Added Admin TOTP to admin security page

This commit is contained in:
djmaze 2021-11-18 14:14:14 +01:00
parent 98aff451f5
commit 8ac116d0a4
6 changed files with 46 additions and 49 deletions

View file

@ -195,20 +195,6 @@ class RemoteAdminFetch extends AbstractFetchRemote {
this.defaultRequest(fCallback, 'AdminContactsTest', oData);
}
/**
* @param {?Function} fCallback
* @param {?} oData
*/
saveNewAdminPassword(fCallback, oData) {
this.defaultRequest(fCallback, 'AdminPasswordUpdate', oData);
}
/**
* @param {?Function} fCallback
*/
phpExtensions(fCallback) {
this.defaultRequest(fCallback, 'AdminPHPExtensions');
}
}
export default new RemoteAdminFetch();

View file

@ -9,7 +9,7 @@ export class AboutAdminSettings /*extends AbstractViewSettings*/ {
}
onBuild() {
Remote.phpExtensions((iError, data) => iError || this.phpextensions(data.Result));
Remote.defaultRequest((iError, data) => iError || this.phpextensions(data.Result), 'AdminPHPExtensions');
}
}

View file

@ -22,6 +22,7 @@ export class SecurityAdminSettings /*extends AbstractViewSettings*/ {
adminPasswordNew: '',
adminPasswordNew2: '',
adminPasswordNewError: false,
adminTOTP: SettingsGet('AdminTOTP'),
adminPasswordUpdateError: false,
adminPasswordUpdateSuccess: false,
@ -91,7 +92,7 @@ export class SecurityAdminSettings /*extends AbstractViewSettings*/ {
this.adminPasswordUpdateError(false);
this.adminPasswordUpdateSuccess(false);
Remote.saveNewAdminPassword((iError, data) => {
Remote.defaultRequest((iError, data) => {
if (iError) {
this.adminPasswordUpdateError(true);
} else {
@ -103,10 +104,11 @@ export class SecurityAdminSettings /*extends AbstractViewSettings*/ {
this.weakPassword(!!data.Result.Weak);
}
}, {
}, 'AdminPasswordUpdate', {
'Login': this.adminLogin(),
'Password': this.adminPassword(),
'NewPassword': this.adminPasswordNew()
'NewPassword': this.adminPasswordNew(),
'TOTP': this.adminTOTP()
});
return true;

View file

@ -873,7 +873,38 @@ class Actions
$sLanguage = $oConfig->Get('webmail', 'language', 'en');
$UserLanguageRaw = $this->detectUserLanguage($bAdmin);
if (!$bAdmin) {
if ($bAdmin) {
$aResult['Auth'] = $this->IsAdminLoggined(false);
if ($aResult['Auth']) {
$aResult['AdminDomain'] = APP_SITE;
$aResult['AdminLogin'] = (string)$oConfig->Get('security', 'admin_login', '');
$aResult['AdminTOTP'] = (string)$oConfig->Get('security', 'admin_totp', '');
$aResult['UseTokenProtection'] = (bool)$oConfig->Get('security', 'csrf_protection', true);
$aResult['EnabledPlugins'] = (bool)$oConfig->Get('plugins', 'enable', false);
$aResult['VerifySslCertificate'] = (bool)$oConfig->Get('ssl', 'verify_certificate', false);
$aResult['AllowSelfSigned'] = (bool)$oConfig->Get('ssl', 'allow_self_signed', true);
$aResult['supportedPdoDrivers'] = \RainLoop\Common\PdoAbstract::getAvailableDrivers();
$aResult['ContactsEnable'] = (bool)$oConfig->Get('contacts', 'enable', false);
$aResult['ContactsSync'] = (bool)$oConfig->Get('contacts', 'allow_sync', false);
$aResult['ContactsPdoType'] = (string)$this->ValidateContactPdoType(\trim($this->Config()->Get('contacts', 'type', 'sqlite')));
$aResult['ContactsPdoDsn'] = (string)$oConfig->Get('contacts', 'pdo_dsn', '');
$aResult['ContactsPdoType'] = (string)$oConfig->Get('contacts', 'type', '');
$aResult['ContactsPdoUser'] = (string)$oConfig->Get('contacts', 'pdo_user', '');
$aResult['ContactsPdoPassword'] = (string)APP_DUMMY;
$aResult['WeakPassword'] = \is_file($passfile);
$aResult['PhpUploadSizes'] = array(
'upload_max_filesize' => \ini_get('upload_max_filesize'),
'post_max_size' => \ini_get('post_max_size')
);
}
$aResult['Capa'] = $this->Capa(true);
} else {
$oAccount = $this->getAccountFromToken(false);
if ($oAccount) {
$aResult['Auth'] = true;
@ -986,36 +1017,6 @@ class Actions
}
$aResult['Capa'] = $this->Capa(false, $oAccount);
} else {
$aResult['Auth'] = $this->IsAdminLoggined(false);
if ($aResult['Auth']) {
$aResult['AdminDomain'] = APP_SITE;
$aResult['AdminLogin'] = (string)$oConfig->Get('security', 'admin_login', '');
$aResult['UseTokenProtection'] = (bool)$oConfig->Get('security', 'csrf_protection', true);
$aResult['EnabledPlugins'] = (bool)$oConfig->Get('plugins', 'enable', false);
$aResult['VerifySslCertificate'] = (bool)$oConfig->Get('ssl', 'verify_certificate', false);
$aResult['AllowSelfSigned'] = (bool)$oConfig->Get('ssl', 'allow_self_signed', true);
$aResult['supportedPdoDrivers'] = \RainLoop\Common\PdoAbstract::getAvailableDrivers();
$aResult['ContactsEnable'] = (bool)$oConfig->Get('contacts', 'enable', false);
$aResult['ContactsSync'] = (bool)$oConfig->Get('contacts', 'allow_sync', false);
$aResult['ContactsPdoType'] = (string)$this->ValidateContactPdoType(\trim($this->Config()->Get('contacts', 'type', 'sqlite')));
$aResult['ContactsPdoDsn'] = (string)$oConfig->Get('contacts', 'pdo_dsn', '');
$aResult['ContactsPdoType'] = (string)$oConfig->Get('contacts', 'type', '');
$aResult['ContactsPdoUser'] = (string)$oConfig->Get('contacts', 'pdo_user', '');
$aResult['ContactsPdoPassword'] = (string)APP_DUMMY;
$aResult['WeakPassword'] = \is_file($passfile);
$aResult['PhpUploadSizes'] = array(
'upload_max_filesize' => \ini_get('upload_max_filesize'),
'post_max_size' => \ini_get('post_max_size')
);
}
$aResult['Capa'] = $this->Capa(true);
}
$sStaticCache = $this->StaticCache();

View file

@ -248,6 +248,8 @@ trait Admin
$passfile = APP_PRIVATE_DATA.'admin_password.txt';
$oConfig->Set('security', 'admin_totp', $this->GetActionParam('TOTP', ''));
if ($oConfig->ValidatePassword($sPassword))
{
if (\strlen($sLogin))

View file

@ -42,6 +42,12 @@
<input type="password" autocomplete="new-password" autocorrect="off" autocapitalize="off" spellcheck="false"
data-bind="textInput: adminPasswordNew2" />
</div>
<div class="control-group">
<label data-i18n="LOGIN/LABEL_TOTP"></label>
<input type="text" autocomplete="off" autocorrect="off" autocapitalize="off" spellcheck="false"
pattern="[A-Z2-7]{16,}"
data-bind="textInput: adminTOTP" />
</div>
<div class="control-group">
<a class="btn" data-bind="command: saveNewAdminPasswordCommand, css: { 'btn-success': adminPasswordUpdateSuccess, 'btn-danger': adminPasswordUpdateError }">
<i class="fontastic">🔑</i>