Adding OTP support

2013-08-10 20:58:59 -05:00
parent 5fc1c99ccf
commit 5926f62bd1
11 changed files with 554 additions and 8 deletions
--- a/indefero/src/IDF/Form/UserAccount.php
+++ b/indefero/src/IDF/Form/UserAccount.php
@@ -172,8 +172,25 @@ class IDF_Form_UserAccount  extends Pluf_Form
                                            'initial' => '',
                                            'help_text' => __('You will get an email to confirm that you own the address you specify.'),
                                            ));
+        $otp = "";
+        if ($user_data->otpkey != "")
+            $otp = Pluf_Utils::convBase($this->user->otpkey, '0123456789abcdef', 'abcdefghijklmnopqrstuvwxyz234567');
+        $this->fields['otpkey'] = new Pluf_Form_Field_Varchar(
+                                        array('required' => false,
+                                            'label' => __('Add a OTP Key'),
+                                            //'initial' => (!empty($user_data->otpkey)) ?  : "",
+                                            //'initial' => (string)(!empty($user_data->otpkey)),
+                                            'initial' => $otp,
+                                            'help_text' => __('Key must be in base32 for generated QRcode and import into Google Authenticator.'),
+                                            'widget_attrs' => array(
+                                                'maxlength' => 50,
+                                                'size' => 32,
+                                            ),
+                                        ));
    }

+
+
    private function send_validation_mail($new_email, $secondary_mail=false)
    {
        if ($secondary_mail) {
@@ -243,6 +260,8 @@ class IDF_Form_UserAccount  extends Pluf_Form
        }

        if ($commit) {
+            if ($this->cleaned_data["otpkey"] != "")
+                $this->user->otpkey = Pluf_Utils::convBase($this->cleaned_data["otpkey"], 'abcdefghijklmnopqrstuvwxyz234567', '0123456789abcdef');
            $this->user->update();

            // FIXME: go the extra mile and check the input lengths for
--- a/indefero/src/IDF/Plugin/SyncMercurial.php
+++ b/indefero/src/IDF/Plugin/SyncMercurial.php
@@ -231,6 +231,8 @@ class IDF_Plugin_SyncMercurial
                $fcontent .= '<Location '. sprintf(Pluf::f('idf_plugin_syncmercurial_private_url'), $project->shortname).'>'."\n";
                $fcontent .= 'AuthType Basic'."\n";
                $fcontent .= 'AuthName "Restricted"'."\n";
+                $fcontent .= 'AuthExternal otpauth\n';
+                $fcontent .= 'AuthBasicProvider external\n';
                $fcontent .= sprintf('AuthUserFile %s', Pluf::f('idf_plugin_syncmercurial_passwd_file'))."\n";
                $fcontent .= sprintf('Require user %s', $user)."\n";
                $fcontent .= '</Location>'."\n\n";
--- a/indefero/src/IDF/templates/idf/user/myaccount.html
+++ b/indefero/src/IDF/templates/idf/user/myaccount.html
@@ -100,6 +100,16 @@
 <span class="helptext">{$form.f.public_key.help_text}</span>
 </td>
 </tr>
+    <tr>
+        <th>{$form.f.otpkey.labelTag}:</th>
+        <td>{if $form.f.otpkey.errors}{$form.f.otpkey.fieldErrors}{/if}
+            {$form.f.otpkey|unsafe} <a id="id_otpgen" href="#">Generate</a><br />
+            <span class="helptext">{$form.f.otpkey.help_text}</span>
+            <br/>
+            <br/>
+            <div id="QRcode"></div>
+        </td>
+    </tr>
 <tr><td colspan="2" class="separator">{trans "Secondary Emails"}</td></tr>
 <tr>
 <th>{$form.f.secondary_mail.labelTag}:</th>
@@ -153,8 +163,10 @@
 <p>{trans 'The extra password is used to access some of the external systems and the API key is used to interact with this website using a program.'}</p>
 </div>{/block}

-{block javascript}<script type="text/javascript">
+{block javascript}
+<script type="text/javascript">
 document.getElementById('id_first_name').focus();
+var user = "{$user.login}";
 {literal}
 $(document).ready(function() {
    // Hide the key password by default.
@@ -165,6 +177,32 @@ $(document).ready(function() {
        return false;
    });
    $(".pass-info").hide();
+    $("#id_otpkey").bind('input', function ()
+    {
+        if ($("#id_otpkey").val() != "")
+        {
+            var url = "https://chart.googleapis.com/chart?chs=300x300&cht=qr&chl=otpauth%3A%2F%2Ftotp%2F" + user + "?secret=" + $("#id_otpkey").val() + "%26issuer=srchub&choe=UTF-8";
+            $("#QRcode").html('<img src="' + url + '" />');
+        } else {
+            $("#QRcode").html('');
+        }
+    });
+    $("#id_otpgen").click(function ()
+    {
+        var chars = "abcdefghijklmnopqrstuvwxyz234567";
+        var key = "";
+        for(var i = 0; i < 32; i++)
+            key += chars[Math.floor(Math.random() * 32)];
+        $("#id_otpkey").val(key);
+        var url = "https://chart.googleapis.com/chart?chs=300x300&cht=qr&chl=otpauth%3A%2F%2Ftotp%2F" + user + "?secret=" + $("#id_otpkey").val().toUpperCase() + "%26issuer=srchub&choe=UTF-8";
+        $("#QRcode").html('<img src="' + url + '" />')
+        return false;
+    });
+    if ($("#id_otpkey").val() != "")
+    {
+        var url = "https://chart.googleapis.com/chart?chs=300x300&cht=qr&chl=otpauth%3A%2F%2Ftotp%2F" + user + "?secret=" + $("#id_otpkey").val().toUpperCase() + "%26issuer=srchub&choe=UTF-8";
+        $("#QRcode").html('<img src="' + url + '" />')
+    }
 });{/literal}
 </script>
 {/block}