Render QR code for TwoFactor authentication without Google Chart API

2017-03-09 21:24:04 -05:00
parent cbb4d0061e
commit 6d814566fb
7 changed files with 114 additions and 59 deletions
--- a/app/Controller/TwoFactorController.php
+++ b/app/Controller/TwoFactorController.php
@@ -3,6 +3,7 @@
 namespace Kanboard\Controller;

 use Kanboard\Core\Controller\AccessForbiddenException;
+use PHPQRCode;

 /**
 * Two Factor Auth controller
@@ -65,9 +66,8 @@ class TwoFactorController extends UserViewController
        }

        $this->response->html($this->helper->layout->user('twofactor/show', array(
-            'user' => $user,
-            'secret' => $this->sessionStorage->twoFactorSecret,
-            'qrcode_url' => $provider->getQrCodeUrl($label),
+            'user'    => $user,
+            'secret'  => $this->sessionStorage->twoFactorSecret,
            'key_url' => $provider->getKeyUrl($label),
        )));
    }
@@ -192,11 +192,28 @@ class TwoFactorController extends UserViewController
                'twofactor_secret' => '',
            ));

-            return $this->response->redirect($this->helper->url->to('UserViewController', 'show', array('user_id' => $user['id'])));
+            $this->response->redirect($this->helper->url->to('UserViewController', 'show', array('user_id' => $user['id'])));
+        } else {
+            $this->response->html($this->helper->layout->user('twofactor/disable', array(
+                'user' => $user,
+            )));
        }
+    }

-        return $this->response->html($this->helper->layout->user('twofactor/disable', array(
-            'user' => $user,
-        )));
+    /**
+     * Render QR Code image
+     */
+    public function qrcode()
+    {
+        if (isset($this->sessionStorage->twoFactorSecret)) {
+            $user = $this->getUser();
+            $provider = $this->authenticationManager->getPostAuthenticationProvider();
+            $provider->setSecret($this->sessionStorage->twoFactorSecret);
+            $url = $provider->getKeyUrl($user['email'] ?: $user['username']);
+
+            if (! empty($url)) {
+                PHPQRCode\QRcode::png($url, false, 'L', 6, 0);
+            }
+        }
    }
 }
--- a/app/Core/Security/PostAuthenticationProviderInterface.php
+++ b/app/Core/Security/PostAuthenticationProviderInterface.php
@@ -49,15 +49,6 @@ interface PostAuthenticationProviderInterface extends AuthenticationProviderInte
     */
    public function getSecret();

-    /**
-     * Get QR code url (empty if no QR can be provided)
-     *
-     * @access public
-     * @param  string $label
-     * @return string
-     */
-    public function getQrCodeUrl($label);
-
    /**
     * Get key url (empty if no url can be provided)
     *
--- a/app/Template/twofactor/show.php
+++ b/app/Template/twofactor/show.php
@@ -2,17 +2,14 @@
    <h2><?= t('Two factor authentication') ?></h2>
 </div>

-<?php if (! empty($secret) || ! empty($qrcode_url) || ! empty($key_url)): ?>
+<?php if (! empty($secret) || ! empty($key_url)): ?>
 <div class="panel">
    <?php if (! empty($secret)): ?>
        <p><?= t('Secret key: ') ?><strong><?= $this->text->e($secret) ?></strong></p>
    <?php endif ?>

-    <?php if (! empty($qrcode_url)): ?>
-        <p><br><img src="<?= $qrcode_url ?>"/><br><br></p>
-    <?php endif ?>
-
    <?php if (! empty($key_url)): ?>
+        <br><img src="<?= $this->url->href('TwoFactorController', 'qrcode') ?>"><br>
        <p><?= t('This QR code contains the key URI: ') ?><a href="<?= $this->text->e($key_url) ?>"><?= $this->text->e($key_url) ?></a></p>
    <?php endif ?>
 </div>