Added Admin TOTP to admin security page

This commit is contained in:
djmaze 2021-11-18 14:14:14 +01:00
parent 98aff451f5
commit 8ac116d0a4
6 changed files with 46 additions and 49 deletions

View file

@ -195,20 +195,6 @@ class RemoteAdminFetch extends AbstractFetchRemote {
this.defaultRequest(fCallback, 'AdminContactsTest', oData); this.defaultRequest(fCallback, 'AdminContactsTest', oData);
} }
/**
* @param {?Function} fCallback
* @param {?} oData
*/
saveNewAdminPassword(fCallback, oData) {
this.defaultRequest(fCallback, 'AdminPasswordUpdate', oData);
}
/**
* @param {?Function} fCallback
*/
phpExtensions(fCallback) {
this.defaultRequest(fCallback, 'AdminPHPExtensions');
}
} }
export default new RemoteAdminFetch(); export default new RemoteAdminFetch();

View file

@ -9,7 +9,7 @@ export class AboutAdminSettings /*extends AbstractViewSettings*/ {
} }
onBuild() { onBuild() {
Remote.phpExtensions((iError, data) => iError || this.phpextensions(data.Result)); Remote.defaultRequest((iError, data) => iError || this.phpextensions(data.Result), 'AdminPHPExtensions');
} }
} }

View file

@ -22,6 +22,7 @@ export class SecurityAdminSettings /*extends AbstractViewSettings*/ {
adminPasswordNew: '', adminPasswordNew: '',
adminPasswordNew2: '', adminPasswordNew2: '',
adminPasswordNewError: false, adminPasswordNewError: false,
adminTOTP: SettingsGet('AdminTOTP'),
adminPasswordUpdateError: false, adminPasswordUpdateError: false,
adminPasswordUpdateSuccess: false, adminPasswordUpdateSuccess: false,
@ -91,7 +92,7 @@ export class SecurityAdminSettings /*extends AbstractViewSettings*/ {
this.adminPasswordUpdateError(false); this.adminPasswordUpdateError(false);
this.adminPasswordUpdateSuccess(false); this.adminPasswordUpdateSuccess(false);
Remote.saveNewAdminPassword((iError, data) => { Remote.defaultRequest((iError, data) => {
if (iError) { if (iError) {
this.adminPasswordUpdateError(true); this.adminPasswordUpdateError(true);
} else { } else {
@ -103,10 +104,11 @@ export class SecurityAdminSettings /*extends AbstractViewSettings*/ {
this.weakPassword(!!data.Result.Weak); this.weakPassword(!!data.Result.Weak);
} }
}, { }, 'AdminPasswordUpdate', {
'Login': this.adminLogin(), 'Login': this.adminLogin(),
'Password': this.adminPassword(), 'Password': this.adminPassword(),
'NewPassword': this.adminPasswordNew() 'NewPassword': this.adminPasswordNew(),
'TOTP': this.adminTOTP()
}); });
return true; return true;

View file

@ -873,7 +873,38 @@ class Actions
$sLanguage = $oConfig->Get('webmail', 'language', 'en'); $sLanguage = $oConfig->Get('webmail', 'language', 'en');
$UserLanguageRaw = $this->detectUserLanguage($bAdmin); $UserLanguageRaw = $this->detectUserLanguage($bAdmin);
if (!$bAdmin) { if ($bAdmin) {
$aResult['Auth'] = $this->IsAdminLoggined(false);
if ($aResult['Auth']) {
$aResult['AdminDomain'] = APP_SITE;
$aResult['AdminLogin'] = (string)$oConfig->Get('security', 'admin_login', '');
$aResult['AdminTOTP'] = (string)$oConfig->Get('security', 'admin_totp', '');
$aResult['UseTokenProtection'] = (bool)$oConfig->Get('security', 'csrf_protection', true);
$aResult['EnabledPlugins'] = (bool)$oConfig->Get('plugins', 'enable', false);
$aResult['VerifySslCertificate'] = (bool)$oConfig->Get('ssl', 'verify_certificate', false);
$aResult['AllowSelfSigned'] = (bool)$oConfig->Get('ssl', 'allow_self_signed', true);
$aResult['supportedPdoDrivers'] = \RainLoop\Common\PdoAbstract::getAvailableDrivers();
$aResult['ContactsEnable'] = (bool)$oConfig->Get('contacts', 'enable', false);
$aResult['ContactsSync'] = (bool)$oConfig->Get('contacts', 'allow_sync', false);
$aResult['ContactsPdoType'] = (string)$this->ValidateContactPdoType(\trim($this->Config()->Get('contacts', 'type', 'sqlite')));
$aResult['ContactsPdoDsn'] = (string)$oConfig->Get('contacts', 'pdo_dsn', '');
$aResult['ContactsPdoType'] = (string)$oConfig->Get('contacts', 'type', '');
$aResult['ContactsPdoUser'] = (string)$oConfig->Get('contacts', 'pdo_user', '');
$aResult['ContactsPdoPassword'] = (string)APP_DUMMY;
$aResult['WeakPassword'] = \is_file($passfile);
$aResult['PhpUploadSizes'] = array(
'upload_max_filesize' => \ini_get('upload_max_filesize'),
'post_max_size' => \ini_get('post_max_size')
);
}
$aResult['Capa'] = $this->Capa(true);
} else {
$oAccount = $this->getAccountFromToken(false); $oAccount = $this->getAccountFromToken(false);
if ($oAccount) { if ($oAccount) {
$aResult['Auth'] = true; $aResult['Auth'] = true;
@ -986,36 +1017,6 @@ class Actions
} }
$aResult['Capa'] = $this->Capa(false, $oAccount); $aResult['Capa'] = $this->Capa(false, $oAccount);
} else {
$aResult['Auth'] = $this->IsAdminLoggined(false);
if ($aResult['Auth']) {
$aResult['AdminDomain'] = APP_SITE;
$aResult['AdminLogin'] = (string)$oConfig->Get('security', 'admin_login', '');
$aResult['UseTokenProtection'] = (bool)$oConfig->Get('security', 'csrf_protection', true);
$aResult['EnabledPlugins'] = (bool)$oConfig->Get('plugins', 'enable', false);
$aResult['VerifySslCertificate'] = (bool)$oConfig->Get('ssl', 'verify_certificate', false);
$aResult['AllowSelfSigned'] = (bool)$oConfig->Get('ssl', 'allow_self_signed', true);
$aResult['supportedPdoDrivers'] = \RainLoop\Common\PdoAbstract::getAvailableDrivers();
$aResult['ContactsEnable'] = (bool)$oConfig->Get('contacts', 'enable', false);
$aResult['ContactsSync'] = (bool)$oConfig->Get('contacts', 'allow_sync', false);
$aResult['ContactsPdoType'] = (string)$this->ValidateContactPdoType(\trim($this->Config()->Get('contacts', 'type', 'sqlite')));
$aResult['ContactsPdoDsn'] = (string)$oConfig->Get('contacts', 'pdo_dsn', '');
$aResult['ContactsPdoType'] = (string)$oConfig->Get('contacts', 'type', '');
$aResult['ContactsPdoUser'] = (string)$oConfig->Get('contacts', 'pdo_user', '');
$aResult['ContactsPdoPassword'] = (string)APP_DUMMY;
$aResult['WeakPassword'] = \is_file($passfile);
$aResult['PhpUploadSizes'] = array(
'upload_max_filesize' => \ini_get('upload_max_filesize'),
'post_max_size' => \ini_get('post_max_size')
);
}
$aResult['Capa'] = $this->Capa(true);
} }
$sStaticCache = $this->StaticCache(); $sStaticCache = $this->StaticCache();

View file

@ -248,6 +248,8 @@ trait Admin
$passfile = APP_PRIVATE_DATA.'admin_password.txt'; $passfile = APP_PRIVATE_DATA.'admin_password.txt';
$oConfig->Set('security', 'admin_totp', $this->GetActionParam('TOTP', ''));
if ($oConfig->ValidatePassword($sPassword)) if ($oConfig->ValidatePassword($sPassword))
{ {
if (\strlen($sLogin)) if (\strlen($sLogin))

View file

@ -42,6 +42,12 @@
<input type="password" autocomplete="new-password" autocorrect="off" autocapitalize="off" spellcheck="false" <input type="password" autocomplete="new-password" autocorrect="off" autocapitalize="off" spellcheck="false"
data-bind="textInput: adminPasswordNew2" /> data-bind="textInput: adminPasswordNew2" />
</div> </div>
<div class="control-group">
<label data-i18n="LOGIN/LABEL_TOTP"></label>
<input type="text" autocomplete="off" autocorrect="off" autocapitalize="off" spellcheck="false"
pattern="[A-Z2-7]{16,}"
data-bind="textInput: adminTOTP" />
</div>
<div class="control-group"> <div class="control-group">
<a class="btn" data-bind="command: saveNewAdminPasswordCommand, css: { 'btn-success': adminPasswordUpdateSuccess, 'btn-danger': adminPasswordUpdateError }"> <a class="btn" data-bind="command: saveNewAdminPasswordCommand, css: { 'btn-success': adminPasswordUpdateSuccess, 'btn-danger': adminPasswordUpdateError }">
<i class="fontastic">🔑</i> <i class="fontastic">🔑</i>