Add: cancel button for 2fa challenge

2025-07-30 01:04:09 +02:00 · 2025-07-24 21:48:36 +02:00 · 2025-07-24 21:48:36 +02:00 · b8cc14dc35
commit b8cc14dc35
parent dd2eefa50f
3 changed files with 62 additions and 6 deletions
--- a/application/controllers/AuthenticationController.php
+++ b/application/controllers/AuthenticationController.php
@ -8,6 +8,7 @@ use Icinga\Application\Icinga;
 use Icinga\Application\Logger;
 use Icinga\Common\Database;
 use Icinga\Exception\AuthenticationException;
+use Icinga\Forms\Authentication\Cancel2FAForm;
 use Icinga\Forms\Authentication\Challenge2FAForm;
 use Icinga\Forms\Authentication\LoginForm;
 use Icinga\Web\Controller;
@ -45,12 +46,14 @@ class AuthenticationController extends Controller
        }

        $user = $this->Auth()->getUser();
-        $form = ($user !== null
-            && $user->getTwoFactorEnabled()
-            && Session::getSession()->get('must_challenge_2fa_token', false) === true)
-            ? new Challenge2FAForm()
-            : new LoginForm();
-
+        if ($user !== null && $user->getTwoFactorEnabled()
+            && Session::getSession()->get('must_challenge_2fa_token', false) === true) {
+            $form = new Challenge2FAForm();
+            $cancel2faForm = new Cancel2FAForm();
+            $cancel2faForm->handleRequest();
+        } else {
+            $form = new LoginForm();
+        }

        if (RememberMe::hasCookie() && $this->hasDb()) {
            $authenticated = false;
@ -103,6 +106,7 @@ class AuthenticationController extends Controller
            $form->handleRequest();
        }
        $this->view->form = $form;
+        $this->view->cancel2faForm = $cancel2faForm ?? null;
        $this->view->defaultTitle = $this->translate('Icinga Web 2 Login');
        $this->view->requiresSetup = $requiresSetup;
    }
--- a/application/forms/Authentication/Cancel2FAForm.php
+++ b/application/forms/Authentication/Cancel2FAForm.php
@ -0,0 +1,51 @@
+<?php
+
+namespace Icinga\Forms\Authentication;
+
+use Icinga\Web\Form;
+use Icinga\Web\Session;
+use Icinga\Web\Url;
+
+class Cancel2FAForm extends Form
+{
+    /**
+     * {@inheritdoc}
+     */
+    public function init()
+    {
+        $this->setRequiredCue(null);
+        $this->setName('form_cancel_2fa');
+        $this->setSubmitLabel($this->translate('Cancel'));
+        $this->setProgressLabel($this->translate('Canceling'));
+        $this->setAttrib('class', 'content-centered');
+    }
+
+    /**
+     * {@inheritdoc}
+     */
+    public function createElements(array $formData)
+    {
+        $this->addElement(
+            'hidden',
+            'redirect',
+            [
+                'value' => Url::fromRequest()->getParam('redirect')
+            ]
+        );
+
+        $this->addElement(
+            'hidden',
+            'cancel_2fa',
+            [
+                'value' => true
+            ]
+        );
+    }
+
+    public function onSuccess()
+    {
+        Session::getSession()->purge();
+
+        return true;
+    }
+}
--- a/application/views/scripts/authentication/login.phtml
+++ b/application/views/scripts/authentication/login.phtml
@ -22,6 +22,7 @@
            ) ?></p>
        <?php endif ?>
        <?= $this->form ?>
+        <?= $this->cancel2faForm ?>
        <div id="login-footer">
            <p>Icinga Web 2 &copy; 2013-<?= date('Y') ?></p>
            <?= $this->qlink($this->translate('icinga.com'), 'https://icinga.com') ?>