allura-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From brond...@apache.org
Subject [1/4] allura git commit: [#8117] make all 2FA pages look nicer; increase pwd reconfirm timeout
Date Thu, 01 Sep 2016 16:08:18 GMT
Repository: allura
Updated Branches:
  refs/heads/db/8117 57b425241 -> a8d198013


[#8117] make all 2FA pages look nicer; increase pwd reconfirm timeout


Project: http://git-wip-us.apache.org/repos/asf/allura/repo
Commit: http://git-wip-us.apache.org/repos/asf/allura/commit/56fa52cc
Tree: http://git-wip-us.apache.org/repos/asf/allura/tree/56fa52cc
Diff: http://git-wip-us.apache.org/repos/asf/allura/diff/56fa52cc

Branch: refs/heads/db/8117
Commit: 56fa52ccab3c1e45f7cc4f93ddfbb5c77b3cc722
Parents: 57b4252
Author: Dave Brondsema <dave@brondsema.net>
Authored: Wed Aug 31 17:14:16 2016 -0400
Committer: Dave Brondsema <dave@brondsema.net>
Committed: Thu Sep 1 10:29:10 2016 -0400

----------------------------------------------------------------------
 Allura/allura/templates/login_multifactor.html |  7 ++-
 Allura/allura/templates/reconfirm_auth.html    |  7 ++-
 Allura/allura/templates/user_account_base.html |  2 +
 Allura/allura/templates/user_totp.html         | 62 ++++++++++++++++-----
 Allura/allura/tests/functional/test_auth.py    |  4 +-
 Allura/development.ini                         |  2 +-
 6 files changed, 62 insertions(+), 22 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/allura/blob/56fa52cc/Allura/allura/templates/login_multifactor.html
----------------------------------------------------------------------
diff --git a/Allura/allura/templates/login_multifactor.html b/Allura/allura/templates/login_multifactor.html
index 07eaa80..3edb53c 100644
--- a/Allura/allura/templates/login_multifactor.html
+++ b/Allura/allura/templates/login_multifactor.html
@@ -25,15 +25,18 @@
 
 {% block content %}
 <form method="post" action="/auth/do_multifactor">
-    <h2>Please enter your Multifactor Authentication Code</h2>
+    <h2>Enter your Multifactor Authentication Code</h2>
+    <p>
+    Please enter the {{ config['auth.multifactor.totp.length'] }}-digit code from your authenticator
app:<br>
     {% if c.form_errors['code'] %}
-        <div class="fielderror">{{ c.form_errors['code'] }}</div>
+        <span class="fielderror">{{ c.form_errors['code'] }}</span><br>
     {% endif %}
     <input type="text" name="code" autofocus autocomplete="off"/>
     <input type="hidden" name="return_to" value="{{ return_to }}"/>
     <br>
     <input type="submit" value="Log In">
     {{ lib.csrf_token() }}
+    </p>
 </form>
 
 {% endblock %}

http://git-wip-us.apache.org/repos/asf/allura/blob/56fa52cc/Allura/allura/templates/reconfirm_auth.html
----------------------------------------------------------------------
diff --git a/Allura/allura/templates/reconfirm_auth.html b/Allura/allura/templates/reconfirm_auth.html
index f44be2d..26d6fd2 100644
--- a/Allura/allura/templates/reconfirm_auth.html
+++ b/Allura/allura/templates/reconfirm_auth.html
@@ -26,8 +26,10 @@
 {% block content %}
 <form method="post">
     <h2>Password Confirmation</h2>
-    <p>To access this account security page, you must reconfirm your password:</p>
-    <div class="fielderror">{{ c.form_errors['password'] }}</div>
+    <p>To access this account security page, you must reconfirm your password:<br>
+    {% if c.form_errors['password'] %}
+        <span class="fielderror">{{ c.form_errors['password'] }}</span><br>
+    {% endif %}
     <input type="password" name="password" autofocus>
     <br>
     <input type="submit" value="Submit">
@@ -40,5 +42,6 @@
     {% endfor %}
 
     {{ lib.csrf_token() }}
+    </p>
 </form>
 {% endblock %}

http://git-wip-us.apache.org/repos/asf/allura/blob/56fa52cc/Allura/allura/templates/user_account_base.html
----------------------------------------------------------------------
diff --git a/Allura/allura/templates/user_account_base.html b/Allura/allura/templates/user_account_base.html
index eb68667..71442ee 100644
--- a/Allura/allura/templates/user_account_base.html
+++ b/Allura/allura/templates/user_account_base.html
@@ -20,6 +20,7 @@
 {% extends g.theme.master %}
 
 {% block content %}
+{% if menu %}
   <ul id="account-nav-menu" class="b-hornav droppy">
       {% for item in menu -%}
       <li id="{{ item.tabid }}">
@@ -30,4 +31,5 @@
       </li>
       {%- endfor %}
   </ul>
+{% endif %}
 {% endblock %}

http://git-wip-us.apache.org/repos/asf/allura/blob/56fa52cc/Allura/allura/templates/user_totp.html
----------------------------------------------------------------------
diff --git a/Allura/allura/templates/user_totp.html b/Allura/allura/templates/user_totp.html
index 4dce799..241ff42 100644
--- a/Allura/allura/templates/user_totp.html
+++ b/Allura/allura/templates/user_totp.html
@@ -30,26 +30,58 @@
         {% if c.user.get_pref('multifactor') %}
             <h3>Warning: this will invalidate your previous multifactor configuration.</h3>
         {% endif %}
-    <h2>Install App</h2>
-    <p>To use two-factor authentication, you will need to install an app on your phone.
-       You can use Duo Mobile, Authy, Google Authenticator, or Authenticator for Windows
phones.</p>
+        <h2>Install App</h2>
+        <p>To use two-factor authentication, you will need to install an app on your
phone.<br>
+            Install Google Authenticator for
+            <a href="https://play.google.com/store/apps/details?id=com.google.android.apps.authenticator2"><b>Android</b></a>
+            or <a href="https://itunes.apple.com/us/app/google-authenticator/id388497605"><b>iOS</b></a>.
+            <br>
+            Or use another app like Duo Mobile, Authy, or Authenticator for Windows phones.
+        </p>
     {% endif %}
 
     <h2>Scan this barcode with your app</h2>
-    <img src="{{ h.base64uri(qr) }}"/>
+    <img class="qrcode" src="{{ h.base64uri(qr) }}"/>
 
     {% if setup %}
-    <h2>Enter the code</h2>
-    <p>
-    Enter the 6-digit code to confirm it is set up correctly:
-    <form method="POST" action="totp_set">
-        <div class="fielderror">{{ c.form_errors['code'] }}</div>
-        <input type="text" name="code" autofocus autocomplete="off"/>
-        {{ lib.csrf_token() }}
-        <br>
-        <input type="submit" value="Submit">
-    </form>
-    </p>
+        <h2>Enter the code</h2>
+        <form method="POST" action="totp_set">
+        <p>
+            Enter the {{ config['auth.multifactor.totp.length'] }}-digit code to confirm
it is set up correctly:<br>
+            {% if c.form_errors['code'] %}
+                <span class="fielderror">{{ c.form_errors['code'] }}</span><br>
+            {% endif %}
+            <input type="text" name="code" autofocus autocomplete="off"/>
+            {{ lib.csrf_token() }}
+            <br>
+            <input type="submit" value="Submit">
+            <a class="cancel" href="/auth/preferences/">Cancel</a>
+        </p>
+        </form>
+    {% else %}
+        <p>
+            You may use this to set up additional devices with the same two-factor key.<br>
+            <br>
+            If you are replacing a device, please <a href="totp_new">regenerate a brand
new key</a>.<br>
+            <br>
+            <a href="/auth/preferences/">Back</a>
+        </p>
     {% endif %}
   </div>
 {% endblock %}
+
+{% block extra_css %}
+<style type="text/css">
+    .qrcode {
+        /* compensate for whitespace on QR code image */
+        position: relative;
+        top: -15px;
+        margin-bottom: -15px;
+    }
+    a.cancel {
+        /* align with floated button */
+        display: inline-block;
+        margin: 6px 10px;
+    }
+</style>
+{% endblock %}
\ No newline at end of file

http://git-wip-us.apache.org/repos/asf/allura/blob/56fa52cc/Allura/allura/tests/functional/test_auth.py
----------------------------------------------------------------------
diff --git a/Allura/allura/tests/functional/test_auth.py b/Allura/allura/tests/functional/test_auth.py
index 3483e6f..e203869 100644
--- a/Allura/allura/tests/functional/test_auth.py
+++ b/Allura/allura/tests/functional/test_auth.py
@@ -2037,12 +2037,12 @@ class TestTwoFactor(TestController):
             assert_not_in('Password Confirmation', r)
 
             # still not required
-            datetime.utcnow.return_value = real_datetime(2016, 1, 1, 0, 0, 45)
+            datetime.utcnow.return_value = real_datetime(2016, 1, 1, 0, 1, 45)
             r = self.app.get('/auth/preferences/totp_new')
             assert_not_in('Password Confirmation', r)
 
             # required later
-            datetime.utcnow.return_value = real_datetime(2016, 1, 1, 0, 1, 3)
+            datetime.utcnow.return_value = real_datetime(2016, 1, 1, 0, 2, 3)
             r = self.app.get('/auth/preferences/totp_new')
             assert_in('Password Confirmation', r)
 

http://git-wip-us.apache.org/repos/asf/allura/blob/56fa52cc/Allura/development.ini
----------------------------------------------------------------------
diff --git a/Allura/development.ini b/Allura/development.ini
index a72f9fd..31ad42f 100644
--- a/Allura/development.ini
+++ b/Allura/development.ini
@@ -191,7 +191,7 @@ auth.upload_ssh_url = /auth/preferences/
 auth.recovery_hash_expiry_period = 600
 
 ; Some pages require users to reconfirm their password.  This controls how long that lasts
for
-auth.reconfirm.seconds = 60
+auth.reconfirm.seconds = 120
 
 ; TOTP stands for Time-based One Time Password
 ; it is the most common two-factor auth protocol, used with Google Authenticator and other
phone apps


Mime
View raw message