chris/pixelfed
1
0
Fork 0
forked from mirror/pixelfed
Code Pull requests Activity

Added trusted devices to sudo mode

Browse source
This commit is contained in:
Daniel Supernault 2020-03-14 22:35:35 -06:00
parent 8ffb20f57e
commit 0c82c97069
No known key found for this signature in database
GPG key ID: 0DEF1C662C9033F7
3 changed files with 22 additions and 12 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
app/Http/Controllers/AccountController.php
View file

@ -374,10 +374,13 @@ class AccountController extends Controller
public function sudoModeVerify(Request $request) public function sudoModeVerify(Request $request)
{ {
$this->validate($request, [ $this->validate($request, [
'password' => 'required|string|max:500' 'password' => 'required|string|max:500',
'trustDevice' => 'nullable'
]); ]);
$user = Auth::user(); $user = Auth::user();
$password = $request->input('password'); $password = $request->input('password');
$trustDevice = $request->input('trustDevice') == 'on';
$next = $request->session()->get('redirectNext', '/'); $next = $request->session()->get('redirectNext', '/');
if($request->session()->has('sudoModeAttempts')) { if($request->session()->has('sudoModeAttempts')) {
$count = (int) $request->session()->get('sudoModeAttempts'); $count = (int) $request->session()->get('sudoModeAttempts');
@ -387,6 +390,9 @@ class AccountController extends Controller
} }
if(password_verify($password, $user->password) === true) { if(password_verify($password, $user->password) === true) {
$request->session()->put('sudoMode', time()); $request->session()->put('sudoMode', time());
if($trustDevice == true) {
$request->session()->put('sudoTrustDevice', 1);
}
return redirect($next); return redirect($next);
} else { } else {
return redirect() return redirect()

2
app/Http/Middleware/DangerZone.php
View file

@ -25,7 +25,7 @@ class DangerZone
if(!Auth::check()) { if(!Auth::check()) {
return redirect(route('login')); return redirect(route('login'));
} }
if(!$request->is('i/auth/sudo')) { if(!$request->is('i/auth/sudo') && $request->session()->get('sudoTrustDevice') != 1) {
if( !$request->session()->has('sudoMode') ) { if( !$request->session()->has('sudoMode') ) {
$request->session()->put('redirectNext', $request->url()); $request->session()->put('redirectNext', $request->url());
return redirect('/i/auth/sudo'); return redirect('/i/auth/sudo');

24
resources/views/auth/sudo.blade.php
View file

@ -13,19 +13,23 @@
<form method="POST"> <form method="POST">
@csrf @csrf
<div class="form-group row"> <div class="form-group">
<input id="password" type="password" class="form-control{{ $errors->has('password') ? ' is-invalid' : '' }}" name="password" placeholder="{{__('Password')}}" required>
<div class="col-md-12"> @if ($errors->has('password'))
<input id="password" type="password" class="form-control{{ $errors->has('password') ? ' is-invalid' : '' }}" name="password" placeholder="{{__('Password')}}" required> <span class="invalid-feedback">
<strong>{{ $errors->first('password') }}</strong>
@if ($errors->has('password')) </span>
<span class="invalid-feedback"> @endif
<strong>{{ $errors->first('password') }}</strong>
</span>
@endif
</div>
</div> </div>
<div class="form-group">
<div class="custom-control custom-checkbox">
<input type="checkbox" class="custom-control-input" id="trusted-device" name="trustDevice">
<label class="custom-control-label text-muted" for="trusted-device">Don't ask me again, trust this device</label>
</div>
</div>
<div class="form-group row mb-0"> <div class="form-group row mb-0">
<div class="col-md-12"> <div class="col-md-12">
<button type="submit" class="btn btn-success btn-block font-weight-bold"> <button type="submit" class="btn btn-success btn-block font-weight-bold">