AS1024
/
Kanboard-Prod
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Reset failed login counter and unlock user when changing password

This commit is contained in:
Frederic Guillot 2016-05-18 21:27:36 -04:00
parent 0830fe22b7
commit bfd59d9e54
11 changed files with 214 additions and 147 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
ChangeLog
View File

@ -10,6 +10,7 @@ New features:
Improvements:
* Reset failed login counter and unlock user when changing password
* Task do not open anymore in a new window on the Gantt chart
* Do not display task progress for tasks with no start/end date
* Use Gulp and Bower to manage assets

109
app/Controller/UserCredentialController.php Normal file
View File

@ -0,0 +1,109 @@
<?php
namespace Kanboard\Controller;
/**
* Class UserCredentialController
*
* @package Kanboard\Controller
* @author Frederic Guillot
*/
class UserCredentialController extends BaseController
{
/**
* Password modification form
*
* @access public
* @param array $values
* @param array $errors
* @throws \Kanboard\Core\Controller\AccessForbiddenException
* @throws \Kanboard\Core\Controller\PageNotFoundException
*/
public function changePassword(array $values = array(), array $errors = array())
{
$user = $this->getUser();
return $this->response->html($this->helper->layout->user('user_credential/password', array(
'values' => $values + array('id' => $user['id']),
'errors' => $errors,
'user' => $user,
)));
}
/**
* Save new password
*
* @throws \Kanboard\Core\Controller\AccessForbiddenException
* @throws \Kanboard\Core\Controller\PageNotFoundException
*/
public function savePassword()
{
$user = $this->getUser();
$values = $this->request->getValues();
list($valid, $errors) = $this->userValidator->validatePasswordModification($values);
if ($valid) {
if ($this->user->update($values)) {
$this->flash->success(t('Password modified successfully.'));
$this->userLocking->resetFailedLogin($user['username']);
} else {
$this->flash->failure(t('Unable to change the password.'));
}
return $this->response->redirect($this->helper->url->to('UserViewController', 'show', array('user_id' => $user['id'])));
}
return $this->changePassword($values, $errors);
}
/**
* Display a form to edit authentication
*
* @access public
* @param array $values
* @param array $errors
* @throws \Kanboard\Core\Controller\AccessForbiddenException
* @throws \Kanboard\Core\Controller\PageNotFoundException
*/
public function changeAuthentication(array $values = array(), array $errors = array())
{
$user = $this->getUser();
if (empty($values)) {
$values = $user;
unset($values['password']);
}
return $this->response->html($this->helper->layout->user('user_credential/authentication', array(
'values' => $values,
'errors' => $errors,
'user' => $user,
)));
}
/**
* Save authentication
*
* @throws \Kanboard\Core\Controller\AccessForbiddenException
* @throws \Kanboard\Core\Controller\PageNotFoundException
*/
public function saveAuthentication()
{
$user = $this->getUser();
$values = $this->request->getValues() + array('disable_login_form' => 0, 'is_ldap_user' => 0);
list($valid, $errors) = $this->userValidator->validateModification($values);
if ($valid) {
if ($this->user->update($values)) {
$this->flash->success(t('User updated successfully.'));
} else {
$this->flash->failure(t('Unable to update your user.'));
}
return $this->response->redirect($this->helper->url->to('UserCredentialController', 'changeAuthentication', array('user_id' => $user['id'])));
}
return $this->changeAuthentication($values, $errors);
}
}

69
app/Controller/UserModificationController.php Normal file
View File

@ -0,0 +1,69 @@
<?php
namespace Kanboard\Controller;
/**
* Class UserModificationController
*
* @package Kanboard\Controller
* @author Frederic Guillot
*/
class UserModificationController extends BaseController
{
/**
* Display a form to edit user information
*
* @access public
* @param array $values
* @param array $errors
* @throws \Kanboard\Core\Controller\AccessForbiddenException
* @throws \Kanboard\Core\Controller\PageNotFoundException
*/
public function show(array $values = array(), array $errors = array())
{
$user = $this->getUser();
if (empty($values)) {
$values = $user;
unset($values['password']);
}
return $this->response->html($this->helper->layout->user('user_modification/show', array(
'values' => $values,
'errors' => $errors,
'user' => $user,
'timezones' => $this->timezone->getTimezones(true),
'languages' => $this->language->getLanguages(true),
'roles' => $this->role->getApplicationRoles(),
)));
}
/**
* Save user information
*/
public function save()
{
$user = $this->getUser();
$values = $this->request->getValues();
if (! $this->userSession->isAdmin()) {
if (isset($values['role'])) {
unset($values['role']);
}
}
list($valid, $errors) = $this->userValidator->validateModification($values);
if ($valid) {
if ($this->user->update($values)) {
$this->flash->success(t('User updated successfully.'));
} else {
$this->flash->failure(t('Unable to update your user.'));
}
return $this->response->redirect($this->helper->url->to('UserViewController', 'show', array('user_id' => $user['id'])));
}
return $this->show($values, $errors);
}
}

141
app/Controller/UserViewController.php
View File

@ -29,7 +29,7 @@ class UserViewController extends BaseController
$this->response->html($this->helper->layout->app('user_view/profile', array(
'title' => $user['name'] ?: $user['username'],
'user' => $user,
'user' => $user,
)));
}
@ -42,7 +42,7 @@ class UserViewController extends BaseController
{
$user = $this->getUser();
$this->response->html($this->helper->layout->user('user_view/show', array(
'user' => $user,
'user' => $user,
'timezones' => $this->timezone->getTimezones(true),
'languages' => $this->language->getLanguages(true),
)));
@ -67,7 +67,7 @@ class UserViewController extends BaseController
$this->response->html($this->helper->layout->user('user_view/timesheet', array(
'subtask_paginator' => $subtask_paginator,
'user' => $user,
'user' => $user,
)));
}
@ -81,7 +81,7 @@ class UserViewController extends BaseController
$user = $this->getUser();
$this->response->html($this->helper->layout->user('user_view/password_reset', array(
'tokens' => $this->passwordReset->getAll($user['id']),
'user' => $user,
'user' => $user,
)));
}
@ -95,7 +95,7 @@ class UserViewController extends BaseController
$user = $this->getUser();
$this->response->html($this->helper->layout->user('user_view/last', array(
'last_logins' => $this->lastLogin->getAll($user['id']),
'user' => $user,
'user' => $user,
)));
}
@ -109,7 +109,7 @@ class UserViewController extends BaseController
$user = $this->getUser();
$this->response->html($this->helper->layout->user('user_view/sessions', array(
'sessions' => $this->rememberMeSession->getAll($user['id']),
'user' => $user,
'user' => $user,
)));
}
@ -143,11 +143,11 @@ class UserViewController extends BaseController
}
return $this->response->html($this->helper->layout->user('user_view/notifications', array(
'projects' => $this->projectUserRole->getProjectsByUser($user['id'], array(ProjectModel::ACTIVE)),
'projects' => $this->projectUserRole->getProjectsByUser($user['id'], array(ProjectModel::ACTIVE)),
'notifications' => $this->userNotification->readSettings($user['id']),
'types' => $this->userNotificationType->getTypes(),
'filters' => $this->userNotificationFilter->getFilters(),
'user' => $user,
'types' => $this->userNotificationType->getTypes(),
'filters' => $this->userNotificationFilter->getFilters(),
'user' => $user,
)));
}
@ -168,7 +168,7 @@ class UserViewController extends BaseController
}
$this->response->html($this->helper->layout->user('user_view/integrations', array(
'user' => $user,
'user' => $user,
'values' => $this->userMetadata->getAll($user['id']),
)));
}
@ -183,7 +183,7 @@ class UserViewController extends BaseController
$user = $this->getUser();
$this->response->html($this->helper->layout->user('user_view/external', array(
'last_logins' => $this->lastLogin->getAll($user['id']),
'user' => $user,
'user' => $user,
)));
}
@ -200,7 +200,7 @@ class UserViewController extends BaseController
if ($switch === 'enable' || $switch === 'disable') {
$this->checkCSRFParam();
if ($this->user->{$switch.'PublicAccess'}($user['id'])) {
if ($this->user->{$switch . 'PublicAccess'}($user['id'])) {
$this->flash->success(t('User updated successfully.'));
} else {
$this->flash->failure(t('Unable to update this user.'));
@ -210,121 +210,8 @@ class UserViewController extends BaseController
}
return $this->response->html($this->helper->layout->user('user_view/share', array(
'user' => $user,
'user' => $user,
'title' => t('Public access'),
)));
}
/**
* Password modification
*
* @access public
*/
public function password()
{
$user = $this->getUser();
$values = array('id' => $user['id']);
$errors = array();
if ($this->request->isPost()) {
$values = $this->request->getValues();
list($valid, $errors) = $this->userValidator->validatePasswordModification($values);
if ($valid) {
if ($this->user->update($values)) {
$this->flash->success(t('Password modified successfully.'));
} else {
$this->flash->failure(t('Unable to change the password.'));
}
return $this->response->redirect($this->helper->url->to('UserViewController', 'show', array('user_id' => $user['id'])));
}
}
return $this->response->html($this->helper->layout->user('user_view/password', array(
'values' => $values,
'errors' => $errors,
'user' => $user,
)));
}
/**
* Display a form to edit a user
*
* @access public
*/
public function edit()
{
$user = $this->getUser();
$values = $user;
$errors = array();
unset($values['password']);
if ($this->request->isPost()) {
$values = $this->request->getValues();
if (! $this->userSession->isAdmin()) {
if (isset($values['role'])) {
unset($values['role']);
}
}
list($valid, $errors) = $this->userValidator->validateModification($values);
if ($valid) {
if ($this->user->update($values)) {
$this->flash->success(t('User updated successfully.'));
} else {
$this->flash->failure(t('Unable to update your user.'));
}
return $this->response->redirect($this->helper->url->to('UserViewController', 'show', array('user_id' => $user['id'])));
}
}
return $this->response->html($this->helper->layout->user('user_view/edit', array(
'values' => $values,
'errors' => $errors,
'user' => $user,
'timezones' => $this->timezone->getTimezones(true),
'languages' => $this->language->getLanguages(true),
'roles' => $this->role->getApplicationRoles(),
)));
}
/**
* Display a form to edit authentication
*
* @access public
*/
public function authentication()
{
$user = $this->getUser();
$values = $user;
$errors = array();
unset($values['password']);
if ($this->request->isPost()) {
$values = $this->request->getValues() + array('disable_login_form' => 0, 'is_ldap_user' => 0);
list($valid, $errors) = $this->userValidator->validateModification($values);
if ($valid) {
if ($this->user->update($values)) {
$this->flash->success(t('User updated successfully.'));
} else {
$this->flash->failure(t('Unable to update your user.'));
}
return $this->response->redirect($this->helper->url->to('UserViewController', 'authentication', array('user_id' => $user['id'])));
}
}
return $this->response->html($this->helper->layout->user('user_view/authentication', array(
'values' => $values,
'errors' => $errors,
'user' => $user,
)));
}
}

2
app/ServiceProvider/AuthenticationProvider.php
View File

@ -143,7 +143,7 @@ class AuthenticationProvider implements ServiceProviderInterface
$acl->add('UserCreationController', '*', Role::APP_ADMIN);
$acl->add('UserListController', '*', Role::APP_ADMIN);
$acl->add('UserStatusController', '*', Role::APP_ADMIN);
$acl->add('UserViewController', array('authentication'), Role::APP_ADMIN);
$acl->add('UserCredentialController', array('changeAuthentication', 'saveAuthentication'), Role::APP_ADMIN);
return $acl;
}

6
app/ServiceProvider/RouteProvider.php
View File

@ -149,13 +149,13 @@ class RouteProvider implements ServiceProviderInterface
$container['route']->addRoute('user/show/:user_id/timesheet', 'UserViewController', 'timesheet');
$container['route']->addRoute('user/show/:user_id/last-logins', 'UserViewController', 'lastLogin');
$container['route']->addRoute('user/show/:user_id/sessions', 'UserViewController', 'sessions');
$container['route']->addRoute('user/:user_id/edit', 'UserViewController', 'edit');
$container['route']->addRoute('user/:user_id/password', 'UserViewController', 'password');
$container['route']->addRoute('user/:user_id/edit', 'UserModificationController', 'show');
$container['route']->addRoute('user/:user_id/password', 'UserCredentialController', 'changePassword');
$container['route']->addRoute('user/:user_id/share', 'UserViewController', 'share');
$container['route']->addRoute('user/:user_id/notifications', 'UserViewController', 'notifications');
$container['route']->addRoute('user/:user_id/accounts', 'UserViewController', 'external');
$container['route']->addRoute('user/:user_id/integrations', 'UserViewController', 'integrations');
$container['route']->addRoute('user/:user_id/authentication', 'UserViewController', 'authentication');
$container['route']->addRoute('user/:user_id/authentication', 'UserCredentialController', 'changeAuthentication');
$container['route']->addRoute('user/:user_id/2fa', 'twofactor', 'index');
$container['route']->addRoute('user/:user_id/avatar', 'AvatarFile', 'show');

2
app/Template/user_view/authentication.php → app/Template/user_credential/authentication.php
View File

@ -1,7 +1,7 @@
<div class="page-header">
<h2><?= t('Edit Authentication') ?></h2>
</div>
<form method="post" action="<?= $this->url->href('UserViewController', 'authentication', array('user_id' => $user['id'])) ?>" autocomplete="off">
<form method="post" action="<?= $this->url->href('UserCredentialController', 'saveAuthentication', array('user_id' => $user['id'])) ?>" autocomplete="off">
<?= $this->form->csrf() ?>
<?= $this->form->hidden('id', $values) ?>

9
app/Template/user_view/password.php → app/Template/user_credential/password.php
View File

@ -2,15 +2,12 @@
<h2><?= t('Password modification') ?></h2>
</div>
<form method="post" action="<?= $this->url->href('UserViewController', 'password', array('user_id' => $user['id'])) ?>" autocomplete="off">
<form method="post" action="<?= $this->url->href('UserCredentialController', 'savePassword', array('user_id' => $user['id'])) ?>" autocomplete="off">
<?= $this->form->hidden('id', $values) ?>
<?= $this->form->csrf() ?>
<div class="alert alert-error">
<?= $this->form->label(t('Current password for the user "%s"', $this->user->getFullname()), 'current_password') ?>
<?= $this->form->password('current_password', $values, $errors) ?>
</div>
<?= $this->form->label(t('Current password for the user "%s"', $this->user->getFullname()), 'current_password') ?>
<?= $this->form->password('current_password', $values, $errors) ?>
<?= $this->form->label(t('New password for the user "%s"', $this->user->getFullname($user)), 'password') ?>
<?= $this->form->password('password', $values, $errors) ?>

2
app/Template/user_view/edit.php → app/Template/user_modification/show.php
View File

@ -1,7 +1,7 @@
<div class="page-header">
<h2><?= t('Edit user') ?></h2>
</div>
<form method="post" action="<?= $this->url->href('UserViewController', 'edit', array('user_id' => $user['id'])) ?>" autocomplete="off">
<form method="post" action="<?= $this->url->href('UserModificationController', 'save', array('user_id' => $user['id'])) ?>" autocomplete="off">
<?= $this->form->csrf() ?>

4
app/Template/user_view/show.php
View File

@ -15,6 +15,10 @@
<li><?= t('Role:') ?> <strong><?= $this->user->getRoleName($user['role']) ?></strong></li>
<li><?= t('Account type:') ?> <strong><?= $user['is_ldap_user'] ? t('Remote') : t('Local') ?></strong></li>
<li><?= $user['twofactor_activated'] == 1 ? t('Two factor authentication enabled') : t('Two factor authentication disabled') ?></li>
<li><?= t('Number of failed login:') ?> <strong><?= $user['nb_failed_login'] ?></strong></li>
<?php if ($user['lock_expiration_date'] != 0): ?>
<li><?= t('Account locked until:') ?> <strong><?= $this->dt->datetime($user['lock_expiration_date']) ?></strong></li>
<?php endif ?>
</ul>
<div class="page-header">

16
app/Template/user_view/sidebar.php
View File

@ -33,9 +33,9 @@
<ul>
<?php if ($this->user->isAdmin() || $this->user->isCurrentUser($user['id'])): ?>
<?php if ($this->user->hasAccess('UserViewController', 'edit')): ?>
<li <?= $this->app->checkMenuSelection('UserViewController', 'edit') ?>>
<?= $this->url->link(t('Edit profile'), 'UserViewController', 'edit', array('user_id' => $user['id'])) ?>
<?php if ($this->user->hasAccess('UserModificationController', 'show')): ?>
<li <?= $this->app->checkMenuSelection('UserModificationController', 'show') ?>>
<?= $this->url->link(t('Edit profile'), 'UserModificationController', 'show', array('user_id' => $user['id'])) ?>
</li>
<li <?= $this->app->checkMenuSelection('AvatarFile') ?>>
<?= $this->url->link(t('Avatar'), 'AvatarFile', 'show', array('user_id' => $user['id'])) ?>
@ -43,8 +43,8 @@
<?php endif ?>
<?php if ($user['is_ldap_user'] == 0): ?>
<li <?= $this->app->checkMenuSelection('UserViewController', 'password') ?>>
<?= $this->url->link(t('Change password'), 'UserViewController', 'password', array('user_id' => $user['id'])) ?>
<li <?= $this->app->checkMenuSelection('UserCredentialController', 'changePassword') ?>>
<?= $this->url->link(t('Change password'), 'UserCredentialController', 'changePassword', array('user_id' => $user['id'])) ?>
</li>
<?php endif ?>
@ -72,9 +72,9 @@
</li>
<?php endif ?>
<?php if ($this->user->hasAccess('UserViewController', 'authentication')): ?>
<li <?= $this->app->checkMenuSelection('UserViewController', 'authentication') ?>>
<?= $this->url->link(t('Edit Authentication'), 'UserViewController', 'authentication', array('user_id' => $user['id'])) ?>
<?php if ($this->user->hasAccess('UserCredentialController', 'changeAuthentication')): ?>
<li <?= $this->app->checkMenuSelection('UserCredentialController', 'changeAuthentication') ?>>
<?= $this->url->link(t('Edit Authentication'), 'UserCredentialController', 'changeAuthentication', array('user_id' => $user['id'])) ?>
</li>
<?php endif ?>