Business/ManagePanel
2
0
Fork 1
Code Issues 1 Pull Requests Releases Wiki Activity

Add 2-factor auth reset button to user editor

Browse Source
This commit is contained in:
Skylar Ittner 2017-06-19 23:10:00 -06:00
parent 70538aa509
commit cd5f4bccf9
7 changed files with 36 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
action.php
View File

@ -80,6 +80,14 @@ switch ($VARS['action']) {
$database->delete('accounts', ['uid' => $VARS['id']]);
insertAuthLog(16, $_SESSION['uid'], $olddata['username'] . ", " . $olddata['realname'] . ", " . $olddata['email'] . ", " . $olddata['acctstatus']);
returnToSender("user_deleted");
case "rmtotp":
if ($database->has('accounts', ['uid' => $VARS['id']]) !== TRUE) {
returnToSender("invalid_userid");
}
$u = $database->get('accounts', 'username', ['uid' => $VARS['id']]);
$database->update('accounts', ["authsecret" => null], ['uid' => $VARS['id']]);
insertAuthLog(10, $_SESSION['uid'], $u);
returnToSender("2fa_removed");
case "clearlog":
$rows = $database->count('authlog');
$database->delete('authlog');

6
lang/en_us.php
View File

@ -81,5 +81,9 @@ define("STRINGS", [
"permission does not exist" => "Permission does not exist.",
"really delete permission" => "Are you sure you want to revoke this permission?",
"permission added" => "Permission assigned.",
"permission deleted" => "Permission deleted."
"permission deleted" => "Permission deleted.",
"remove 2fa" => "Reset 2FA",
"action performed by" => "Action performed by {user}",
"2fa removed" => "2-factor authentication removed.",
"2fa" => "2FA"
]);

4
lang/messages.php
View File

@ -53,4 +53,8 @@ define("MESSAGES", [
"string" => "permission deleted",
"type" => "success"
],
"2fa_removed" => [
"string" => "2fa removed",
"type" => "success"
]
]);

7
lib/getusertable.php
View File

@ -30,9 +30,12 @@ switch ($VARS['order'][0]['column']) {
$order = ["email" => $sortby];
break;
case 5:
$order = ["statuscode" => $sortby];
$order = ["authsecret" => $sortby];
break;
case 6:
$order = ["statuscode" => $sortby];
break;
case 7:
$order = ["typecode" => $sortby];
break;
}
@ -67,6 +70,7 @@ $users = $database->select('accounts', [
'username',
'realname',
'email',
'authsecret (2fa)',
'acctstatus',
'statuscode',
'accttype',
@ -85,6 +89,7 @@ if ($filter) {
}
$out['recordsFiltered'] = $recordsFiltered;
for ($i = 0; $i < count($users); $i++) {
$users[$i]["2fa"] = (is_empty($users[$i]["2fa"]) ? false : true);
$users[$i]["editbtn"] = '<a class="btn btn-blue btn-xs" href="app.php?page=edituser&id=' . $users[$i]['uid'] . '"><i class="fa fa-pencil-square-o"></i> ' . lang("edit", false) . '</a>';
}
$out['users'] = $users;

11
pages/edituser.php
View File

@ -10,6 +10,7 @@ $userdata = [
'username' => '',
'realname' => '',
'email' => '',
'authsecret' => '',
'acctstatus' => '',
'typecode' => 'LOCAL'
];
@ -24,6 +25,7 @@ if (!is_empty($VARS['id'])) {
'username',
'realname',
'email',
'authsecret',
'acctstatus',
'typecode'
], [
@ -126,11 +128,18 @@ if ($userdata['typecode'] != "LOCAL") {
<button type="submit" class="btn btn-success"><i class="fa fa-floppy-o"></i> <?php lang("save"); ?></button>
<?php
if ($editing) {
echo "<span class=\"pull-right\">";
if (!is_empty($userdata['authsecret'])) {
?>
<a href="app.php?page=deluser&id=<?php echo htmlspecialchars($VARS['id']); ?>" style="margin-top: 8px;" class="btn btn-danger btn-xs pull-right"><i class="fa fa-times"></i> <?php lang('delete'); ?></a>
<a href="action.php?action=rmtotp&source=users&id=<?php echo htmlspecialchars($VARS['id']); ?>" style="margin-top: 8px;" class="btn btn-warning btn-xs"><i class="fa fa-unlock"></i> <?php lang('remove 2fa'); ?></a> &nbsp; &nbsp;
<?php
}
?>
<a href="app.php?page=deluser&id=<?php echo htmlspecialchars($VARS['id']); ?>" style="margin-top: 8px;" class="btn btn-danger btn-xs"><i class="fa fa-times"></i> <?php lang('delete'); ?></a>
<?php
echo "</span>";
}
?>
</div>
</div>
</form>

2
pages/users.php
View File

@ -14,6 +14,7 @@ redirectifnotloggedin();
<th data-priority="1"><i class="fa fa-fw fa-user"></i> <?php lang('name'); ?></th>
<th data-priority="2"><i class="fa fa-fw fa-id-badge"></i> <?php lang('username'); ?></th>
<th data-priority="3"><i class="fa fa-fw fa-envelope"></i> <?php lang('email'); ?></th>
<th data-priority="4"><i class="fa fa-fw fa-lock"></i> <?php lang('2fa'); ?></th>
<th data-priority="3"><i class="fa fa-fw fa-check-circle"></i> <?php lang('status'); ?></th>
<th data-priority="4"><i class="fa fa-fw fa-server"></i> <?php lang('type'); ?></th>
</tr>
@ -57,6 +58,7 @@ redirectifnotloggedin();
<th data-priority="1"><i class="fa fa-fw fa-user"></i> <?php lang('name'); ?></th>
<th data-priority="2"><i class="fa fa-fw fa-id-badge"></i> <?php lang('username'); ?></th>
<th data-priority="3"><i class="fa fa-fw fa-envelope"></i> <?php lang('email'); ?></th>
<th data-priority="4"><i class="fa fa-fw fa-lock"></i> <?php lang('2fa'); ?></th>
<th data-priority="3"><i class="fa fa-fw fa-check-circle"></i> <?php lang('status'); ?></th>
<th data-priority="4"><i class="fa fa-fw fa-server"></i> <?php lang('type'); ?></th>
</tfoot>

1
static/js/users.js
View File

@ -40,6 +40,7 @@ $('#usertable').DataTable({
row.realname,
row.username,
row.email,
(row['2fa'] == true ? "<i class='fa fa-check'></i>" : "<i class='fa fa-times'></i>"),
row.statuscode,
row.typecode
]);