From b8cc14dc35321d2f67d43e6832a19d5fcc6f7efb Mon Sep 17 00:00:00 2001 From: Jan Schuppik Date: Thu, 24 Jul 2025 21:48:36 +0200 Subject: [PATCH] Add: cancel button for 2fa challenge --- .../controllers/AuthenticationController.php | 16 +++--- .../forms/Authentication/Cancel2FAForm.php | 51 +++++++++++++++++++ .../views/scripts/authentication/login.phtml | 1 + 3 files changed, 62 insertions(+), 6 deletions(-) create mode 100644 application/forms/Authentication/Cancel2FAForm.php diff --git a/application/controllers/AuthenticationController.php b/application/controllers/AuthenticationController.php index 07b2d9282..93294d61f 100644 --- a/application/controllers/AuthenticationController.php +++ b/application/controllers/AuthenticationController.php @@ -8,6 +8,7 @@ use Icinga\Application\Icinga; use Icinga\Application\Logger; use Icinga\Common\Database; use Icinga\Exception\AuthenticationException; +use Icinga\Forms\Authentication\Cancel2FAForm; use Icinga\Forms\Authentication\Challenge2FAForm; use Icinga\Forms\Authentication\LoginForm; use Icinga\Web\Controller; @@ -45,12 +46,14 @@ class AuthenticationController extends Controller } $user = $this->Auth()->getUser(); - $form = ($user !== null - && $user->getTwoFactorEnabled() - && Session::getSession()->get('must_challenge_2fa_token', false) === true) - ? new Challenge2FAForm() - : new LoginForm(); - + if ($user !== null && $user->getTwoFactorEnabled() + && Session::getSession()->get('must_challenge_2fa_token', false) === true) { + $form = new Challenge2FAForm(); + $cancel2faForm = new Cancel2FAForm(); + $cancel2faForm->handleRequest(); + } else { + $form = new LoginForm(); + } if (RememberMe::hasCookie() && $this->hasDb()) { $authenticated = false; @@ -103,6 +106,7 @@ class AuthenticationController extends Controller $form->handleRequest(); } $this->view->form = $form; + $this->view->cancel2faForm = $cancel2faForm ?? null; $this->view->defaultTitle = $this->translate('Icinga Web 2 Login'); $this->view->requiresSetup = $requiresSetup; } diff --git a/application/forms/Authentication/Cancel2FAForm.php b/application/forms/Authentication/Cancel2FAForm.php new file mode 100644 index 000000000..7dd8fd856 --- /dev/null +++ b/application/forms/Authentication/Cancel2FAForm.php @@ -0,0 +1,51 @@ +setRequiredCue(null); + $this->setName('form_cancel_2fa'); + $this->setSubmitLabel($this->translate('Cancel')); + $this->setProgressLabel($this->translate('Canceling')); + $this->setAttrib('class', 'content-centered'); + } + + /** + * {@inheritdoc} + */ + public function createElements(array $formData) + { + $this->addElement( + 'hidden', + 'redirect', + [ + 'value' => Url::fromRequest()->getParam('redirect') + ] + ); + + $this->addElement( + 'hidden', + 'cancel_2fa', + [ + 'value' => true + ] + ); + } + + public function onSuccess() + { + Session::getSession()->purge(); + + return true; + } +} diff --git a/application/views/scripts/authentication/login.phtml b/application/views/scripts/authentication/login.phtml index 130e9b97b..c9761d261 100644 --- a/application/views/scripts/authentication/login.phtml +++ b/application/views/scripts/authentication/login.phtml @@ -22,6 +22,7 @@ ) ?>

form ?> + cancel2faForm ?>