BookStack/resources/views/mfa/setup.blade.php

@extends('simple-layout')

@section('body')
    <div class="container small py-xl">

        <div class="card content-wrap auto-height">
            <h1 class="list-heading">Setup Multi-Factor Authentication</h1>
            <p class="mb-none">
                Setup multi-factor authentication as an extra layer of security
                for your user account.
            </p>

            <div class="setting-list">
                <div class="grid half gap-xl">
                    <div>
                        <div class="setting-list-label">Mobile App</div>
                        <p class="small">
                            To use multi-factor authentication you'll need a mobile application
                            that supports TOTP such as Google Authenticator, Authy or Microsoft Authenticator.
                        </p>
                    </div>
                    <div class="pt-m">
                        @if($userMethods->has('totp'))
                            <div class="text-pos">
                                @icon('check-circle')
                                Already configured
                            </div>
                            <a href="{{ url('/mfa/totp/generate') }}" class="button outline small">Reconfigure</a>
                            <div component="dropdown" class="inline relative">
                                <button type="button" refs="dropdown@toggle" class="button outline small">Remove</button>
                                <div refs="dropdown@menu" class="dropdown-menu">
                                    <p class="text-neg small px-m mb-xs">Are you sure you want to remove this multi-factor authentication method?</p>
                                    <form action="{{ url('/mfa/remove/totp') }}" method="post">
                                        {{ csrf_field() }}
                                        {{ method_field('delete') }}
                                        <button class="text-primary small delete">{{ trans('common.confirm') }}</button>
                                    </form>
                                </div>
                            </div>
                        @else
                            <a href="{{ url('/mfa/totp/generate') }}" class="button outline">Setup</a>
                        @endif
                    </div>
                </div>

                <div class="grid half gap-xl">
                    <div>
                        <div class="setting-list-label">Backup Codes</div>
                        <p class="small">
                            Securely store a set of one-time-use backup codes
                            which you can enter to verify your identity.
                        </p>
                    </div>
                    <div class="pt-m">
                        @if($userMethods->has('backup_codes'))
                            <div class="text-pos">
                                @icon('check-circle')
                                Already configured
                            </div>
                            <a href="{{ url('/mfa/backup_codes/generate') }}" class="button outline small">Reconfigure</a>
                            <div component="dropdown" class="inline relative">
                                <button type="button" refs="dropdown@toggle" class="button outline small">Remove</button>
                                <div refs="dropdown@menu" class="dropdown-menu">
                                    <p class="text-neg small px-m mb-xs">Are you sure you want to remove this multi-factor authentication method?</p>
                                    <form action="{{ url('/mfa/remove/backup_codes') }}" method="post">
                                        {{ csrf_field() }}
                                        {{ method_field('delete') }}
                                        <button class="text-primary small delete">{{ trans('common.confirm') }}</button>
                                    </form>
                                </div>
                            </div>
                        @else
                            <a href="{{ url('/mfa/backup_codes/generate') }}" class="button outline">Setup</a>
                        @endif
                    </div>
                </div>
            </div>

        </div>
    </div>
@stop
Started barebones work of MFA system 2021-06-28 17:02:45 -04:00			`@extends('simple-layout')`

			`@section('body')`
			`<div class="container small py-xl">`

			`<div class="card content-wrap auto-height">`
			`<h1 class="list-heading">Setup Multi-Factor Authentication</h1>`
Added TOTP generation view and started verification stage Also updated MFA setup view to have settings-like listed interface to make it possible to extend with extra options in the future. 2021-06-29 17:06:49 -04:00			`<p class="mb-none">`
Started barebones work of MFA system 2021-06-28 17:02:45 -04:00			`Setup multi-factor authentication as an extra layer of security`
			`for your user account.`
			`</p>`
Added TOTP generation view and started verification stage Also updated MFA setup view to have settings-like listed interface to make it possible to extend with extra options in the future. 2021-06-29 17:06:49 -04:00
			`<div class="setting-list">`
			`<div class="grid half gap-xl">`
			`<div>`
			`<div class="setting-list-label">Mobile App</div>`
			`<p class="small">`
			`To use multi-factor authentication you'll need a mobile application`
			`that supports TOTP such as Google Authenticator, Authy or Microsoft Authenticator.`
			`</p>`
			`</div>`
			`<div class="pt-m">`
Complete base flow for TOTP setup - Includes DB storage and code validation. - Extracted TOTP work to its own service file. - Still needs testing to cover this side of things. 2021-06-30 17:10:02 -04:00			`@if($userMethods->has('totp'))`
			`<div class="text-pos">`
			`@icon('check-circle')`
			`Already configured`
			`</div>`
Worked on MFA setup required flow - Restructured some of the route naming to be a little more consistent. - Moved the routes about to be more logically in one place. - Created a new middleware to handle the auth of people that should be allowed access to mfa setup routes, since these could be used by existing logged in users or by people needing to setup MFA on access. - Added testing to cover MFA setup required flow. - Added TTL and method tracking to session last-login tracking system. 2021-08-02 17:02:25 -04:00			`<a href="{{ url('/mfa/totp/generate') }}" class="button outline small">Reconfigure</a>`
Added the ability to remove an MFA method Includes testing to cover 2021-07-14 16:27:21 -04:00			`<div component="dropdown" class="inline relative">`
			`<button type="button" refs="dropdown@toggle" class="button outline small">Remove</button>`
			`<div refs="dropdown@menu" class="dropdown-menu">`
			`<p class="text-neg small px-m mb-xs">Are you sure you want to remove this multi-factor authentication method?</p>`
			`<form action="{{ url('/mfa/remove/totp') }}" method="post">`
			`{{ csrf_field() }}`
			`{{ method_field('delete') }}`
			`<button class="text-primary small delete">{{ trans('common.confirm') }}</button>`
			`</form>`
			`</div>`
			`</div>`
Complete base flow for TOTP setup - Includes DB storage and code validation. - Extracted TOTP work to its own service file. - Still needs testing to cover this side of things. 2021-06-30 17:10:02 -04:00			`@else`
Worked on MFA setup required flow - Restructured some of the route naming to be a little more consistent. - Moved the routes about to be more logically in one place. - Created a new middleware to handle the auth of people that should be allowed access to mfa setup routes, since these could be used by existing logged in users or by people needing to setup MFA on access. - Added testing to cover MFA setup required flow. - Added TTL and method tracking to session last-login tracking system. 2021-08-02 17:02:25 -04:00			`<a href="{{ url('/mfa/totp/generate') }}" class="button outline">Setup</a>`
Complete base flow for TOTP setup - Includes DB storage and code validation. - Extracted TOTP work to its own service file. - Still needs testing to cover this side of things. 2021-06-30 17:10:02 -04:00			`@endif`
Added TOTP generation view and started verification stage Also updated MFA setup view to have settings-like listed interface to make it possible to extend with extra options in the future. 2021-06-29 17:06:49 -04:00			`</div>`
			`</div>`

			`<div class="grid half gap-xl">`
			`<div>`
			`<div class="setting-list-label">Backup Codes</div>`
			`<p class="small">`
Added backup code setup flow - Includes testing to cover flow. - Moved TOTP logic to its own controller. - Added some extra totp tests. 2021-07-02 15:53:33 -04:00			`Securely store a set of one-time-use backup codes`
Added TOTP generation view and started verification stage Also updated MFA setup view to have settings-like listed interface to make it possible to extend with extra options in the future. 2021-06-29 17:06:49 -04:00			`which you can enter to verify your identity.`
			`</p>`
			`</div>`
			`<div class="pt-m">`
Added backup code setup flow - Includes testing to cover flow. - Moved TOTP logic to its own controller. - Added some extra totp tests. 2021-07-02 15:53:33 -04:00			`@if($userMethods->has('backup_codes'))`
			`<div class="text-pos">`
			`@icon('check-circle')`
			`Already configured`
			`</div>`
Worked on MFA setup required flow - Restructured some of the route naming to be a little more consistent. - Moved the routes about to be more logically in one place. - Created a new middleware to handle the auth of people that should be allowed access to mfa setup routes, since these could be used by existing logged in users or by people needing to setup MFA on access. - Added testing to cover MFA setup required flow. - Added TTL and method tracking to session last-login tracking system. 2021-08-02 17:02:25 -04:00			`<a href="{{ url('/mfa/backup_codes/generate') }}" class="button outline small">Reconfigure</a>`
Added the ability to remove an MFA method Includes testing to cover 2021-07-14 16:27:21 -04:00			`<div component="dropdown" class="inline relative">`
			`<button type="button" refs="dropdown@toggle" class="button outline small">Remove</button>`
			`<div refs="dropdown@menu" class="dropdown-menu">`
			`<p class="text-neg small px-m mb-xs">Are you sure you want to remove this multi-factor authentication method?</p>`
			`<form action="{{ url('/mfa/remove/backup_codes') }}" method="post">`
			`{{ csrf_field() }}`
			`{{ method_field('delete') }}`
			`<button class="text-primary small delete">{{ trans('common.confirm') }}</button>`
			`</form>`
			`</div>`
			`</div>`
Added backup code setup flow - Includes testing to cover flow. - Moved TOTP logic to its own controller. - Added some extra totp tests. 2021-07-02 15:53:33 -04:00			`@else`
Worked on MFA setup required flow - Restructured some of the route naming to be a little more consistent. - Moved the routes about to be more logically in one place. - Created a new middleware to handle the auth of people that should be allowed access to mfa setup routes, since these could be used by existing logged in users or by people needing to setup MFA on access. - Added testing to cover MFA setup required flow. - Added TTL and method tracking to session last-login tracking system. 2021-08-02 17:02:25 -04:00			`<a href="{{ url('/mfa/backup_codes/generate') }}" class="button outline">Setup</a>`
Added backup code setup flow - Includes testing to cover flow. - Moved TOTP logic to its own controller. - Added some extra totp tests. 2021-07-02 15:53:33 -04:00			`@endif`
Added TOTP generation view and started verification stage Also updated MFA setup view to have settings-like listed interface to make it possible to extend with extra options in the future. 2021-06-29 17:06:49 -04:00			`</div>`
			`</div>`
			`</div>`

Started barebones work of MFA system 2021-06-28 17:02:45 -04:00			`</div>`
			`</div>`
			`@stop`