Get a working rough copy of the login page

This commit is contained in:
Dane Everitt 2018-04-01 17:46:16 -05:00
parent 94710934b9
commit 324b989a29
No known key found for this signature in database
GPG key ID: EEA66103B3D71F53
13 changed files with 265 additions and 68 deletions

View file

@ -4,9 +4,10 @@ namespace Pterodactyl\Http\Controllers\Auth;
use Illuminate\Http\Request;
use Illuminate\Auth\AuthManager;
use Illuminate\Http\JsonResponse;
use PragmaRX\Google2FA\Google2FA;
use Illuminate\Auth\Events\Failed;
use Illuminate\Http\RedirectResponse;
use Pterodactyl\Exceptions\DisplayException;
use Pterodactyl\Http\Controllers\Controller;
use Illuminate\Contracts\Auth\Authenticatable;
use Illuminate\Contracts\Encryption\Encrypter;
@ -106,11 +107,12 @@ class LoginController extends Controller
* Handle a login request to the application.
*
* @param \Illuminate\Http\Request $request
* @return \Illuminate\Http\RedirectResponse|\Illuminate\Http\Response
* @return \Illuminate\Http\JsonResponse
*
* @throws \Pterodactyl\Exceptions\DisplayException
* @throws \Illuminate\Validation\ValidationException
*/
public function login(Request $request)
public function login(Request $request): JsonResponse
{
$username = $request->input(self::USER_INPUT_FIELD);
$useColumn = $this->getField($username);
@ -128,37 +130,28 @@ class LoginController extends Controller
$validCredentials = password_verify($request->input('password'), $user->password);
if ($user->use_totp) {
$token = str_random(64);
$this->cache->put($token, ['user_id' => $user->id, 'valid_credentials' => $validCredentials], 5);
$token = str_random(128);
$this->cache->put($token, [
'user_id' => $user->id,
'valid_credentials' => $validCredentials,
'request_ip' => $request->ip(),
], 5);
return redirect()->route('auth.totp')->with('authentication_token', $token);
return response()->json([
'complete' => false,
'token' => $token,
]);
}
if ($validCredentials) {
$this->auth->guard()->login($user, true);
return $this->sendLoginResponse($request);
return response()->json(['complete' => true]);
}
return $this->sendFailedLoginResponse($request, $user);
}
/**
* Handle a TOTP implementation page.
*
* @param \Illuminate\Http\Request $request
* @return \Illuminate\Http\RedirectResponse|\Illuminate\View\View
*/
public function totp(Request $request)
{
$token = $request->session()->get('authentication_token');
if (is_null($token) || $this->auth->guard()->user()) {
return redirect()->route('auth.login');
}
return view('auth.totp', ['verify_key' => $token]);
}
/**
* Handle a login where the user is required to provide a TOTP authentication
* token. In order to add additional layers of security, users are not
@ -167,27 +160,29 @@ class LoginController extends Controller
*
* @param \Illuminate\Http\Request $request
* @return \Illuminate\Http\RedirectResponse|\Illuminate\Http\Response
*
* @throws \Pterodactyl\Exceptions\DisplayException
*/
public function loginUsingTotp(Request $request)
public function loginCheckpoint(Request $request)
{
if (is_null($request->input('verify_token'))) {
if (is_null($request->input('confirmation_token')) || is_null($request->input('authentication_code'))) {
return $this->sendFailedLoginResponse($request);
}
try {
$cache = $this->cache->pull($request->input('verify_token'), []);
$cache = $this->cache->pull($request->input('confirmation_token'), []);
$user = $this->repository->find(array_get($cache, 'user_id', 0));
} catch (RecordNotFoundException $exception) {
return $this->sendFailedLoginResponse($request);
}
if (is_null($request->input('2fa_token')) || ! array_get($cache, 'valid_credentials')) {
if (! array_get($cache, 'valid_credentials') || array_get($cache, 'request_ip') !== $request->ip()) {
return $this->sendFailedLoginResponse($request, $user);
}
if (! $this->google2FA->verifyKey(
$this->encrypter->decrypt($user->totp_secret),
$request->input('2fa_token'),
$request->input('authentication_code'),
$this->config->get('pterodactyl.auth.2fa.window')
)) {
return $this->sendFailedLoginResponse($request, $user);
@ -203,24 +198,35 @@ class LoginController extends Controller
*
* @param \Illuminate\Http\Request $request
* @param \Illuminate\Contracts\Auth\Authenticatable|null $user
* @return \Illuminate\Http\RedirectResponse
*
* @throws \Pterodactyl\Exceptions\DisplayException
*/
protected function sendFailedLoginResponse(Request $request, Authenticatable $user = null): RedirectResponse
protected function sendFailedLoginResponse(Request $request, Authenticatable $user = null)
{
$this->incrementLoginAttempts($request);
$this->fireFailedLoginEvent($user, [
$this->getField($request->input(self::USER_INPUT_FIELD)) => $request->input(self::USER_INPUT_FIELD),
]);
$errors = [self::USER_INPUT_FIELD => trans('auth.failed')];
if ($request->expectsJson()) {
return response()->json($errors, 422);
throw new DisplayException(trans('auth.failed'));
}
return redirect()->route('auth.login')
->withInput($request->only(self::USER_INPUT_FIELD))
->withErrors($errors);
/**
* Send the response after the user was authenticated.
*
* @param \Illuminate\Http\Request $request
* @return \Illuminate\Http\Response
*/
protected function sendLoginResponse(Request $request)
{
$request->session()->regenerate();
$this->clearLoginAttempts($request);
return $this->authenticated($request, $this->guard()->user())
?: response()->json([
'intended' => $this->redirectPath(),
]);
}
/**

View file

@ -38,6 +38,7 @@
"vue-template-compiler": "^2.5.16",
"vueify-insert-css": "^1.0.0",
"vuex": "^3.0.1",
"vuex-flash": "^1.0.0",
"vuex-i18n": "^1.10.5",
"webpack": "^4.4.1",
"webpack-stream": "^4.0.3",

View file

@ -1,6 +1,8 @@
import Vue from 'vue';
import Vuex from 'vuex';
import vuexI18n from 'vuex-i18n';
import VuexFlash from 'vuex-flash';
import { createFlashStore } from 'vuex-flash';
import VueRouter from 'vue-router';
// Helpers
@ -15,7 +17,11 @@ window.Ziggy = Ziggy;
Vue.use(Vuex);
const store = new Vuex.Store();
const store = new Vuex.Store({
plugins: [
createFlashStore(),
],
});
const route = require('./../../../../vendor/tightenco/ziggy/src/js/route').default;
Vue.config.productionTip = false;
@ -26,6 +32,10 @@ Vue.mixin({
});
Vue.use(VueRouter);
Vue.use(VuexFlash, {
mixin: true,
template: require('./components/errors/Flash.template')
});
Vue.use(vuexI18n.plugin, store);
Vue.i18n.add('en', Locales.en);
@ -34,9 +44,20 @@ Vue.i18n.set('en');
const router = new VueRouter({
routes: [
{
path: '/:action?',
name: 'login',
path: '/',
component: Login,
}
},
{
name: 'forgot-password',
path: '/forgot-password',
component: Login,
},
{
name: 'checkpoint',
path: '/checkpoint',
component: Login,
},
]
});

View file

@ -3,7 +3,7 @@
<form class="bg-white shadow-lg rounded-lg pt-10 px-8 pb-6 mb-4 animate fadein" method="post">
<div class="flex flex-wrap -mx-3 mb-6">
<div class="input-open">
<input class="input" id="grid-email" type="email" aria-labelledby="grid-email" required
<input class="input" id="grid-email" type="email" aria-labelledby="grid-email" ref="email" required
v-bind:value="email"
v-on:input="updateEmail($event)"
/>
@ -27,7 +27,7 @@
</template>
<script>
import Csrf from "../shared/CSRF";
import Csrf from "../forms/CSRF";
export default {
components: {Csrf},
@ -35,6 +35,9 @@
props: {
email: {type: String, required: true},
},
mounted: function () {
this.$refs.email.focus();
},
data: function () {
return {
X_CSRF_TOKEN: window.X_CSRF_TOKEN,

View file

@ -1,14 +1,17 @@
<template>
<div>
<login-form
v-if="this.$route.path === '/'"
v-bind:email="email"
v-on:update-email="onEmailUpdate"
v-if="this.$route.name === 'login'"
v-bind:user="user"
v-on:update-email="onUpdateEmail"
/>
<forgot-password
v-if="this.$route.path === '/forgot-password'"
v-bind:email="email"
v-on:update-email="onEmailUpdate"
v-if="this.$route.name === 'forgot-password'"
v-bind:email="user.email"
v-on:update-email="onUpdateEmail"
/>
<two-factor-form
v-if="this.$route.name === 'checkpoint'"
/>
</div>
</template>
@ -16,22 +19,26 @@
<script>
import LoginForm from "./LoginForm";
import ForgotPassword from "./ForgotPassword";
import TwoFactorForm from "./TwoFactorForm";
export default {
name: 'login',
data: function () {
return {
email: '',
user: {
email: ''
},
};
},
methods: {
onEmailUpdate: function (value) {
this.$data.email = value;
onUpdateEmail: function (value) {
this.$data.user.email = value;
},
},
components: {
TwoFactorForm,
ForgotPassword,
LoginForm
LoginForm,
},
}
</script>

View file

@ -1,10 +1,25 @@
<template>
<div>
<form class="bg-white shadow-lg rounded-lg pt-10 px-8 pb-6 mb-4 animate fadein" :action="route('auth.login')" method="post">
<flash-message variant="danger" />
<flash-message variant="success" />
<flash-message variant="warning" />
<flash-message variant="info" />
<div class="py-4" v-if="errors && errors.length === 1">
<div class="p-2 bg-red-dark border-red-darker border items-center text-red-lightest leading-normal rounded flex lg:inline-flex w-full text-sm"
role="alert">
<span class="flex rounded-full bg-red uppercase px-2 py-1 text-xs font-bold mr-3 leading-none">Error</span>
<span class="mr-2 text-left flex-auto">{{ errors[0] }}</span>
</div>
</div>
<form class="bg-white shadow-lg rounded-lg pt-10 px-8 pb-6 mb-4 animate fadein" method="post"
v-on:submit.prevent="handleLogin"
>
<div class="flex flex-wrap -mx-3 mb-6">
<div class="input-open">
<input class="input" id="grid-username" type="text" name="user" aria-labelledby="grid-username" required
v-bind:value="email"
<input class="input" id="grid-username" type="text" name="user" aria-labelledby="grid-username"
ref="email"
required
v-bind:value="user.email"
v-on:input="updateEmail($event)"
/>
<label for="grid-username">{{ $t('strings.user_identifier') }}</label>
@ -12,18 +27,21 @@
</div>
<div class="flex flex-wrap -mx-3 mb-6">
<div class="input-open">
<input class="input" id="grid-password" type="password" name="password" aria-labelledby="grid-password" required>
<input class="input" id="grid-password" type="password" name="password"
aria-labelledby="grid-password" required
v-model="user.password"
/>
<label for="grid-password">{{ $t('strings.password') }}</label>
</div>
</div>
<div>
<csrf/>
<button class="btn btn-blue btn-jumbo" type="submit">
{{ $t('auth.sign_in') }}
</button>
</div>
<div class="pt-6 text-center">
<router-link to="/forgot-password" class="text-xs text-grey tracking-wide no-underline uppercase hover:text-grey-dark">
<router-link class="text-xs text-grey tracking-wide no-underline uppercase hover:text-grey-dark"
:to="{ name: 'forgot-password' }">
{{ $t('auth.forgot_password') }}
</router-link>
</div>
@ -32,20 +50,61 @@
</template>
<script>
import Csrf from "../shared/CSRF";
export default {
components: {Csrf},
name: 'login-form',
props: {
email: { type: String, required: true },
user: {
type: Object,
required: false,
default: function () {
return {
email: '',
password: '',
};
},
}
},
data: function () {
return {
X_CSRF_TOKEN: window.X_CSRF_TOKEN,
};
errors: [],
}
},
mounted: function () {
this.$refs.email.focus();
},
methods: {
// Handle a login request eminating from the form. If 2FA is required the
// user will be presented with the 2FA modal window.
handleLogin: function () {
const self = this;
axios.post(this.route('auth.login'), {
user: this.$props.user.email,
password: this.$props.user.password,
})
.then(function (response) {
if (response.data.complete) {
return window.location = '/';
}
self.$props.user.password = '';
self.$router.push({name: 'checkpoint', query: {token: response.data.token}});
})
.catch(function (err) {
self.$props.user.password = '';
if (!err.response) {
return console.error(err);
}
const response = err.response;
if (response.data && _.isObject(response.data.errors)) {
self.$data.errors.push(response.data.errors[0].detail);
}
});
},
// Update the email address associated with the login form
// so that it is populated in the parent model automatically.
updateEmail: function (event) {
this.$emit('update-email', event.target.value);
}

View file

@ -0,0 +1,64 @@
<template>
<form class="bg-white shadow-lg rounded-lg pt-10 px-8 pb-6 mb-4 animate fadein" method="post"
v-on:submit.prevent="submitToken"
>
<div class="flex flex-wrap -mx-3 mb-6">
<div class="input-open">
<input class="input" id="grid-code" type="number" name="token" aria-labelledby="grid-username" ref="code" required
v-model="code"
/>
<label for="grid-code">{{ $t('auth.two_factor.label') }}</label>
<p class="text-grey-darker text-xs">{{ $t('auth.two_factor.label_help') }}</p>
</div>
</div>
<div>
<button class="btn btn-blue btn-jumbo" type="submit">
{{ $t('auth.sign_in') }}
</button>
</div>
<div class="pt-6 text-center">
<router-link class="text-xs text-grey tracking-wide no-underline uppercase hover:text-grey-dark"
:to="{ name: 'login' }">
Back to Login
</router-link>
</div>
</form>
</template>
<script>
export default {
name: "two-factor-form",
data: function () {
return {
code: '',
};
},
mounted: function () {
this.$refs.code.focus();
},
methods: {
submitToken: function () {
const self = this;
axios.post(this.route('auth.checkpoint'), {
confirmation_token: this.$route.query.token,
authentication_code: this.$data.code,
})
.then(function (response) {
window.location = response.data.intended;
})
.catch(function (err) {
if (!err.response) {
return console.error(err);
}
const response = err.response;
if (response.data && _.isObject(response.data.errors)) {
self.flash({message: response.data.errors[0].detail, variant: 'danger'});
self.$router.push({ name: 'login' });
}
});
}
}
}
</script>

View file

@ -0,0 +1,28 @@
module.exports = `
<div class="pb-2" v-if="show">
<transition v-if="variant === 'success'">
<div class="p-2 bg-green-dark border-green-darker border items-center text-green-lightest leading-normal rounded flex lg:inline-flex w-full text-sm" role="alert">
<span class="flex rounded-full bg-green uppercase px-2 py-1 text-xs font-bold mr-3 leading-none">Success</span>
<span class="mr-2 text-left flex-auto">{{ message }}</span>
</div>
</transition>
<transition v-if="variant === 'danger'">
<div class="p-2 bg-red-dark border-red-darker border items-center text-red-lightest leading-normal rounded flex lg:inline-flex w-full text-sm" role="alert">
<span class="flex rounded-full bg-red uppercase px-2 py-1 text-xs font-bold mr-3 leading-none">Error</span>
<span class="mr-2 text-left flex-auto">{{ message }}</span>
</div>
</transition>
<transition v-if="variant === 'info'">
<div class="p-2 bg-blue-dark border-blue-darker border items-center text-blue-lightest leading-normal rounded flex lg:inline-flex w-full text-sm" role="alert">
<span class="flex rounded-full bg-blue uppercase px-2 py-1 text-xs font-bold mr-3 leading-none">Info</span>
<span class="mr-2 text-left flex-auto">{{ message }}</span>
</div>
</transition>
<transition v-if="variant === 'warning'">
<div class="p-2 bg-yellow-dark border-yellow-darker border items-center text-yellow-lightest leading-normal rounded flex lg:inline-flex w-full text-sm" role="alert">
<span class="flex rounded-full bg-yellow uppercase px-2 py-1 text-xs font-bold mr-3 leading-none">Warning</span>
<span class="mr-2 text-left flex-auto">{{ message }}</span>
</div>
</transition>
</div>
`;

View file

@ -13,7 +13,7 @@
&:focus + label, &:valid + label {
@apply .text-grey-darker .px-0 .cursor-pointer;
transform:translateY(-24px)
transform:translateY(-26px)
}
&:invalid + label {

View file

@ -10,6 +10,12 @@ return [
'go_to_login' => 'Go to Login',
'reset_help_text' => 'Enter your account email address to recive instructions on resetting your password.',
'recover_account' => 'Recover Account',
'two_factor' => [
'label' => '2-Factor Token',
'label_help' => 'This account requires a second layer of authentication in order to continue. Please enter the code generated by your device to complete this login.',
],
'reset_password_text' => 'Reset your account password.',
'reset_password' => 'Reset Account Password',
'email_sent' => 'An email has been sent to you with further instructions for resetting your password.',

View file

@ -10,12 +10,10 @@
*/
Route::group(['middleware' => 'guest'], function () {
Route::get('/login', 'LoginController@showLoginForm')->name('auth.login');
Route::get('/login/totp', 'LoginController@totp')->name('auth.totp');
Route::get('/password', 'ForgotPasswordController@showLinkRequestForm')->name('auth.password');
Route::get('/password/reset/{token}', 'ResetPasswordController@showResetForm')->name('auth.reset');
Route::post('/login', 'LoginController@login')->middleware('recaptcha');
Route::post('/login/totp', 'LoginController@loginUsingTotp');
Route::post('/login/checkpoint', 'LoginController@loginCheckpoint')->name('auth.checkpoint');
Route::post('/password', 'ForgotPasswordController@sendResetLinkEmail')->middleware('recaptcha');
Route::post('/password/reset', 'ResetPasswordController@reset')->name('auth.reset.post')->middleware('recaptcha');
Route::post('/password/reset/{token}', 'ForgotPasswordController@sendResetLinkEmail')->middleware('recaptcha');

View file

@ -6004,6 +6004,10 @@ vueify-insert-css@^1.0.0:
version "1.0.0"
resolved "https://registry.yarnpkg.com/vueify-insert-css/-/vueify-insert-css-1.0.0.tgz#57e5d791907e8c9d87ae6de099a2174bd0a7f990"
vuex-flash@^1.0.0:
version "1.0.0"
resolved "https://registry.yarnpkg.com/vuex-flash/-/vuex-flash-1.0.0.tgz#4bbeb2093d4857ddef45a6c50f10243539acee6e"
vuex-i18n@^1.10.5:
version "1.10.5"
resolved "https://registry.yarnpkg.com/vuex-i18n/-/vuex-i18n-1.10.5.tgz#635ea2204e0aa3f8fd512f0fab7f6b994d3f666c"