summaryrefslogtreecommitdiff
path: root/app
diff options
context:
space:
mode:
authorFrederic Guillot <fred@kanboard.net>2017-03-09 21:24:04 -0500
committerFrederic Guillot <fred@kanboard.net>2017-03-09 21:24:04 -0500
commit6d814566fba8ac45b5cba6993e7b98223b259256 (patch)
tree199e1c456d721c4ca95b95092fbf619497ef073e /app
parentcbb4d0061e698376d4fbd9a6df95ac14d0733aed (diff)
Render QR code for TwoFactor authentication without Google Chart API
Diffstat (limited to 'app')
-rw-r--r--app/Controller/TwoFactorController.php31
-rw-r--r--app/Core/Security/PostAuthenticationProviderInterface.php9
-rw-r--r--app/Template/twofactor/show.php7
3 files changed, 26 insertions, 21 deletions
diff --git a/app/Controller/TwoFactorController.php b/app/Controller/TwoFactorController.php
index d02c8950..73060c44 100644
--- a/app/Controller/TwoFactorController.php
+++ b/app/Controller/TwoFactorController.php
@@ -3,6 +3,7 @@
namespace Kanboard\Controller;
use Kanboard\Core\Controller\AccessForbiddenException;
+use PHPQRCode;
/**
* Two Factor Auth controller
@@ -65,9 +66,8 @@ class TwoFactorController extends UserViewController
}
$this->response->html($this->helper->layout->user('twofactor/show', array(
- 'user' => $user,
- 'secret' => $this->sessionStorage->twoFactorSecret,
- 'qrcode_url' => $provider->getQrCodeUrl($label),
+ 'user' => $user,
+ 'secret' => $this->sessionStorage->twoFactorSecret,
'key_url' => $provider->getKeyUrl($label),
)));
}
@@ -192,11 +192,28 @@ class TwoFactorController extends UserViewController
'twofactor_secret' => '',
));
- return $this->response->redirect($this->helper->url->to('UserViewController', 'show', array('user_id' => $user['id'])));
+ $this->response->redirect($this->helper->url->to('UserViewController', 'show', array('user_id' => $user['id'])));
+ } else {
+ $this->response->html($this->helper->layout->user('twofactor/disable', array(
+ 'user' => $user,
+ )));
}
+ }
- return $this->response->html($this->helper->layout->user('twofactor/disable', array(
- 'user' => $user,
- )));
+ /**
+ * Render QR Code image
+ */
+ public function qrcode()
+ {
+ if (isset($this->sessionStorage->twoFactorSecret)) {
+ $user = $this->getUser();
+ $provider = $this->authenticationManager->getPostAuthenticationProvider();
+ $provider->setSecret($this->sessionStorage->twoFactorSecret);
+ $url = $provider->getKeyUrl($user['email'] ?: $user['username']);
+
+ if (! empty($url)) {
+ PHPQRCode\QRcode::png($url, false, 'L', 6, 0);
+ }
+ }
}
}
diff --git a/app/Core/Security/PostAuthenticationProviderInterface.php b/app/Core/Security/PostAuthenticationProviderInterface.php
index 3f628bb0..27b7b5cf 100644
--- a/app/Core/Security/PostAuthenticationProviderInterface.php
+++ b/app/Core/Security/PostAuthenticationProviderInterface.php
@@ -50,15 +50,6 @@ interface PostAuthenticationProviderInterface extends AuthenticationProviderInte
public function getSecret();
/**
- * Get QR code url (empty if no QR can be provided)
- *
- * @access public
- * @param string $label
- * @return string
- */
- public function getQrCodeUrl($label);
-
- /**
* Get key url (empty if no url can be provided)
*
* @access public
diff --git a/app/Template/twofactor/show.php b/app/Template/twofactor/show.php
index a5bdeccb..412077b9 100644
--- a/app/Template/twofactor/show.php
+++ b/app/Template/twofactor/show.php
@@ -2,17 +2,14 @@
<h2><?= t('Two factor authentication') ?></h2>
</div>
-<?php if (! empty($secret) || ! empty($qrcode_url) || ! empty($key_url)): ?>
+<?php if (! empty($secret) || ! empty($key_url)): ?>
<div class="panel">
<?php if (! empty($secret)): ?>
<p><?= t('Secret key: ') ?><strong><?= $this->text->e($secret) ?></strong></p>
<?php endif ?>
- <?php if (! empty($qrcode_url)): ?>
- <p><br><img src="<?= $qrcode_url ?>"/><br><br></p>
- <?php endif ?>
-
<?php if (! empty($key_url)): ?>
+ <br><img src="<?= $this->url->href('TwoFactorController', 'qrcode') ?>"><br>
<p><?= t('This QR code contains the key URI: ') ?><a href="<?= $this->text->e($key_url) ?>"><?= $this->text->e($key_url) ?></a></p>
<?php endif ?>
</div>