Infra-Mirrors/BookStack
1
0
Fork 0
mirror of https://github.com/BookStackApp/BookStack.git synced 2024-10-01 01:36:00 -04:00
Code Issues Packages Projects Releases Wiki Activity

Added MFA setup link on user edit view

Browse Source
This commit is contained in:
Dan Brown 2021-07-14 20:06:41 +01:00
parent 09c2814dc7
commit bb43acef21
No known key found for this signature in database
GPG Key ID: 46D9F943C24A2EF9
3 changed files with 51 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
app/Http/Controllers/UserController.php
View File

@ -128,12 +128,14 @@ class UserController extends Controller
$authMethod = ($user->system_name) ? 'system' : config('auth.method');
$activeSocialDrivers = $socialAuthService->getActiveDrivers();
$mfaMethods = user()->mfaValues()->get(['id', 'method'])->groupBy('method');
$this->setPageTitle(trans('settings.user_profile'));
$roles = $this->userRepo->getAllRoles();
return view('users.edit', [
'user' => $user,
'activeSocialDrivers' => $activeSocialDrivers,
'mfaMethods' => $mfaMethods,
'authMethod' => $authMethod,
'roles' => $roles,
]);

24
resources/views/users/edit.blade.php
View File

@ -63,6 +63,30 @@
</form>
</section>
<section class="card content-wrap auto-height">
<h2 class="list-heading">Multi-Factor Authentication</h2>
<p>
Setup multi-factor authentication as an extra layer of security
for your user account.
</p>
<div class="grid half gap-xl v-center pb-s">
<div>
@if ($mfaMethods->count() > 0)
<span class="text-pos">@icon('check-circle')</span>
@else
<span class="text-neg">@icon('cancel')</span>
@endif
{{ $mfaMethods->count() }} {{ $mfaMethods->count() === 1 ? 'method' : 'methods' }} configured
</div>
<div class="text-m-right">
@if($user->id === user()->id)
<a href="{{ url('/mfa/setup') }}" class="button outline">Configure Methods</a>
@endif
</div>
</div>
</section>
@if(user()->id === $user->id && count($activeSocialDrivers) > 0)
<section class="card content-wrap auto-height">
<h2 class="list-heading">{{ trans('settings.users_social_accounts') }}</h2>

25
tests/Auth/MfaConfigurationTest.php
View File

@ -106,4 +106,29 @@ class MfaConfigurationTest extends TestCase
$resp->assertStatus(500);
}
public function test_mfa_method_count_is_visible_on_user_edit_page()
{
$admin = $this->getAdmin();
$resp = $this->actingAs($admin)->get($admin->getEditUrl());
$resp->assertSee('0 methods configured');
MfaValue::upsertWithValue($admin, MfaValue::METHOD_TOTP, 'test');
$resp = $this->actingAs($admin)->get($admin->getEditUrl());
$resp->assertSee('1 method configured');
MfaValue::upsertWithValue($admin, MfaValue::METHOD_BACKUP_CODES, 'test');
$resp = $this->actingAs($admin)->get($admin->getEditUrl());
$resp->assertSee('2 methods configured');
}
public function test_mfa_setup_link_only_shown_when_viewing_own_user_edit_page()
{
$admin = $this->getAdmin();
$resp = $this->actingAs($admin)->get($admin->getEditUrl());
$resp->assertElementExists('a[href$="/mfa/setup"]');
$resp = $this->actingAs($admin)->get($this->getEditor()->getEditUrl());
$resp->assertElementNotExists('a[href$="/mfa/setup"]');
}
}