From 87b36cf7e3b33034d22413c376dd35f6bd5bba4a Mon Sep 17 00:00:00 2001 From: James Cole Date: Tue, 29 Mar 2016 12:14:01 +0200 Subject: [PATCH] Update 2FA and account activation --- app/Http/Kernel.php | 21 +++++++++++++++++++++ app/Http/routes.php | 10 +++++++--- resources/lang/en_US/firefly.php | 2 +- 3 files changed, 29 insertions(+), 4 deletions(-) diff --git a/app/Http/Kernel.php b/app/Http/Kernel.php index 178677fd06..32fbd669ee 100644 --- a/app/Http/Kernel.php +++ b/app/Http/Kernel.php @@ -47,6 +47,9 @@ class Kernel extends HttpKernel */ protected $middlewareGroups = [ + // does not check login + // does not check 2fa + // does not check activation 'web' => [ EncryptCookies::class, AddQueuedCookiesToResponse::class, @@ -54,6 +57,9 @@ class Kernel extends HttpKernel ShareErrorsFromSession::class, VerifyCsrfToken::class, ], + // must be authenticated + // must be 2fa (if enabled) + // must be activated account 'web-auth' => [ EncryptCookies::class, AddQueuedCookiesToResponse::class, @@ -64,6 +70,9 @@ class Kernel extends HttpKernel AuthenticateTwoFactor::class, IsConfirmed::class, ], + // must be authenticated + // must be 2fa (if enabled) + // must NOT be activated account 'web-auth-no-confirm' => [ EncryptCookies::class, AddQueuedCookiesToResponse::class, @@ -74,6 +83,9 @@ class Kernel extends HttpKernel AuthenticateTwoFactor::class, IsNotConfirmed::class, ], + // must be authenticated + // does not care about 2fa + // must be confirmed. 'web-auth-no-two-factor' => [ EncryptCookies::class, AddQueuedCookiesToResponse::class, @@ -84,6 +96,15 @@ class Kernel extends HttpKernel RedirectIfTwoFactorAuthenticated::class, IsConfirmed::class, ], + 'web-auth-no-two-factor-any-confirm' => [ + EncryptCookies::class, + AddQueuedCookiesToResponse::class, + StartSession::class, + ShareErrorsFromSession::class, + VerifyCsrfToken::class, + Authenticate::class, + RedirectIfTwoFactorAuthenticated::class, + ], 'web-auth-range' => [ EncryptCookies::class, AddQueuedCookiesToResponse::class, diff --git a/app/Http/routes.php b/app/Http/routes.php index 29899918e8..ce9a2c149c 100644 --- a/app/Http/routes.php +++ b/app/Http/routes.php @@ -1,7 +1,9 @@ 'web'], function () { @@ -30,9 +32,11 @@ Route::group( } ); -// routes that can be accessed without being logged using two factor. +// must be authenticated +// does not care about 2fa +// does not care about confirmation. Route::group( - ['middleware' => 'web-auth-no-two-factor'], function () { + ['middleware' => 'web-auth-no-two-factor-any-confirm'], function () { Route::get('/two-factor', ['uses' => 'Auth\TwoFactorController@index', 'as' => 'two-factor']); Route::get('/lost-two-factor', ['uses' => 'Auth\TwoFactorController@lostTwoFactor', 'as' => 'lost-two-factor']); Route::post('/two-factor', ['uses' => 'Auth\TwoFactorController@postIndex', 'as' => 'two-factor-post']); diff --git a/resources/lang/en_US/firefly.php b/resources/lang/en_US/firefly.php index 0d3ce1f274..f8c12fb411 100644 --- a/resources/lang/en_US/firefly.php +++ b/resources/lang/en_US/firefly.php @@ -68,7 +68,7 @@ return [ // account confirmation: 'confirm_account_header' => 'Please confirm your account', 'confirm_account_intro' => 'An email has been sent to the address you used during your registration. Please check it out for further instructions. If you did not get this message, you can have Firefly send it again.', - 'confirm_account_resend_email' => 'Send me the confirmation message again.', + 'confirm_account_resend_email' => 'Send me the confirmation message I need to activate my account.', 'account_is_confirmed' => 'Your account has been confirmed!', 'invalid_activation_code' => 'It seems the code you are using is not valid, or has expired.', 'confirm_account_is_resent_header' => 'The confirmation has been resent',