityTwoFactorRecoveryCodes'
|
'SettingsController@securityTwoFactorRecoveryCodes'
|
||||||
)->name('settings.security.2fa.recovery');
|
)->name('settings.security.2fa.recovery');
|
||||||
|
Route::post(
|
||||||
|
'2fa/recovery-codes',
|
||||||
|
'SettingsController@securityTwoFactorRecoveryCodesRegenerate'
|
||||||
|
);
|
||||||
});
|
});
|
||||||
|
|
||||||
Route::get('applications', 'SettingsController@applications')->name('settings.applications');
|
Route::get('applications', 'SettingsController@applications')->name('settings.applications');
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue