From 1ced9649c7ff47850603b9f95b1b4b9645648fe8 Mon Sep 17 00:00:00 2001 From: NGPixel Date: Sun, 5 Jul 2020 23:55:11 -0400 Subject: [PATCH] feat: enforce 2fa admin setting + hide local on login screen --- client/components/admin/admin-security.vue | 4 ++++ client/components/login.vue | 22 ++++++++++++++++------ server/app/data.yml | 1 + server/graph/resolvers/site.js | 2 ++ server/graph/schemas/site.graphql | 2 ++ 5 files changed, 25 insertions(+), 6 deletions(-) diff --git a/client/components/admin/admin-security.vue b/client/components/admin/admin-security.vue index 0454d542..cf4840fa 100644 --- a/client/components/admin/admin-security.vue +++ b/client/components/admin/admin-security.vue @@ -278,6 +278,7 @@ export default { mutation: gql` mutation ( $authAutoLogin: Boolean + $authEnforce2FA: Boolean $authHideLocal: Boolean $authLoginBgUrl: String $authJwtAudience: String @@ -298,6 +299,7 @@ export default { site { updateConfig( authAutoLogin: $authAutoLogin, + authEnforce2FA: $authEnforce2FA, authHideLocal: $authHideLocal, authLoginBgUrl: $authLoginBgUrl, authJwtAudience: $authJwtAudience, @@ -327,6 +329,7 @@ export default { `, variables: { authAutoLogin: _.get(this.config, 'authAutoLogin', false), + authEnforce2FA: _.get(this.config, 'authEnforce2FA', false), authHideLocal: _.get(this.config, 'authHideLocal', false), authLoginBgUrl: _.get(this.config, 'authLoginBgUrl', ''), authJwtAudience: _.get(this.config, 'authJwtAudience', ''), @@ -377,6 +380,7 @@ export default { site { config { authAutoLogin + authEnforce2FA authHideLocal authLoginBgUrl authJwtAudience diff --git a/client/components/login.vue b/client/components/login.vue index 7ae2d8dc..e0dbef67 100644 --- a/client/components/login.vue +++ b/client/components/login.vue @@ -18,7 +18,7 @@ v-list.elevation-1.radius-7(nav) v-list-item-group(v-model='selectedStrategyKey') v-list-item( - v-for='(stg, idx) of strategies' + v-for='(stg, idx) of filteredStrategies' :key='stg.key' :value='stg.key' :color='stg.strategy.color' @@ -252,8 +252,8 @@ export default { return { error: false, strategies: [], - selectedStrategyKey: 'local', - selectedStrategy: { key: 'local', strategy: { useForm: true } }, + selectedStrategyKey: 'unselected', + selectedStrategy: { key: 'unselected', strategy: { useForm: false } }, screen: 'login', username: '', password: '', @@ -276,11 +276,21 @@ export default { isSocialShown () { return this.strategies.length > 1 }, - logoUrl () { return siteConfig.logoUrl } + logoUrl () { return siteConfig.logoUrl }, + filteredStrategies () { + const qParams = new URLSearchParams(window.location.search) + if (this.hideLocal && !qParams.has('all')) { + return _.reject(this.strategies, ['key', 'local']) + } else { + return this.strategies + } + } }, watch: { - strategies(newValue, oldValue) { - this.selectedStrategy = _.head(newValue) + filteredStrategies (newValue, oldValue) { + if (_.head(newValue).strategy.useForm) { + this.selectedStrategyKey = _.head(newValue).key + } }, selectedStrategyKey (newValue, oldValue) { this.selectedStrategy = _.find(this.strategies, ['key', newValue]) diff --git a/server/app/data.yml b/server/app/data.yml index e9753f2b..f428bdf4 100644 --- a/server/app/data.yml +++ b/server/app/data.yml @@ -55,6 +55,7 @@ defaults: darkMode: false auth: autoLogin: false + enforce2FA: false hideLocal: false loginBgUrl: '' audience: 'urn:wiki.js' diff --git a/server/graph/resolvers/site.js b/server/graph/resolvers/site.js index 14538be0..7b7d4119 100644 --- a/server/graph/resolvers/site.js +++ b/server/graph/resolvers/site.js @@ -22,6 +22,7 @@ module.exports = { ...WIKI.config.features, ...WIKI.config.security, authAutoLogin: WIKI.config.auth.autoLogin, + authEnforce2FA: WIKI.config.auth.enforce2FA, authHideLocal: WIKI.config.auth.hideLocal, authLoginBgUrl: WIKI.config.auth.loginBgUrl, authJwtAudience: WIKI.config.auth.audience, @@ -68,6 +69,7 @@ module.exports = { WIKI.config.auth = { autoLogin: _.get(args, 'authAutoLogin', WIKI.config.auth.autoLogin), + enforce2FA: _.get(args, 'authEnforce2FA', WIKI.config.auth.enforce2FA), hideLocal: _.get(args, 'authHideLocal', WIKI.config.auth.hideLocal), loginBgUrl: _.get(args, 'authLoginBgUrl', WIKI.config.auth.loginBgUrl), audience: _.get(args, 'authJwtAudience', WIKI.config.auth.audience), diff --git a/server/graph/schemas/site.graphql b/server/graph/schemas/site.graphql index d02c9081..fcd68f50 100644 --- a/server/graph/schemas/site.graphql +++ b/server/graph/schemas/site.graphql @@ -34,6 +34,7 @@ type SiteMutation { contentLicense: String logoUrl: String authAutoLogin: Boolean + authEnforce2FA: Boolean authHideLocal: Boolean authLoginBgUrl: String authJwtAudience: String @@ -72,6 +73,7 @@ type SiteConfig { contentLicense: String! logoUrl: String! authAutoLogin: Boolean + authEnforce2FA: Boolean authHideLocal: Boolean authLoginBgUrl: String authJwtAudience: String