IntenseFinance/firefly-iii
3
0
Fork 0
mirror of https://github.com/firefly-iii/firefly-iii.git synced 2025-02-25 18:45:27 -06:00
Code Issues Packages Projects Releases Wiki Activity

Update 2FA and account activation

Browse Source
This commit is contained in:
James Cole 2016-03-29 12:14:01 +02:00
parent 742f2c8d9f
commit 87b36cf7e3
3 changed files with 29 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
app/Http/Kernel.php
View File

@ -47,6 +47,9 @@ class Kernel extends HttpKernel
*/
protected $middlewareGroups
= [
// does not check login
// does not check 2fa
// does not check activation
'web' => [
EncryptCookies::class,
AddQueuedCookiesToResponse::class,
@ -54,6 +57,9 @@ class Kernel extends HttpKernel
ShareErrorsFromSession::class,
VerifyCsrfToken::class,
],
// must be authenticated
// must be 2fa (if enabled)
// must be activated account
'web-auth' => [
EncryptCookies::class,
AddQueuedCookiesToResponse::class,
@ -64,6 +70,9 @@ class Kernel extends HttpKernel
AuthenticateTwoFactor::class,
IsConfirmed::class,
],
// must be authenticated
// must be 2fa (if enabled)
// must NOT be activated account
'web-auth-no-confirm' => [
EncryptCookies::class,
AddQueuedCookiesToResponse::class,
@ -74,6 +83,9 @@ class Kernel extends HttpKernel
AuthenticateTwoFactor::class,
IsNotConfirmed::class,
],
// must be authenticated
// does not care about 2fa
// must be confirmed.
'web-auth-no-two-factor' => [
EncryptCookies::class,
AddQueuedCookiesToResponse::class,
@ -84,6 +96,15 @@ class Kernel extends HttpKernel
RedirectIfTwoFactorAuthenticated::class,
IsConfirmed::class,
],
'web-auth-no-two-factor-any-confirm' => [
EncryptCookies::class,
AddQueuedCookiesToResponse::class,
StartSession::class,
ShareErrorsFromSession::class,
VerifyCsrfToken::class,
Authenticate::class,
RedirectIfTwoFactorAuthenticated::class,
],
'web-auth-range' => [
EncryptCookies::class,
AddQueuedCookiesToResponse::class,

10
app/Http/routes.php
View File

@ -1,7 +1,9 @@
<?php
declare(strict_types = 1);
// auth routes, i think
// does not check login
// does not check 2fa
// does not check activation
Route::group(
['middleware' => 'web'], function () {
@ -30,9 +32,11 @@ Route::group(
}
);
// routes that can be accessed without being logged using two factor.
// must be authenticated
// does not care about 2fa
// does not care about confirmation.
Route::group(
['middleware' => 'web-auth-no-two-factor'], function () {
['middleware' => 'web-auth-no-two-factor-any-confirm'], function () {
Route::get('/two-factor', ['uses' => 'Auth\TwoFactorController@index', 'as' => 'two-factor']);
Route::get('/lost-two-factor', ['uses' => 'Auth\TwoFactorController@lostTwoFactor', 'as' => 'lost-two-factor']);
Route::post('/two-factor', ['uses' => 'Auth\TwoFactorController@postIndex', 'as' => 'two-factor-post']);

2
resources/lang/en_US/firefly.php
View File

@ -68,7 +68,7 @@ return [
// account confirmation:
'confirm_account_header' => 'Please confirm your account',
'confirm_account_intro' => 'An email has been sent to the address you used during your registration. Please check it out for further instructions. If you did not get this message, you can have Firefly send it again.',
'confirm_account_resend_email' => 'Send me the confirmation message again.',
'confirm_account_resend_email' => 'Send me the confirmation message I need to activate my account.',
'account_is_confirmed' => 'Your account has been confirmed!',
'invalid_activation_code' => 'It seems the code you are using is not valid, or has expired.',
'confirm_account_is_resent_header' => 'The confirmation has been resent',