Finalize two-factor handling on account.
This commit is contained in:
parent
0cc895f2d5
commit
7711b697ad
13 changed files with 299 additions and 137 deletions
|
@ -3,6 +3,7 @@
|
||||||
namespace Pterodactyl\Http\Controllers\Base;
|
namespace Pterodactyl\Http\Controllers\Base;
|
||||||
|
|
||||||
use Illuminate\Http\Request;
|
use Illuminate\Http\Request;
|
||||||
|
use Illuminate\Http\JsonResponse;
|
||||||
use Prologue\Alerts\AlertsMessageBag;
|
use Prologue\Alerts\AlertsMessageBag;
|
||||||
use Pterodactyl\Http\Controllers\Controller;
|
use Pterodactyl\Http\Controllers\Controller;
|
||||||
use Pterodactyl\Services\Users\TwoFactorSetupService;
|
use Pterodactyl\Services\Users\TwoFactorSetupService;
|
||||||
|
@ -62,36 +63,28 @@ class SecurityController extends Controller
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Returns Security Management Page.
|
* Return information about the user's two-factor authentication status. If not enabled setup their
|
||||||
*
|
* secret and return information to allow the user to proceede with setup.
|
||||||
* @param \Illuminate\Http\Request $request
|
|
||||||
* @return \Illuminate\View\View
|
|
||||||
*/
|
|
||||||
public function index(Request $request)
|
|
||||||
{
|
|
||||||
if ($this->config->get('session.driver') === 'database') {
|
|
||||||
$activeSessions = $this->repository->getUserSessions($request->user()->id);
|
|
||||||
}
|
|
||||||
|
|
||||||
return view('base.security', [
|
|
||||||
'sessions' => $activeSessions ?? null,
|
|
||||||
]);
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Generates TOTP Secret and returns popup data for user to verify
|
|
||||||
* that they can generate a valid response.
|
|
||||||
*
|
*
|
||||||
* @param \Illuminate\Http\Request $request
|
* @param \Illuminate\Http\Request $request
|
||||||
* @return \Illuminate\Http\JsonResponse
|
* @return \Illuminate\Http\JsonResponse
|
||||||
*
|
|
||||||
* @throws \Pterodactyl\Exceptions\Model\DataValidationException
|
* @throws \Pterodactyl\Exceptions\Model\DataValidationException
|
||||||
* @throws \Pterodactyl\Exceptions\Repository\RecordNotFoundException
|
* @throws \Pterodactyl\Exceptions\Repository\RecordNotFoundException
|
||||||
*/
|
*/
|
||||||
public function generateTotp(Request $request)
|
public function index(Request $request): JsonResponse
|
||||||
{
|
{
|
||||||
return response()->json([
|
if ($request->user()->use_totp) {
|
||||||
'qrImage' => $this->twoFactorSetupService->handle($request->user()),
|
return JsonResponse::create([
|
||||||
|
'enabled' => true,
|
||||||
|
]);
|
||||||
|
}
|
||||||
|
|
||||||
|
$response = $this->twoFactorSetupService->handle($request->user());
|
||||||
|
|
||||||
|
return JsonResponse::create([
|
||||||
|
'enabled' => false,
|
||||||
|
'qr_image' => $response->get('image'),
|
||||||
|
'secret' => $response->get('secret'),
|
||||||
]);
|
]);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -99,53 +92,43 @@ class SecurityController extends Controller
|
||||||
* Verifies that 2FA token received is valid and will work on the account.
|
* Verifies that 2FA token received is valid and will work on the account.
|
||||||
*
|
*
|
||||||
* @param \Illuminate\Http\Request $request
|
* @param \Illuminate\Http\Request $request
|
||||||
* @return \Illuminate\Http\Response
|
* @return \Illuminate\Http\JsonResponse
|
||||||
*
|
*
|
||||||
* @throws \Pterodactyl\Exceptions\Model\DataValidationException
|
* @throws \Pterodactyl\Exceptions\Model\DataValidationException
|
||||||
* @throws \Pterodactyl\Exceptions\Repository\RecordNotFoundException
|
* @throws \Pterodactyl\Exceptions\Repository\RecordNotFoundException
|
||||||
*/
|
*/
|
||||||
public function setTotp(Request $request)
|
public function store(Request $request): JsonResponse
|
||||||
{
|
{
|
||||||
try {
|
try {
|
||||||
$this->toggleTwoFactorService->handle($request->user(), $request->input('token') ?? '');
|
$this->toggleTwoFactorService->handle($request->user(), $request->input('token') ?? '');
|
||||||
|
|
||||||
return response('true');
|
|
||||||
} catch (TwoFactorAuthenticationTokenInvalid $exception) {
|
} catch (TwoFactorAuthenticationTokenInvalid $exception) {
|
||||||
return response('false');
|
$error = true;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
return JsonResponse::create([
|
||||||
|
'success' => ! isset($error),
|
||||||
|
]);
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Disables TOTP on an account.
|
* Disables TOTP on an account.
|
||||||
*
|
*
|
||||||
* @param \Illuminate\Http\Request $request
|
* @param \Illuminate\Http\Request $request
|
||||||
* @return \Illuminate\Http\RedirectResponse
|
* @return \Illuminate\Http\JsonResponse
|
||||||
*
|
*
|
||||||
* @throws \Pterodactyl\Exceptions\Model\DataValidationException
|
* @throws \Pterodactyl\Exceptions\Model\DataValidationException
|
||||||
* @throws \Pterodactyl\Exceptions\Repository\RecordNotFoundException
|
* @throws \Pterodactyl\Exceptions\Repository\RecordNotFoundException
|
||||||
*/
|
*/
|
||||||
public function disableTotp(Request $request)
|
public function delete(Request $request): JsonResponse
|
||||||
{
|
{
|
||||||
try {
|
try {
|
||||||
$this->toggleTwoFactorService->handle($request->user(), $request->input('token') ?? '', false);
|
$this->toggleTwoFactorService->handle($request->user(), $request->input('token') ?? '', false);
|
||||||
} catch (TwoFactorAuthenticationTokenInvalid $exception) {
|
} catch (TwoFactorAuthenticationTokenInvalid $exception) {
|
||||||
$this->alert->danger(trans('base.security.2fa_disable_error'))->flash();
|
$error = true;
|
||||||
}
|
}
|
||||||
|
|
||||||
return redirect()->route('account.security');
|
return JsonResponse::create([
|
||||||
}
|
'success' => ! isset($error),
|
||||||
|
]);
|
||||||
/**
|
|
||||||
* Revokes a user session.
|
|
||||||
*
|
|
||||||
* @param \Illuminate\Http\Request $request
|
|
||||||
* @param string $id
|
|
||||||
* @return \Illuminate\Http\RedirectResponse
|
|
||||||
*/
|
|
||||||
public function revoke(Request $request, string $id)
|
|
||||||
{
|
|
||||||
$this->repository->deleteUserSession($request->user()->id, $id);
|
|
||||||
|
|
||||||
return redirect()->route('account.security');
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -11,17 +11,12 @@ namespace Pterodactyl\Services\Users;
|
||||||
|
|
||||||
use Pterodactyl\Models\User;
|
use Pterodactyl\Models\User;
|
||||||
use PragmaRX\Google2FA\Google2FA;
|
use PragmaRX\Google2FA\Google2FA;
|
||||||
|
use Illuminate\Support\Collection;
|
||||||
use Illuminate\Contracts\Encryption\Encrypter;
|
use Illuminate\Contracts\Encryption\Encrypter;
|
||||||
use Pterodactyl\Contracts\Repository\UserRepositoryInterface;
|
use Pterodactyl\Contracts\Repository\UserRepositoryInterface;
|
||||||
use Illuminate\Contracts\Config\Repository as ConfigRepository;
|
|
||||||
|
|
||||||
class TwoFactorSetupService
|
class TwoFactorSetupService
|
||||||
{
|
{
|
||||||
/**
|
|
||||||
* @var \Illuminate\Contracts\Config\Repository
|
|
||||||
*/
|
|
||||||
private $config;
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @var \Illuminate\Contracts\Encryption\Encrypter
|
* @var \Illuminate\Contracts\Encryption\Encrypter
|
||||||
*/
|
*/
|
||||||
|
@ -40,18 +35,15 @@ class TwoFactorSetupService
|
||||||
/**
|
/**
|
||||||
* TwoFactorSetupService constructor.
|
* TwoFactorSetupService constructor.
|
||||||
*
|
*
|
||||||
* @param \Illuminate\Contracts\Config\Repository $config
|
|
||||||
* @param \Illuminate\Contracts\Encryption\Encrypter $encrypter
|
* @param \Illuminate\Contracts\Encryption\Encrypter $encrypter
|
||||||
* @param \PragmaRX\Google2FA\Google2FA $google2FA
|
* @param \PragmaRX\Google2FA\Google2FA $google2FA
|
||||||
* @param \Pterodactyl\Contracts\Repository\UserRepositoryInterface $repository
|
* @param \Pterodactyl\Contracts\Repository\UserRepositoryInterface $repository
|
||||||
*/
|
*/
|
||||||
public function __construct(
|
public function __construct(
|
||||||
ConfigRepository $config,
|
|
||||||
Encrypter $encrypter,
|
Encrypter $encrypter,
|
||||||
Google2FA $google2FA,
|
Google2FA $google2FA,
|
||||||
UserRepositoryInterface $repository
|
UserRepositoryInterface $repository
|
||||||
) {
|
) {
|
||||||
$this->config = $config;
|
|
||||||
$this->encrypter = $encrypter;
|
$this->encrypter = $encrypter;
|
||||||
$this->google2FA = $google2FA;
|
$this->google2FA = $google2FA;
|
||||||
$this->repository = $repository;
|
$this->repository = $repository;
|
||||||
|
@ -62,20 +54,23 @@ class TwoFactorSetupService
|
||||||
* QR code image.
|
* QR code image.
|
||||||
*
|
*
|
||||||
* @param \Pterodactyl\Models\User $user
|
* @param \Pterodactyl\Models\User $user
|
||||||
* @return string
|
* @return \Illuminate\Support\Collection
|
||||||
*
|
*
|
||||||
* @throws \Pterodactyl\Exceptions\Model\DataValidationException
|
* @throws \Pterodactyl\Exceptions\Model\DataValidationException
|
||||||
* @throws \Pterodactyl\Exceptions\Repository\RecordNotFoundException
|
* @throws \Pterodactyl\Exceptions\Repository\RecordNotFoundException
|
||||||
*/
|
*/
|
||||||
public function handle(User $user): string
|
public function handle(User $user): Collection
|
||||||
{
|
{
|
||||||
$secret = $this->google2FA->generateSecretKey($this->config->get('pterodactyl.auth.2fa.bytes'));
|
$secret = $this->google2FA->generateSecretKey(config('pterodactyl.auth.2fa.bytes'));
|
||||||
$image = $this->google2FA->getQRCodeGoogleUrl($this->config->get('app.name'), $user->email, $secret);
|
$image = $this->google2FA->getQRCodeGoogleUrl(config('app.name'), $user->email, $secret);
|
||||||
|
|
||||||
$this->repository->withoutFreshModel()->update($user->id, [
|
$this->repository->withoutFreshModel()->update($user->id, [
|
||||||
'totp_secret' => $this->encrypter->encrypt($secret),
|
'totp_secret' => $this->encrypter->encrypt($secret),
|
||||||
]);
|
]);
|
||||||
|
|
||||||
return $image;
|
return new Collection([
|
||||||
|
'image' => $image,
|
||||||
|
'secret' => $secret,
|
||||||
|
]);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -3,7 +3,7 @@
|
||||||
<navigation/>
|
<navigation/>
|
||||||
<div class="container animate fadein mt-2 sm:mt-6">
|
<div class="container animate fadein mt-2 sm:mt-6">
|
||||||
<modal :show="modalVisible" v-on:close="modalVisible = false">
|
<modal :show="modalVisible" v-on:close="modalVisible = false">
|
||||||
<TwoFactorAuthentication/>
|
<TwoFactorAuthentication v-on:close="modalVisible = false"/>
|
||||||
</modal>
|
</modal>
|
||||||
<flash container="mt-2 sm:mt-6 mb-2"/>
|
<flash container="mt-2 sm:mt-6 mb-2"/>
|
||||||
<div class="flex flex-wrap">
|
<div class="flex flex-wrap">
|
||||||
|
@ -11,7 +11,7 @@
|
||||||
<div class="sm:m-4 md:ml-0">
|
<div class="sm:m-4 md:ml-0">
|
||||||
<update-email class="mb-4 sm:mb-8"/>
|
<update-email class="mb-4 sm:mb-8"/>
|
||||||
<div class="content-box text-center mb-4 sm:mb-0">
|
<div class="content-box text-center mb-4 sm:mb-0">
|
||||||
<button class="btn btn-green btn-sm" type="submit" v-on:click="modalVisible = true">Configure 2-Factor Authentication</button>
|
<button class="btn btn-green btn-sm" type="submit" v-on:click="openModal">Configure 2-Factor Authentication</button>
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
|
@ -39,5 +39,11 @@
|
||||||
modalVisible: false,
|
modalVisible: false,
|
||||||
};
|
};
|
||||||
},
|
},
|
||||||
|
methods: {
|
||||||
|
openModal: function () {
|
||||||
|
this.$data.modalVisible = true;
|
||||||
|
window.events.$emit('two_factor:open');
|
||||||
|
},
|
||||||
|
}
|
||||||
};
|
};
|
||||||
</script>
|
</script>
|
||||||
|
|
|
@ -2,26 +2,26 @@
|
||||||
<div>
|
<div>
|
||||||
<form method="post" v-on:submit.prevent="submitForm">
|
<form method="post" v-on:submit.prevent="submitForm">
|
||||||
<div class="content-box">
|
<div class="content-box">
|
||||||
<h2 class="mb-6 text-grey-darkest font-medium">Change your password</h2>
|
<h2 class="mb-6 text-grey-darkest font-medium">{{ $t('dashboard.account.password.title') }}</h2>
|
||||||
<div class="mt-6">
|
<div class="mt-6">
|
||||||
<label for="grid-password-current" class="input-label">Current password</label>
|
<label for="grid-password-current" class="input-label">{{ $t('strings.password') }}</label>
|
||||||
<input id="grid-password-current" name="current_password" type="password" class="input" required
|
<input id="grid-password-current" name="current_password" type="password" class="input" required
|
||||||
ref="current"
|
ref="current"
|
||||||
v-model="current"
|
v-model="current"
|
||||||
>
|
>
|
||||||
</div>
|
</div>
|
||||||
<div class="mt-6">
|
<div class="mt-6">
|
||||||
<label for="grid-password-new" class="input-label">New password</label>
|
<label for="grid-password-new" class="input-label">{{ $t('strings.new_password') }}</label>
|
||||||
<input id="grid-password-new" name="password" type="password" class="input" required
|
<input id="grid-password-new" name="password" type="password" class="input" required
|
||||||
:class="{ error: errors.has('password') }"
|
:class="{ error: errors.has('password') }"
|
||||||
v-model="newPassword"
|
v-model="newPassword"
|
||||||
v-validate="'min:8'"
|
v-validate="'min:8'"
|
||||||
>
|
>
|
||||||
<p class="input-help error" v-show="errors.has('password')">{{ errors.first('password') }}</p>
|
<p class="input-help error" v-show="errors.has('password')">{{ errors.first('password') }}</p>
|
||||||
<p class="input-help">Your new password should be at least 8 characters in length.</p>
|
<p class="input-help">{{ $t('dashboard.account.password.requirements') }}</p>
|
||||||
</div>
|
</div>
|
||||||
<div class="mt-6">
|
<div class="mt-6">
|
||||||
<label for="grid-password-new-confirm" class="input-label">Confirm new password</label>
|
<label for="grid-password-new-confirm" class="input-label">{{ $t('strings.confirm_password') }}</label>
|
||||||
<input id="grid-password-new-confirm" name="password_confirmation" type="password" class="input" required
|
<input id="grid-password-new-confirm" name="password_confirmation" type="password" class="input" required
|
||||||
:class="{ error: errors.has('password_confirmation') }"
|
:class="{ error: errors.has('password_confirmation') }"
|
||||||
v-model="confirmNew"
|
v-model="confirmNew"
|
||||||
|
@ -31,7 +31,7 @@
|
||||||
<p class="input-help error" v-show="errors.has('password_confirmation')">{{ errors.first('password_confirmation') }}</p>
|
<p class="input-help error" v-show="errors.has('password_confirmation')">{{ errors.first('password_confirmation') }}</p>
|
||||||
</div>
|
</div>
|
||||||
<div class="mt-6 text-right">
|
<div class="mt-6 text-right">
|
||||||
<button class="btn btn-blue btn-sm text-right" type="submit">Save</button>
|
<button class="btn btn-blue btn-sm text-right" type="submit">{{ $t('strings.save') }}</button>
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
</form>
|
</form>
|
||||||
|
@ -68,7 +68,7 @@
|
||||||
this.$data.newPassword = '';
|
this.$data.newPassword = '';
|
||||||
this.$data.confirmNew = '';
|
this.$data.confirmNew = '';
|
||||||
|
|
||||||
this.success('Your password has been updated.');
|
this.success(this.$t('dashboard.account.password.updated'));
|
||||||
})
|
})
|
||||||
.catch(err => {
|
.catch(err => {
|
||||||
if (!err.response) {
|
if (!err.response) {
|
||||||
|
|
|
@ -1,11 +1,191 @@
|
||||||
<template>
|
<template>
|
||||||
<div>
|
<div>
|
||||||
Todo: put the 2FA magic here!
|
<div class="h-16 text-center" v-show="spinner">
|
||||||
|
<span class="spinner spinner-xl text-blue"></span>
|
||||||
|
</div>
|
||||||
|
<div v-if="response.enabled" v-show="!spinner">
|
||||||
|
<h2 class="font-medium text-grey-darkest">{{ $t('dashboard.account.two_factor.disable.title') }}</h2>
|
||||||
|
<div class="mt-6">
|
||||||
|
<label class="input-label" for="grid-two-factor-token-disable">{{ $t('dashboard.account.two_factor.disable.field') }}</label>
|
||||||
|
<input id="grid-two-factor-token-disable" type="number" class="input"
|
||||||
|
name="token"
|
||||||
|
v-model="token"
|
||||||
|
ref="token"
|
||||||
|
v-validate="'length:6'"
|
||||||
|
:class="{ error: errors.has('token') }"
|
||||||
|
>
|
||||||
|
<p class="input-help error" v-show="errors.has('token')">{{ errors.first('token') }}</p>
|
||||||
|
</div>
|
||||||
|
<div class="mt-6 w-full text-right">
|
||||||
|
<button class="btn btn-sm btn-secondary mr-4" v-on:click="$emit('close')">
|
||||||
|
Cancel
|
||||||
|
</button>
|
||||||
|
<button class="btn btn-sm btn-red" type="submit"
|
||||||
|
:disabled="submitDisabled"
|
||||||
|
v-on:click.prevent="disableTwoFactor"
|
||||||
|
>{{ $t('strings.disable') }}</button>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
<div v-else v-show="!spinner">
|
||||||
|
<h2 class="font-medium text-grey-darkest">{{ $t('dashboard.account.two_factor.setup.title') }}</h2>
|
||||||
|
<div class="flex mt-6">
|
||||||
|
<div class="flex-none w-full sm:w-1/2 text-center">
|
||||||
|
<div>
|
||||||
|
<img :src="response.qr_image" alt="Two-factor qr image" class="w-3/4">
|
||||||
|
</div>
|
||||||
|
<div>
|
||||||
|
<p class="text-xs text-grey-darker mb-2">{{ $t('dashboard.account.two_factor.setup.help') }}</p>
|
||||||
|
<p class="text-xs"><code>{{response.secret}}</code></p>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
<div class="flex-none w-full sm:w-1/2">
|
||||||
|
<div>
|
||||||
|
<label class="input-label" for="grid-two-factor-token">{{ $t('dashboard.account.two_factor.setup.field') }}</label>
|
||||||
|
<input id="grid-two-factor-token" type="number" class="input"
|
||||||
|
name="token"
|
||||||
|
v-model="token"
|
||||||
|
ref="token"
|
||||||
|
v-validate="'length:6'"
|
||||||
|
:class="{ error: errors.has('token') }"
|
||||||
|
>
|
||||||
|
<p class="input-help error" v-show="errors.has('token')">{{ errors.first('token') }}</p>
|
||||||
|
</div>
|
||||||
|
<div class="mt-6">
|
||||||
|
<button class="btn btn-blue btn-jumbo" type="submit"
|
||||||
|
:disabled="submitDisabled"
|
||||||
|
v-on:click.prevent="enableTwoFactor"
|
||||||
|
>{{ $t('strings.enable') }}</button>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
</div>
|
</div>
|
||||||
</template>
|
</template>
|
||||||
|
|
||||||
<script>
|
<script>
|
||||||
|
import Vue from 'vue';
|
||||||
|
import isObject from 'lodash/isObject';
|
||||||
|
|
||||||
export default {
|
export default {
|
||||||
name: 'TwoFactorAuthentication'
|
name: 'TwoFactorAuthentication',
|
||||||
|
data: function () {
|
||||||
|
return {
|
||||||
|
spinner: true,
|
||||||
|
token: '',
|
||||||
|
submitDisabled: true,
|
||||||
|
response: {
|
||||||
|
enabled: false,
|
||||||
|
qr_image: '',
|
||||||
|
secret: '',
|
||||||
|
},
|
||||||
|
};
|
||||||
|
},
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Before the component is mounted setup the event listener. This event is fired when a user
|
||||||
|
* presses the 'Configure 2-Factor' button on their account page. Once this happens we fire off
|
||||||
|
* a HTTP request to get their information.
|
||||||
|
*/
|
||||||
|
mounted: function () {
|
||||||
|
window.events.$on('two_factor:open', () => {
|
||||||
|
this.prepareModalContent();
|
||||||
|
});
|
||||||
|
},
|
||||||
|
|
||||||
|
watch: {
|
||||||
|
token: function (value) {
|
||||||
|
this.$data.submitDisabled = value.length !== 6;
|
||||||
|
},
|
||||||
|
},
|
||||||
|
|
||||||
|
methods: {
|
||||||
|
/**
|
||||||
|
* Determine the correct content to show in the modal.
|
||||||
|
*/
|
||||||
|
prepareModalContent: function () {
|
||||||
|
// Reset the data object when the modal is opened again.
|
||||||
|
Object.assign(this.$data, this.$options.data());
|
||||||
|
|
||||||
|
window.axios.get(this.route('account.two_factor'))
|
||||||
|
.finally(() => {
|
||||||
|
this.clearFlashes();
|
||||||
|
})
|
||||||
|
.then(response => {
|
||||||
|
this.$data.response = response.data;
|
||||||
|
this.$data.spinner = false;
|
||||||
|
Vue.nextTick().then(() => {
|
||||||
|
this.$refs.token.focus();
|
||||||
|
})
|
||||||
|
})
|
||||||
|
.catch(error => {
|
||||||
|
if (!error.response) {
|
||||||
|
this.error(error.message);
|
||||||
|
}
|
||||||
|
|
||||||
|
const response = error.response;
|
||||||
|
if (response.data && isObject(response.data.errors)) {
|
||||||
|
response.data.errors.forEach(e => {
|
||||||
|
this.error(e.detail);
|
||||||
|
});
|
||||||
|
}
|
||||||
|
|
||||||
|
this.$emit('close');
|
||||||
|
});
|
||||||
|
},
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Enable two-factor authentication on the account by validating the token provided by the user.
|
||||||
|
* Close the modal once the request completes so that the success or error message can be shown
|
||||||
|
* to the user.
|
||||||
|
*/
|
||||||
|
enableTwoFactor: function () {
|
||||||
|
return this._callInternalApi('account.two_factor.enable', 'enabled');
|
||||||
|
},
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Disables two-factor authentication for the client account and closes the modal.
|
||||||
|
*/
|
||||||
|
disableTwoFactor: function () {
|
||||||
|
return this._callInternalApi('account.two_factor.disable', 'disabled');
|
||||||
|
},
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Call the Panel API endpoint and handle errors.
|
||||||
|
*
|
||||||
|
* @param {String} route
|
||||||
|
* @param {String} langKey
|
||||||
|
* @private
|
||||||
|
*/
|
||||||
|
_callInternalApi: function (route, langKey) {
|
||||||
|
window.axios.post(this.route(route), {
|
||||||
|
token: this.$data.token,
|
||||||
|
})
|
||||||
|
.finally(() => {
|
||||||
|
this.clearFlashes();
|
||||||
|
})
|
||||||
|
.then(response => {
|
||||||
|
if (response.data.success) {
|
||||||
|
this.success(this.$t(`dashboard.account.two_factor.${langKey}`));
|
||||||
|
} else {
|
||||||
|
this.error(this.$t('dashboard.account.two_factor.invalid'));
|
||||||
|
}
|
||||||
|
})
|
||||||
|
.catch(error => {
|
||||||
|
if (!error.response) {
|
||||||
|
this.error(error.message);
|
||||||
|
}
|
||||||
|
|
||||||
|
const response = error.response;
|
||||||
|
if (response.data && isObject(response.data.errors)) {
|
||||||
|
response.data.errors.forEach(e => {
|
||||||
|
this.error(e.detail);
|
||||||
|
});
|
||||||
|
}
|
||||||
|
})
|
||||||
|
.finally(() => {
|
||||||
|
this.$emit('close');
|
||||||
|
})
|
||||||
|
}
|
||||||
|
},
|
||||||
};
|
};
|
||||||
</script>
|
</script>
|
||||||
|
|
|
@ -2,9 +2,9 @@
|
||||||
<div :class>
|
<div :class>
|
||||||
<form method="post" v-on:submit.prevent="submitForm">
|
<form method="post" v-on:submit.prevent="submitForm">
|
||||||
<div class="content-box">
|
<div class="content-box">
|
||||||
<h2 class="mb-6 text-grey-darkest font-medium">Update your email</h2>
|
<h2 class="mb-6 text-grey-darkest font-medium">{{ $t('dashboard.account.email.title') }}</h2>
|
||||||
<div>
|
<div>
|
||||||
<label for="grid-email" class="input-label">Email address</label>
|
<label for="grid-email" class="input-label">{{ $t('strings.email_address') }}</label>
|
||||||
<input id="grid-email" name="email" type="email" class="input" required
|
<input id="grid-email" name="email" type="email" class="input" required
|
||||||
:class="{ error: errors.has('email') }"
|
:class="{ error: errors.has('email') }"
|
||||||
v-validate
|
v-validate
|
||||||
|
@ -13,13 +13,13 @@
|
||||||
<p class="input-help error" v-show="errors.has('email')">{{ errors.first('email') }}</p>
|
<p class="input-help error" v-show="errors.has('email')">{{ errors.first('email') }}</p>
|
||||||
</div>
|
</div>
|
||||||
<div class="mt-6">
|
<div class="mt-6">
|
||||||
<label for="grid-password" class="input-label">Password</label>
|
<label for="grid-password" class="input-label">{{ $t('strings.password') }}</label>
|
||||||
<input id="grid-password" name="password" type="password" class="input" required
|
<input id="grid-password" name="password" type="password" class="input" required
|
||||||
v-model="password"
|
v-model="password"
|
||||||
>
|
>
|
||||||
</div>
|
</div>
|
||||||
<div class="mt-6 text-right">
|
<div class="mt-6 text-right">
|
||||||
<button class="btn btn-blue btn-sm text-right" type="submit">Save</button>
|
<button class="btn btn-blue btn-sm text-right" type="submit">{{ $t('strings.save') }}</button>
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
</form>
|
</form>
|
||||||
|
@ -57,7 +57,7 @@
|
||||||
this.$data.password = '';
|
this.$data.password = '';
|
||||||
})
|
})
|
||||||
.then(() => {
|
.then(() => {
|
||||||
this.success('Your email address has been updated.');
|
this.success(this.$t('dashboard.account.email.updated'));
|
||||||
})
|
})
|
||||||
.catch(error => {
|
.catch(error => {
|
||||||
if (!error.response) {
|
if (!error.response) {
|
||||||
|
@ -79,7 +79,3 @@
|
||||||
}
|
}
|
||||||
};
|
};
|
||||||
</script>
|
</script>
|
||||||
|
|
||||||
<style scoped>
|
|
||||||
|
|
||||||
</style>
|
|
||||||
|
|
|
@ -20,6 +20,14 @@
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
&.btn-red {
|
||||||
|
@apply .bg-red .border-red-dark .border .text-white;
|
||||||
|
|
||||||
|
&:hover:enabled {
|
||||||
|
@apply .bg-red-dark .border-red-darker;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
&.btn-secondary {
|
&.btn-secondary {
|
||||||
@apply .border .border-grey-light .text-grey-dark;
|
@apply .border .border-grey-light .text-grey-dark;
|
||||||
|
|
||||||
|
|
|
@ -2,6 +2,16 @@ textarea, select, input, button {
|
||||||
outline: none;
|
outline: none;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
input[type=number]::-webkit-outer-spin-button,
|
||||||
|
input[type=number]::-webkit-inner-spin-button {
|
||||||
|
-webkit-appearance: none !important;
|
||||||
|
margin: 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
input[type=number] {
|
||||||
|
-moz-appearance: textfield !important;
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Styles for the login form open input boxes. Label floats up above it when content
|
* Styles for the login form open input boxes. Label floats up above it when content
|
||||||
* is input and then sinks back down into the field if left empty.
|
* is input and then sinks back down into the field if left empty.
|
||||||
|
|
|
@ -31,11 +31,11 @@
|
||||||
/**
|
/**
|
||||||
* Spinner Colors
|
* Spinner Colors
|
||||||
*/
|
*/
|
||||||
&.blue:after {
|
&.blue:after, &.text-blue:after {
|
||||||
@apply .border-blue;
|
@apply .border-blue;
|
||||||
}
|
}
|
||||||
|
|
||||||
&.white:after {
|
&.white:after, &.text-white:after {
|
||||||
@apply .border-white;
|
@apply .border-white;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -54,35 +54,4 @@ return [
|
||||||
],
|
],
|
||||||
],
|
],
|
||||||
],
|
],
|
||||||
'account' => [
|
|
||||||
'details_updated' => 'Your account details have been successfully updated.',
|
|
||||||
'invalid_password' => 'The password provided for your account was not valid.',
|
|
||||||
'header' => 'Your Account',
|
|
||||||
'header_sub' => 'Manage your account details.',
|
|
||||||
'update_pass' => 'Update Password',
|
|
||||||
'update_email' => 'Update Email Address',
|
|
||||||
'current_password' => 'Current Password',
|
|
||||||
'new_password' => 'New Password',
|
|
||||||
'new_password_again' => 'Repeat New Password',
|
|
||||||
'new_email' => 'New Email Address',
|
|
||||||
'first_name' => 'First Name',
|
|
||||||
'last_name' => 'Last Name',
|
|
||||||
'update_identity' => 'Update Identity',
|
|
||||||
'username_help' => 'Your username must be unique to your account, and may only contain the following characters: :requirements.',
|
|
||||||
],
|
|
||||||
'security' => [
|
|
||||||
'session_mgmt_disabled' => 'Your host has not enabled the ability to manage account sessions via this interface.',
|
|
||||||
'header' => 'Account Security',
|
|
||||||
'header_sub' => 'Control active sessions and 2-Factor Authentication.',
|
|
||||||
'sessions' => 'Active Sessions',
|
|
||||||
'2fa_header' => '2-Factor Authentication',
|
|
||||||
'2fa_token_help' => 'Enter the 2FA Token generated by your app (Google Authenticator, Authy, etc.).',
|
|
||||||
'disable_2fa' => 'Disable 2-Factor Authentication',
|
|
||||||
'2fa_enabled' => '2-Factor Authentication is enabled on this account and will be required in order to login to the panel. If you would like to disable 2FA, simply enter a valid token below and submit the form.',
|
|
||||||
'2fa_disabled' => '2-Factor Authentication is disabled on your account! You should enable 2FA in order to add an extra level of protection on your account.',
|
|
||||||
'enable_2fa' => 'Enable 2-Factor Authentication',
|
|
||||||
'2fa_qr' => 'Configure 2FA on Your Device',
|
|
||||||
'2fa_checkpoint_help' => 'Use the 2FA application on your phone to take a picture of the QR code to the left, or manually enter the code under it. Once you have done so, generate a token and enter it below.',
|
|
||||||
'2fa_disable_error' => 'The 2FA token provided was not valid. Protection has not been disabled for this account.',
|
|
||||||
],
|
|
||||||
];
|
];
|
||||||
|
|
28
resources/lang/en/dashboard/account.php
Normal file
28
resources/lang/en/dashboard/account.php
Normal file
|
@ -0,0 +1,28 @@
|
||||||
|
<?php
|
||||||
|
|
||||||
|
return [
|
||||||
|
'email' => [
|
||||||
|
'title' => 'Update your email',
|
||||||
|
'updated' => 'Your email address has been updated.',
|
||||||
|
],
|
||||||
|
'password' => [
|
||||||
|
'title' => 'Change your password',
|
||||||
|
'requirements' => 'Your new password should be at least 8 characters in length.',
|
||||||
|
'updated' => 'Your password has been updated.',
|
||||||
|
],
|
||||||
|
'two_factor' => [
|
||||||
|
'button' => 'Configure 2-Factor Authentication',
|
||||||
|
'disabled' => 'Two-factor authentication has been disabled on your account. You will no longer be prompted to provide a token when logging in.',
|
||||||
|
'enabled' => 'Two-factor authentication has been enabled on your account! From now on, when logging in, you will be required to provide the code generated by your device.',
|
||||||
|
'invalid' => 'The token provided was invalid.',
|
||||||
|
'setup' => [
|
||||||
|
'title' => 'Setup two-factor authentication',
|
||||||
|
'help' => 'Can\'t scan the code? Enter the code below into your application:',
|
||||||
|
'field' => 'Enter token',
|
||||||
|
],
|
||||||
|
'disable' => [
|
||||||
|
'title' => 'Disable two-factor authentication',
|
||||||
|
'field' => 'Enter token',
|
||||||
|
],
|
||||||
|
],
|
||||||
|
];
|
|
@ -2,9 +2,11 @@
|
||||||
|
|
||||||
return [
|
return [
|
||||||
'email' => 'Email',
|
'email' => 'Email',
|
||||||
|
'email_address' => 'Email address',
|
||||||
'user_identifier' => 'Username or Email',
|
'user_identifier' => 'Username or Email',
|
||||||
'password' => 'Password',
|
'password' => 'Password',
|
||||||
'confirm_password' => 'Confirm Password',
|
'new_password' => 'New password',
|
||||||
|
'confirm_password' => 'Confirm new password',
|
||||||
'login' => 'Login',
|
'login' => 'Login',
|
||||||
'home' => 'Home',
|
'home' => 'Home',
|
||||||
'servers' => 'Servers',
|
'servers' => 'Servers',
|
||||||
|
@ -85,7 +87,8 @@ return [
|
||||||
'sat' => 'Saturday',
|
'sat' => 'Saturday',
|
||||||
],
|
],
|
||||||
'last_used' => 'Last Used',
|
'last_used' => 'Last Used',
|
||||||
|
'enable' => 'Enable',
|
||||||
// Copyright Line
|
'disable' => 'Disable',
|
||||||
|
'save' => 'Save',
|
||||||
'copyright' => '© 2015 - :year Pterodactyl Software',
|
'copyright' => '© 2015 - :year Pterodactyl Software',
|
||||||
];
|
];
|
||||||
|
|
|
@ -1,11 +1,5 @@
|
||||||
<?php
|
<?php
|
||||||
/**
|
|
||||||
* Pterodactyl - Panel
|
|
||||||
* Copyright (c) 2015 - 2017 Dane Everitt <dane@daneeveritt.com>.
|
|
||||||
*
|
|
||||||
* This software is licensed under the terms of the MIT license.
|
|
||||||
* https://opensource.org/licenses/MIT
|
|
||||||
*/
|
|
||||||
Route::get('/', 'IndexController@index')->name('index');
|
Route::get('/', 'IndexController@index')->name('index');
|
||||||
|
|
||||||
/*
|
/*
|
||||||
|
@ -16,11 +10,6 @@ Route::get('/', 'IndexController@index')->name('index');
|
||||||
| Endpoint: /account
|
| Endpoint: /account
|
||||||
|
|
|
|
||||||
*/
|
*/
|
||||||
//Route::group(['prefix' => 'account'], function () {
|
|
||||||
// Route::get('/', 'AccountController@index')->name('account');
|
|
||||||
//
|
|
||||||
// Route::post('/', 'AccountController@update');
|
|
||||||
//});
|
|
||||||
|
|
||||||
/*
|
/*
|
||||||
|--------------------------------------------------------------------------
|
|--------------------------------------------------------------------------
|
||||||
|
@ -47,15 +36,10 @@ Route::group(['prefix' => 'account/api'], function () {
|
||||||
| Endpoint: /account/security
|
| Endpoint: /account/security
|
||||||
|
|
|
|
||||||
*/
|
*/
|
||||||
Route::group(['prefix' => 'account/security'], function () {
|
Route::group(['prefix' => 'account/two_factor'], function () {
|
||||||
Route::get('/', 'SecurityController@index')->name('account.security');
|
Route::get('/', 'SecurityController@index')->name('account.two_factor');
|
||||||
Route::get('/revoke/{id}', 'SecurityController@revoke')->name('account.security.revoke');
|
Route::post('/totp', 'SecurityController@store')->name('account.two_factor.enable');
|
||||||
|
Route::post('/totp/disable', 'SecurityController@delete')->name('account.two_factor.disable');
|
||||||
Route::put('/totp', 'SecurityController@generateTotp')->name('account.security.totp');
|
|
||||||
|
|
||||||
Route::post('/totp', 'SecurityController@setTotp')->name('account.security.totp.set');
|
|
||||||
|
|
||||||
Route::delete('/totp', 'SecurityController@disableTotp')->name('account.security.totp.disable');
|
|
||||||
});
|
});
|
||||||
|
|
||||||
// Catch any other combinations of routes and pass them off to the Vuejs component.
|
// Catch any other combinations of routes and pass them off to the Vuejs component.
|
||||||
|
|
Loading…
Reference in a new issue