Commit 5bbec2b9 authored by Marius Burkard's avatar Marius Burkard
Browse files

Merge branch '2558-two-factor-authentication' into 'develop'

Resolve "Two-factor authentication"

Closes #2558

See merge request !1575
parents 80d3a532 0904fa4e
Pipeline #11689 passed with stage
in 10 seconds
ALTER TABLE `sys_user` ADD `otp_type` SET('none', 'email') NOT NULL DEFAULT 'none' AFTER `lost_password_reqtime`, ADD `otp_data` VARCHAR(255) NULL AFTER `otp_type`, ADD `otp_recovery` VARCHAR(64) NULL AFTER `otp_data`, ADD `otp_attempts` TINYINT NOT NULL DEFAULT '0' AFTER `otp_recovery`;
......@@ -1842,6 +1842,10 @@ CREATE TABLE `sys_user` (
`lost_password_function` tinyint(1) NOT NULL default '1',
`lost_password_hash` VARCHAR(50) NOT NULL default '',
`lost_password_reqtime` DATETIME NULL default NULL,
`otp_type` set('none', 'email') NOT NULL DEFAULT 'none',
`otp_data` varchar(255) DEFAULT NULL,
`otp_recovery` varchar(64) DEFAULT NULL,
`otp_attempts` tinyint(4) NOT NULL DEFAULT 0,
PRIMARY KEY (`userid`)
) DEFAULT CHARSET=utf8 AUTO_INCREMENT=1 ;
......
......@@ -212,6 +212,12 @@ class app {
}
}
public function auth_log($msg) {
$authlog_handle = fopen($this->_conf['ispconfig_log_dir'].'/auth.log', 'a');
fwrite($authlog_handle, $msg . PHP_EOL);
fclose($authlog_handle);
}
/** Priority values are: 0 = DEBUG, 1 = WARNING, 2 = ERROR */
public function error($msg, $next_link = '', $stop = true, $priority = 1) {
//$this->uses("error");
......
......@@ -94,6 +94,11 @@ while ($file = @readdir($handle)) {
}
}
$otp_method_list = array(
'none' => 'none',
'email' => 'email',
);
//* Load themes
$themes_list = array();
$handle = @opendir(ISPC_THEMES_PATH);
......@@ -254,6 +259,25 @@ $form['tabs']['users'] = array (
'rows' => '',
'cols' => ''
),
'otp_type' => array(
'datatype' => 'VARCHAR',
'formtype' => 'SELECT',
'validators' => array ( 0 => array ( 'type' => 'NOTEMPTY',
'errmsg'=> 'otp_auth_empty'),
1 => array ( 'type' => 'REGEX',
'regex' => '/^[a-z0-9\_]{0,64}$/',
'errmsg'=> 'otp_auth_regex'),
),
'regex' => '',
'errmsg' => '',
'default' => '',
'value' => $otp_method_list,
'separator' => '',
'width' => '30',
'maxlength' => '255',
'rows' => '',
'cols' => ''
),
'language' => array (
'datatype' => 'VARCHAR',
'formtype' => 'SELECT',
......
......@@ -34,4 +34,5 @@ $wb['username_error_collision'] = 'The username may not be web or web plus a num
$wb['client_not_admin_err'] = 'A user that belongs to a client can not be set to type: admin';
$wb['lost_password_function_txt'] = 'Forgot password function is available';
$wb['no_user_insert'] = 'CP-Users of type -user- get added and updated automatically when you add a client or reseller.';
$wb['otp_auth_txt'] = '2-Factor Authentication';
?>
......@@ -34,4 +34,5 @@ $wb['username_error_collision'] = 'The username may not be web or web plus a num
$wb['client_not_admin_err'] = 'A user that belongs to a client can not be set to type: admin';
$wb['lost_password_function_txt'] = 'Forgot password function is available';
$wb['no_user_insert'] = 'CP-Users of type -user- get added and updated automatically when you add a client or reseller.';
$wb['otp_auth_txt'] = '2-Factor Authentication';
?>
......@@ -38,3 +38,4 @@ $wb['startmodule_empty'] = 'O módulo inicial está vazio.';
$wb['startmodule_regex'] = 'Caracteres inválidos no módulo inicial.';
$wb['app_theme_empty'] = 'Tema está vazio.';
$wb['app_theme_regex'] = 'Caracteres inválidos no tema.';
$wb['otp_auth_txt'] = '2-Factor Authentication';
......@@ -34,4 +34,5 @@ $wb['username_error_collision'] = 'The username may not be web or web plus a num
$wb['client_not_admin_err'] = 'A user that belongs to a client can not be set to type: admin';
$wb['lost_password_function_txt'] = 'Forgot password function is available';
$wb['no_user_insert'] = 'CP-Users of type -user- get added and updated automatically when you add a client or reseller.';
$wb['otp_auth_txt'] = '2-Factor Authentication';
?>
......@@ -38,3 +38,4 @@ $wb['startmodule_empty'] = 'Startmodule empty.';
$wb['startmodule_regex'] = 'Invalid chars in Startmodule.';
$wb['app_theme_empty'] = 'App theme empty.';
$wb['app_theme_regex'] = 'Invalid chars in App theme.';
$wb['otp_auth_txt'] = '2-Factor Authentication';
......@@ -34,4 +34,5 @@ $wb['username_error_collision'] = 'Der Benutzername darf nicht <b>web<b> oder <b
$wb['client_not_admin_err'] = 'A user that belongs to a client can not be set to type: admin';
$wb['lost_password_function_txt'] = 'Passwort vergessen Funktion steht zur Verfügung';
$wb['no_user_insert'] = 'CP-Users of type -user- get added and updated automatically when you add a client or reseller.';
$wb['otp_auth_txt'] = '2-Factor Authentication';
?>
......@@ -34,4 +34,5 @@ $wb['username_error_collision'] = 'Brugernavn må ikke være web eller web plus
$wb['client_not_admin_err'] = 'En bruger der hører til en klient kan ikke indstilles til typen: admin';
$wb['lost_password_function_txt'] = 'Forgot password function is available';
$wb['no_user_insert'] = 'CP-Users of type -user- get added and updated automatically when you add a client or reseller.';
$wb['otp_auth_txt'] = '2-Factor Authentication';
?>
......@@ -34,4 +34,5 @@ $wb['username_error_collision'] = 'The username may not be web or web plus a num
$wb['client_not_admin_err'] = 'A user that belongs to a client can not be set to type: admin';
$wb['lost_password_function_txt'] = 'Forgot password function is available';
$wb['no_user_insert'] = 'CP-Users of type -user- get added and updated automatically when you add a client or reseller.';
$wb['otp_auth_txt'] = '2-Factor Authentication';
?>
......@@ -38,4 +38,5 @@ $wb['startmodule_empty'] = 'Startmodule empty.';
$wb['startmodule_regex'] = 'Invalid chars in Startmodule.';
$wb['app_theme_empty'] = 'App theme empty.';
$wb['app_theme_regex'] = 'Invalid chars in App theme.';
$wb['otp_auth_txt'] = '2-Factor Authentication';
?>
......@@ -34,4 +34,5 @@ $wb['username_txt'] = 'Nombre de usuario';
$wb['username_unique'] = 'Ya existe un usuario con ese nombre de usuario.';
$wb['vorname_txt'] = 'Primer nombre';
$wb['no_user_insert'] = 'CP-Users of type -user- get added and updated automatically when you add a client or reseller.';
$wb['otp_auth_txt'] = '2-Factor Authentication';
?>
......@@ -34,4 +34,5 @@ $wb['username_error_collision'] = 'The username may not be web or web plus a num
$wb['client_not_admin_err'] = 'A user that belongs to a client can not be set to type: admin';
$wb['lost_password_function_txt'] = 'Forgot password function is available';
$wb['no_user_insert'] = 'CP-Users of type -user- get added and updated automatically when you add a client or reseller.';
$wb['otp_auth_txt'] = '2-Factor Authentication';
?>
......@@ -34,4 +34,5 @@ $wb['username_error_collision'] = 'Le nom d\'utilisateur ne peut pas commencer p
$wb['client_not_admin_err'] = 'Un utilisateur affilié à un client ne peut pas être changé en type admin';
$wb['lost_password_function_txt'] = 'La fonction mot de passe oublié est disponible';
$wb['no_user_insert'] = 'CP-Users of type -user- get added and updated automatically when you add a client or reseller.';
$wb['otp_auth_txt'] = '2-Factor Authentication';
?>
......@@ -34,4 +34,5 @@ $wb['username_error_collision'] = 'Korisničko ime ne može biti web ili web sa
$wb['client_not_admin_err'] = 'Korisnik koji je u grupi klijenti ne može biti admin';
$wb['lost_password_function_txt'] = 'Forgot password function is available';
$wb['no_user_insert'] = 'CP-Users of type -user- get added and updated automatically when you add a client or reseller.';
$wb['otp_auth_txt'] = '2-Factor Authentication';
?>
......@@ -34,4 +34,5 @@ $wb['username_error_collision'] = 'The username may not be web or web plus a num
$wb['client_not_admin_err'] = 'A user that belongs to a client can not be set to type: admin';
$wb['lost_password_function_txt'] = 'Forgot password function is available';
$wb['no_user_insert'] = 'CP-Users of type -user- get added and updated automatically when you add a client or reseller.';
$wb['otp_auth_txt'] = '2-Factor Authentication';
?>
......@@ -34,4 +34,5 @@ $wb['username_error_collision'] = 'The username may not be web or web plus a num
$wb['client_not_admin_err'] = 'A user that belongs to a client can not be set to type: admin';
$wb['lost_password_function_txt'] = 'Forgot password function is available';
$wb['no_user_insert'] = 'CP-Users of type -user- get added and updated automatically when you add a client or reseller.';
$wb['otp_auth_txt'] = '2-Factor Authentication';
?>
......@@ -34,4 +34,5 @@ $wb['username_error_collision'] = 'Il nome utente non può essere web o web+un n
$wb['client_not_admin_err'] = 'Un utente che appartiene ad un cliente non può essere del tipo: admin';
$wb['lost_password_function_txt'] = 'La funzione password dimenticata è disponibile';
$wb['no_user_insert'] = 'CP-Utente di tipo -utente- viene aggiunto automaticamente quando aggiungi un cliente o un rivenditore.';
$wb['otp_auth_txt'] = '2-Factor Authentication';
?>
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment