Friendica Communications Platform (please note that this is a clone of the repository at github, issues are handled there) https://friendi.ca
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
 
 
 
 

115 lines
4.4 KiB

  1. <?php
  2. namespace Friendica\Module\Settings\TwoFactor;
  3. use Friendica\Core\L10n;
  4. use Friendica\Core\Renderer;
  5. use Friendica\DI;
  6. use Friendica\Model\TwoFactor\AppSpecificPassword;
  7. use Friendica\Module\BaseSettingsModule;
  8. use Friendica\Module\Security\Login;
  9. /**
  10. * // Page 5: 2FA enabled, app-specific password generation
  11. *
  12. * @package Friendica\Module\TwoFactor
  13. */
  14. class AppSpecific extends BaseSettingsModule
  15. {
  16. private static $appSpecificPassword = null;
  17. public static function init(array $parameters = [])
  18. {
  19. if (!local_user()) {
  20. return;
  21. }
  22. $verified = DI::pConfig()->get(local_user(), '2fa', 'verified');
  23. if (!$verified) {
  24. DI::baseUrl()->redirect('settings/2fa');
  25. }
  26. if (!self::checkFormSecurityToken('settings_2fa_password', 't')) {
  27. notice(L10n::t('Please enter your password to access this page.'));
  28. DI::baseUrl()->redirect('settings/2fa');
  29. }
  30. }
  31. public static function post(array $parameters = [])
  32. {
  33. if (!local_user()) {
  34. return;
  35. }
  36. if (!empty($_POST['action'])) {
  37. self::checkFormSecurityTokenRedirectOnError('settings/2fa/app_specific', 'settings_2fa_app_specific');
  38. switch ($_POST['action']) {
  39. case 'generate':
  40. $description = $_POST['description'] ?? '';
  41. if (empty($description)) {
  42. notice(L10n::t('App-specific password generation failed: The description is empty.'));
  43. DI::baseUrl()->redirect('settings/2fa/app_specific?t=' . self::getFormSecurityToken('settings_2fa_password'));
  44. } elseif (AppSpecificPassword::checkDuplicateForUser(local_user(), $description)) {
  45. notice(L10n::t('App-specific password generation failed: This description already exists.'));
  46. DI::baseUrl()->redirect('settings/2fa/app_specific?t=' . self::getFormSecurityToken('settings_2fa_password'));
  47. } else {
  48. self::$appSpecificPassword = AppSpecificPassword::generateForUser(local_user(), $_POST['description'] ?? '');
  49. notice(L10n::t('New app-specific password generated.'));
  50. }
  51. break;
  52. case 'revoke_all' :
  53. AppSpecificPassword::deleteAllForUser(local_user());
  54. notice(L10n::t('App-specific passwords successfully revoked.'));
  55. DI::baseUrl()->redirect('settings/2fa/app_specific?t=' . self::getFormSecurityToken('settings_2fa_password'));
  56. break;
  57. }
  58. }
  59. if (!empty($_POST['revoke_id'])) {
  60. self::checkFormSecurityTokenRedirectOnError('settings/2fa/app_specific', 'settings_2fa_app_specific');
  61. if (AppSpecificPassword::deleteForUser(local_user(), $_POST['revoke_id'])) {
  62. notice(L10n::t('App-specific password successfully revoked.'));
  63. }
  64. DI::baseUrl()->redirect('settings/2fa/app_specific?t=' . self::getFormSecurityToken('settings_2fa_password'));
  65. }
  66. }
  67. public static function content(array $parameters = [])
  68. {
  69. if (!local_user()) {
  70. return Login::form('settings/2fa/app_specific');
  71. }
  72. parent::content($parameters);
  73. $appSpecificPasswords = AppSpecificPassword::getListForUser(local_user());
  74. return Renderer::replaceMacros(Renderer::getMarkupTemplate('settings/twofactor/app_specific.tpl'), [
  75. '$form_security_token' => self::getFormSecurityToken('settings_2fa_app_specific'),
  76. '$password_security_token' => self::getFormSecurityToken('settings_2fa_password'),
  77. '$title' => L10n::t('Two-factor app-specific passwords'),
  78. '$help_label' => L10n::t('Help'),
  79. '$message' => L10n::t('<p>App-specific passwords are randomly generated passwords used instead your regular password to authenticate your account on third-party applications that don\'t support two-factor authentication.</p>'),
  80. '$generated_message' => L10n::t('Make sure to copy your new app-specific password now. You won’t be able to see it again!'),
  81. '$generated_app_specific_password' => self::$appSpecificPassword,
  82. '$description_label' => L10n::t('Description'),
  83. '$last_used_label' => L10n::t('Last Used'),
  84. '$revoke_label' => L10n::t('Revoke'),
  85. '$revoke_all_label' => L10n::t('Revoke All'),
  86. '$app_specific_passwords' => $appSpecificPasswords,
  87. '$generate_message' => L10n::t('When you generate a new app-specific password, you must use it right away, it will be shown to you once after you generate it.'),
  88. '$generate_title' => L10n::t('Generate new app-specific password'),
  89. '$description_placeholder_label' => L10n::t('Friendiqa on my Fairphone 2...'),
  90. '$generate_label' => L10n::t('Generate'),
  91. ]);
  92. }
  93. }