tyler.durden
/
pandorafms
mirror of https://github.com/pandorafms/pandorafms.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'ent-7077-no-funciona-doble-auth-meta' into 'develop' 

Ent 7077 no funciona doble auth meta

See merge request artica/pandorafms!3866
This commit is contained in:
Daniel Rodriguez 2021-03-02 12:24:03 +00:00
parent 8c730f7a0c 93a4a90dd6
commit 51404eda8d
3 changed files with 33 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
pandora_console/godmode/users/configure_user.php
View File

@ -1176,7 +1176,11 @@ if ($config['double_auth_enabled'] && check_acl($config['id_user'], 0, 'PM')) {
|| ($config['double_auth_enabled'] == '' && $double_auth_enabled)
|| check_acl($config['id_user'], 0, 'PM')
) {
$double_authentication .= html_print_checkbox_switch('double_auth', 1, $double_auth_enabled, true);
if ($new_user === false) {
$double_authentication .= html_print_checkbox_switch('double_auth', 1, $double_auth_enabled, true);
} else {
$double_authentication .= ui_print_help_tip(__('User must be created before activating double authentication.'), true);
}
}
// Dialog.
@ -1582,6 +1586,7 @@ console.log(userID);
data: {
page: 'include/ajax/double_auth.ajax',
id_user: userID,
id_user_auth: userID,
get_double_auth_data_page: 1,
FA_forced: 1,
containerID: $dialogContainer.prop('id')
@ -1638,6 +1643,8 @@ function show_double_auth_activation () {
var $loadingSpinner = $("<img src=\"<?php echo $config['homeurl']; ?>/images/spinner.gif\" />");
var $dialogContainer = $("div#dialog-double_auth-container");
// Uncheck until completed successfully.
$("input#checkbox-double_auth").prop( "checked", false );
$dialogContainer.html($loadingSpinner);
@ -1649,6 +1656,7 @@ function show_double_auth_activation () {
data: {
page: 'include/ajax/double_auth.ajax',
id_user: userID,
id_user_auth: userID,
FA_forced: 1,
get_double_auth_info_page: 1,
containerID: $dialogContainer.prop('id')
@ -1691,8 +1699,6 @@ function show_double_auth_activation () {
request.abort();
// Remove the contained html
$dialogContainer.empty();
document.location.reload();
}
})
.show();
@ -1706,6 +1712,9 @@ function show_double_auth_deactivation () {
var message = "<p><?php echo __('Are you sure?').'<br>'.__('The double authentication will be deactivated'); ?></p>";
var $button = $("<input type=\"button\" value=\"<?php echo __('Deactivate'); ?>\" />");
// Prevent switch deactivaction until proceess is done
$("input#checkbox-double_auth").prop( "checked", true );
$dialogContainer
.empty()
@ -1740,6 +1749,7 @@ function show_double_auth_deactivation () {
}
else if (data) {
$dialogContainer.html("<?php echo '<b><div class=\"green\">'.__('The double autentication was deactivated successfully').'</div></b>'; ?>");
$("input#checkbox-double_auth").prop( "checked", false );
}
else {
$dialogContainer.html("<?php echo '<b><div class=\"red\">'.__('There was an error deactivating the double autentication').'</div></b>'; ?>");
@ -1770,7 +1780,6 @@ function show_double_auth_deactivation () {
// Remove the contained html
$dialogContainer.empty();
document.location.reload();
}
})
.show();

25
pandora_console/include/ajax/double_auth.ajax.php
View File

@ -18,6 +18,8 @@ check_login();
// Security check
$id_user = (string) get_parameter('id_user');
$FA_forced = (int) get_parameter('FA_forced');
$id_user_auth = (string) get_parameter('id_user_auth', $config['id_user']);
if ($id_user !== $config['id_user'] && $FA_forced != 1) {
db_pandora_audit(
@ -70,12 +72,12 @@ if ($validate_double_auth_code) {
if ($result && $save) {
// Delete the actual value (if exists)
$where = ['id_user' => $id_user];
$where = ['id_user' => $id_user_auth];
db_process_sql_delete('tuser_double_auth', $where);
// Insert the new value
$values = [
'id_user' => $id_user,
'id_user' => $id_user_auth,
'secret' => $secret,
];
$result = (bool) db_process_sql_insert('tuser_double_auth', $values);
@ -152,12 +154,15 @@ if ($get_double_auth_data_page) {
ob_clean();
?>
<script type="text/javascript" src="../../include/javascript/qrcode.js"></script>
<script type="text/javascript">
var secret = "<?php echo $secret; ?>";
var userID = "<?php echo $config['id_user']; ?>";
var id_user_auth = "<?php echo $id_user_auth; ?>";
// QR code with the secret to add it to the app
paint_qrcode("otpauth://totp/"+userID+"?secret="+secret, $("div#qr-container").get(0), 200, 200);
paint_qrcode("otpauth://totp/"+id_user_auth+"?secret="+secret, $("div#qr-container").get(0), 200, 200);
$("div#qr-container").attr("title", "").find("canvas").remove();
// Don't delete this timeout. It's necessary to perform the style change.
@ -219,6 +224,7 @@ if ($get_double_auth_info_page) {
}
var containerID = "<?php echo $container_id; ?>";
var id_user_auth = "<?php echo $id_user_auth; ?>";
$("#"+containerID).html("<img src=\"<?php echo $config['homeurl']; ?>/images/spinner.gif\" />");
@ -229,6 +235,7 @@ if ($get_double_auth_info_page) {
data: {
page: 'include/ajax/double_auth.ajax',
id_user: "<?php echo $config['id_user']; ?>",
id_user_auth: id_user_auth,
get_double_auth_generation_page: 1,
containerID: containerID
},
@ -298,10 +305,10 @@ if ($get_double_auth_generation_page) {
<script type="text/javascript" src="../../include/javascript/qrcode.js"></script>
<script type="text/javascript">
var secret = "<?php echo $secret; ?>";
var userID = "<?php echo $config['id_user']; ?>";
var id_user_auth = "<?php echo $id_user_auth; ?>";
// QR code with the secret to add it to the app
paint_qrcode("otpauth://totp/"+userID+"?secret="+secret, $("div#qr-container").get(0), 200, 200);
paint_qrcode("otpauth://totp/"+id_user_auth+"?secret="+secret, $("div#qr-container").get(0), 200, 200);
$("div#qr-container").attr("title", "").find("canvas").remove();
// Don't delete this timeout. It's necessary to perform the style change.
@ -325,7 +332,8 @@ if ($get_double_auth_generation_page) {
dataType: 'html',
data: {
page: 'include/ajax/double_auth.ajax',
id_user: userID,
id_user: "<?php echo $config['id_user']; ?>",
id_user_auth, id_user_auth,
get_double_auth_generation_page: 1,
containerID: containerID
},
@ -370,6 +378,7 @@ if ($get_double_auth_generation_page) {
data: {
page: 'include/ajax/double_auth.ajax',
id_user: "<?php echo $config['id_user']; ?>",
id_user_auth: id_user_auth,
get_double_auth_validation_page: 1,
secret: secret,
containerID: containerID
@ -464,6 +473,7 @@ if ($get_double_auth_validation_page) {
data: {
page: 'include/ajax/double_auth.ajax',
id_user: "<?php echo $config['id_user']; ?>",
id_user_auth: id_user_auth,
validate_double_auth_code: 1,
save: 1,
secret: secret,
@ -479,6 +489,7 @@ if ($get_double_auth_validation_page) {
// Valid code
if (data === true) {
$("#"+containerID).html("<b><?php echo '<b><div class=\"green\">'.__('The code is valid, you can exit now').'</div></b>'; ?></b>");
$("input#checkbox-double_auth").prop( "checked", true );
}
// Invalid code
else if (data === false) {

3
pandora_console/operation/users/user_edit.php
View File

@ -426,7 +426,7 @@ if ($config['double_auth_enabled'] || ($config['double_auth_enabled'] == '' && $
$double_authentication .= '<div id="dialog-double_auth" style="display:none"><div id="dialog-double_auth-container"></div></div>';
}
if ($double_auth_enabled && $config['double_auth_enabled'] && $config['2FA_all_users'] != '') {
if ($double_auth_enabled && $config['double_auth_enabled']) {
$double_authentication .= html_print_button(__('Show information'), 'show_info', false, 'javascript:show_double_auth_info();', '', true);
}
@ -981,6 +981,7 @@ function show_double_auth_info () {
data: {
page: 'include/ajax/double_auth.ajax',
id_user: userID,
id_user_auth: userID,
get_double_auth_data_page: 1,
containerID: $dialogContainer.prop('id')
},