|
1
|
|
|
<?php |
|
2
|
|
|
|
|
3
|
|
|
namespace Firesphere\YubiAuth\Extensions; |
|
4
|
|
|
|
|
5
|
|
|
use SilverStripe\Dev\Debug; |
|
6
|
|
|
use SilverStripe\Forms\CheckboxField; |
|
7
|
|
|
use SilverStripe\Forms\FieldList; |
|
8
|
|
|
use SilverStripe\Forms\NumericField; |
|
9
|
|
|
use SilverStripe\Forms\ReadonlyField; |
|
10
|
|
|
use SilverStripe\ORM\DataExtension; |
|
11
|
|
|
|
|
12
|
|
|
/** |
|
13
|
|
|
* Class YubiAuthMemberExtension |
|
14
|
|
|
* |
|
15
|
|
|
* Enable yubikey authentication disabling temporarily |
|
16
|
|
|
* |
|
17
|
|
|
* @property \Firesphere\YubiAuth\Extensions\MemberExtension|\SilverStripe\Security\Member $owner |
|
18
|
|
|
* @property boolean $YubiAuthEnabled |
|
19
|
|
|
* @property string $Yubikey |
|
20
|
|
|
* @property int $NoYubikeyCount |
|
21
|
|
|
*/ |
|
22
|
|
|
class MemberExtension extends DataExtension |
|
23
|
|
|
{ |
|
24
|
|
|
private static $db = [ |
|
|
|
|
|
|
25
|
|
|
'YubiAuthEnabled' => 'Boolean(true)', |
|
26
|
|
|
'Yubikey' => 'Varchar(16)', |
|
27
|
|
|
'NoYubikeyCount' => 'Int' |
|
28
|
|
|
]; |
|
29
|
|
|
|
|
30
|
|
|
private static $defaults = [ |
|
|
|
|
|
|
31
|
|
|
'YubiAuthEnabled' => true |
|
32
|
|
|
]; |
|
33
|
|
|
|
|
34
|
|
|
private static $indexes = [ |
|
|
|
|
|
|
35
|
|
|
'Yubikey' => 'unique("Yubikey")' // The Yubikey Signature is unique for every Yubikey. |
|
36
|
|
|
]; |
|
37
|
|
|
|
|
38
|
|
|
/** |
|
39
|
|
|
* @inheritdoc |
|
40
|
|
|
* @param array $labels |
|
41
|
|
|
*/ |
|
42
|
|
|
public function updateFieldLabels(&$labels) |
|
43
|
|
|
{ |
|
44
|
|
|
parent::updateFieldLabels($labels); |
|
45
|
|
|
$labels['YubiAuthEnabled'] = _t('YubikeyAuthenticator.ENABLED', 'Yubikey Authentication Enabled'); |
|
46
|
|
|
$labels['Yubikey'] = _t('YubikeyAuthenticator.YUBIKEY', 'Yubikey code'); |
|
47
|
|
|
$labels['NoYubikeyCount'] = _t('YubikeyAuthenticator.NOYUBIKEYCOUNT', 'Login count without yubikey'); |
|
48
|
|
|
} |
|
49
|
|
|
|
|
50
|
|
|
/** |
|
51
|
|
|
* @inheritdoc |
|
52
|
|
|
* @param FieldList $fields |
|
53
|
|
|
*/ |
|
54
|
|
|
public function updateCMSFields(FieldList $fields) |
|
55
|
|
|
{ |
|
56
|
|
|
$fields->removeByName(['NoYubikeyCount', 'Yubikey', 'YubiAuthEnabled']); |
|
57
|
|
|
$yubiCount = NumericField::create('NoYubikeyCount', $this->owner->fieldLabel('NoYubikeyCount')); |
|
|
|
|
|
|
58
|
|
|
if ($this->owner->YubiAuthEnabled) { |
|
59
|
|
|
$yubiCount->setReadonly(true); |
|
60
|
|
|
} |
|
61
|
|
|
$yubiField = ReadonlyField::create('Yubikey', $this->owner->fieldLabel('Yubikey')); |
|
62
|
|
|
$yubiField->setDescription( |
|
63
|
|
|
_t( |
|
64
|
|
|
'YubikeyAuthenticator.YUBIKEYDESCRIPTION', |
|
65
|
|
|
'Unique identifier string for the Yubikey. Will reset when the Yubikey Authentication is disabled' |
|
66
|
|
|
) |
|
67
|
|
|
); |
|
68
|
|
|
|
|
69
|
|
|
$yubiAuth = CheckboxField::create('YubiAuthEnabled', $this->owner->fieldLabel('YubiAuthEnabled')); |
|
70
|
|
|
$yubiAuth->setDescription( |
|
71
|
|
|
_t( |
|
72
|
|
|
'YubikeyAuthenticator.ENABLEDDESCRIPTION', |
|
73
|
|
|
'If the user is new and doesn\'t have a Yubikey yet, you can disable the auth temporarily' |
|
74
|
|
|
) |
|
75
|
|
|
); |
|
76
|
|
|
|
|
77
|
|
|
$fields->addFieldsToTab('Root.Main', [$yubiCount, $yubiField, $yubiAuth], 'DirectGroups'); |
|
78
|
|
|
} |
|
79
|
|
|
|
|
80
|
|
|
/** |
|
81
|
|
|
* @inheritdoc |
|
82
|
|
|
*/ |
|
83
|
|
|
public function onBeforeWrite() |
|
84
|
|
|
{ |
|
85
|
|
|
// Empty the yubikey field on member write, if the yubiauth is not required |
|
86
|
|
|
// Maybe the user lost the key? So a new one will be set next time it's logged in with key |
|
87
|
|
|
if (!$this->owner->YubiAuthEnabled) { |
|
88
|
|
|
$this->owner->Yubikey = ''; |
|
89
|
|
|
} |
|
90
|
|
|
} |
|
91
|
|
|
} |
|
92
|
|
|
|
Firesphere /
silverstripe-yubiauth
Loading history...
