GitHub/WoltLab/WCF.git
3 years agoSet session's languageID in SessionHandler::changeUserAfterMultifactor()
Tim Düsterhus [Wed, 18 Nov 2020 13:16:35 +0000 (14:16 +0100)]
Set session's languageID in SessionHandler::changeUserAfterMultifactor()

3 years agoAdd information box to multifactorAuthentication.tpl
Tim Düsterhus [Wed, 18 Nov 2020 11:16:30 +0000 (12:16 +0100)]
Add information box to multifactorAuthentication.tpl

3 years agoAdd support for pending users to UserProfile::canSeeAvatar()
Tim Düsterhus [Wed, 18 Nov 2020 10:51:56 +0000 (11:51 +0100)]
Add support for pending users to UserProfile::canSeeAvatar()

3 years agoExpose a userProfile object to the template in MFAuthenticationForm
Tim Düsterhus [Wed, 18 Nov 2020 10:52:56 +0000 (11:52 +0100)]
Expose a userProfile object to the template in MFAuthenticationForm

3 years agoAdd MultifactorAuthenticationAbortForm
Tim Düsterhus [Wed, 18 Nov 2020 11:15:30 +0000 (12:15 +0100)]
Add MultifactorAuthenticationAbortForm

3 years agoMake the MFA authentication look a bit nicer
Tim Düsterhus [Tue, 17 Nov 2020 11:04:43 +0000 (12:04 +0100)]
Make the MFA authentication look a bit nicer

3 years agoDisable the login dropdown in multifactorAuthentcation.tpl
Tim Düsterhus [Tue, 17 Nov 2020 10:17:00 +0000 (11:17 +0100)]
Disable the login dropdown in multifactorAuthentcation.tpl

3 years agoSupport accessing the MultifactorAuthenticationForm when logged in
Tim Düsterhus [Tue, 17 Nov 2020 10:10:41 +0000 (11:10 +0100)]
Support accessing the MultifactorAuthenticationForm when logged in

3 years agoAdd support for redirectUrl to MultifactorAuthenticationForm
Tim Düsterhus [Tue, 17 Nov 2020 10:07:24 +0000 (11:07 +0100)]
Add support for redirectUrl to MultifactorAuthenticationForm

3 years agoSet multifactorActive = 1 in MultifactorMangeForm
Tim Düsterhus [Tue, 17 Nov 2020 13:09:59 +0000 (14:09 +0100)]
Set multifactorActive = 1 in MultifactorMangeForm

3 years agoMerge transactions in MultifactorManageForm::save()
Tim Düsterhus [Tue, 17 Nov 2020 09:26:11 +0000 (10:26 +0100)]
Merge transactions in MultifactorManageForm::save()

3 years agoAdd MultifactorManageForm::generateBackupCodes()
Tim Düsterhus [Tue, 17 Nov 2020 09:24:01 +0000 (10:24 +0100)]
Add MultifactorManageForm::generateBackupCodes()

3 years agoMerge pull request #3729 from WoltLab/mfa-email
Tim Düsterhus [Wed, 18 Nov 2020 12:53:05 +0000 (13:53 +0100)]
Merge pull request #3729 from WoltLab/mfa-email

Add EmailMultifactorMethod

3 years agoImprove phrasing for email MFA
Tim Düsterhus [Wed, 18 Nov 2020 11:52:26 +0000 (12:52 +0100)]
Improve phrasing for email MFA

3 years agofixup! Add EmailMultifactorMethod
Tim Düsterhus [Wed, 18 Nov 2020 11:51:21 +0000 (12:51 +0100)]
fixup! Add EmailMultifactorMethod

3 years agoShow the one time code within the mail's subject
Tim Düsterhus [Wed, 18 Nov 2020 11:50:22 +0000 (12:50 +0100)]
Show the one time code within the mail's subject

3 years agoForce the setupId to be an int in MFAuthenticationForm
Tim Düsterhus [Tue, 17 Nov 2020 10:14:15 +0000 (11:14 +0100)]
Force the setupId to be an int in MFAuthenticationForm

3 years agoImprove return type for Setup::getAllForUser()
Tim Düsterhus [Tue, 17 Nov 2020 10:13:42 +0000 (11:13 +0100)]
Improve return type for Setup::getAllForUser()

3 years agoAdd EmailMultifactorMethod
Tim Düsterhus [Tue, 17 Nov 2020 14:19:55 +0000 (15:19 +0100)]
Add EmailMultifactorMethod

3 years agoFix TOTP flood control
Tim Düsterhus [Tue, 17 Nov 2020 13:42:10 +0000 (14:42 +0100)]
Fix TOTP flood control

3 years agoAdd Setup::getUser() method
Tim Düsterhus [Tue, 17 Nov 2020 13:59:48 +0000 (14:59 +0100)]
Add Setup::getUser() method

3 years agoFix use of informal German in TOTP's lastDevice phrase
Tim Düsterhus [Tue, 17 Nov 2020 15:15:56 +0000 (16:15 +0100)]
Fix use of informal German in TOTP's lastDevice phrase

3 years agoMerge pull request #3712 from WoltLab/mfa-setup
Tim Düsterhus [Mon, 16 Nov 2020 16:33:51 +0000 (17:33 +0100)]
Merge pull request #3712 from WoltLab/mfa-setup

Add basic support for multi factor authentication

3 years agoUse the placeholder as the default device name
Tim Düsterhus [Mon, 16 Nov 2020 12:51:05 +0000 (13:51 +0100)]
Use the placeholder as the default device name

3 years agoAdd SessionHandler::getPendingUserChange()
Tim Düsterhus [Mon, 16 Nov 2020 12:06:57 +0000 (13:06 +0100)]
Add SessionHandler::getPendingUserChange()

3 years agoGenerate backup codes when setting up the first MFA method
Tim Düsterhus [Fri, 13 Nov 2020 15:24:07 +0000 (16:24 +0100)]
Generate backup codes when setting up the first MFA method

3 years agoDisallow management of backup codes if they are not set up
Tim Düsterhus [Fri, 13 Nov 2020 14:40:02 +0000 (15:40 +0100)]
Disallow management of backup codes if they are not set up

3 years agoAdd proper success messages for TOTP
Tim Düsterhus [Fri, 13 Nov 2020 14:34:54 +0000 (15:34 +0100)]
Add proper success messages for TOTP

3 years agoAdd proper TOTP device management
Tim Düsterhus [Fri, 13 Nov 2020 13:42:27 +0000 (14:42 +0100)]
Add proper TOTP device management

3 years agoAdd multifactor\Setup class for stronger typing
Tim Düsterhus [Wed, 11 Nov 2020 14:59:19 +0000 (15:59 +0100)]
Add multifactor\Setup class for stronger typing

3 years agoAdd helper methods to MultifactorManageForm
Tim Düsterhus [Wed, 11 Nov 2020 14:14:02 +0000 (15:14 +0100)]
Add helper methods to MultifactorManageForm

These will be required for a future commit, but they also improve readability.

3 years agoClear MFA inputs if an invalid code is entered
Tim Düsterhus [Tue, 10 Nov 2020 14:19:39 +0000 (15:19 +0100)]
Clear MFA inputs if an invalid code is entered

It's not useful preserving an invalid code for the user.

3 years agoImprove UX when setting up TOTP
Tim Düsterhus [Tue, 10 Nov 2020 14:07:27 +0000 (15:07 +0100)]
Improve UX when setting up TOTP

3 years agoAdd flood control for multi-factor authentication
Tim Düsterhus [Tue, 10 Nov 2020 09:46:35 +0000 (10:46 +0100)]
Add flood control for multi-factor authentication

3 years agoAdd MFA tables to update script
Tim Düsterhus [Tue, 10 Nov 2020 08:29:00 +0000 (09:29 +0100)]
Add MFA tables to update script

3 years agoUse 'Multi-Factor Authentication' in English phrasing
Tim Düsterhus [Tue, 10 Nov 2020 08:18:31 +0000 (09:18 +0100)]
Use 'Multi-Factor Authentication' in English phrasing

3 years agoMove the heavy TOTP lifting into unpack
Tim Düsterhus [Mon, 9 Nov 2020 12:56:32 +0000 (13:56 +0100)]
Move the heavy TOTP lifting into unpack

3 years agoAdd namespace to all functions and constants for multifactor forms
Tim Düsterhus [Mon, 9 Nov 2020 12:41:59 +0000 (13:41 +0100)]
Add namespace to all functions and constants for multifactor forms

3 years agoAdd namespace to all functions and constants for TotpMultifactorMethod
Tim Düsterhus [Mon, 9 Nov 2020 12:40:36 +0000 (13:40 +0100)]
Add namespace to all functions and constants for TotpMultifactorMethod

3 years agoAdd namespace to all functions and constants for BackupMultifactorMethod
Tim Düsterhus [Mon, 9 Nov 2020 12:37:12 +0000 (13:37 +0100)]
Add namespace to all functions and constants for BackupMultifactorMethod

3 years agoAdd default device name for TOTP
Tim Düsterhus [Mon, 9 Nov 2020 12:32:07 +0000 (13:32 +0100)]
Add default device name for TOTP

3 years agoAdd barebones support for deleting TOTP devices
Tim Düsterhus [Fri, 6 Nov 2020 15:42:54 +0000 (16:42 +0100)]
Add barebones support for deleting TOTP devices

3 years agoFacelift adding TOTP devices
Tim Düsterhus [Fri, 6 Nov 2020 15:30:11 +0000 (16:30 +0100)]
Facelift adding TOTP devices

3 years agoAdd multifactor language items
Tim Düsterhus [Fri, 6 Nov 2020 13:35:49 +0000 (14:35 +0100)]
Add multifactor language items

3 years agoAdd authentication support to TotpMultifactorMethod
Tim Düsterhus [Fri, 6 Nov 2020 11:25:56 +0000 (12:25 +0100)]
Add authentication support to TotpMultifactorMethod

3 years agoAdd QR code to __totpSecretField.tpl
Tim Düsterhus [Fri, 6 Nov 2020 09:49:11 +0000 (10:49 +0100)]
Add QR code to __totpSecretField.tpl

3 years agoAdd MultifactorAuthenticationForm
Tim Düsterhus [Fri, 6 Nov 2020 08:38:27 +0000 (09:38 +0100)]
Add MultifactorAuthenticationForm

3 years agoAdd SessionHandler::changeUserAfterMultifactor()
Tim Düsterhus [Thu, 5 Nov 2020 15:22:50 +0000 (16:22 +0100)]
Add SessionHandler::changeUserAfterMultifactor()

3 years agoAdd support for adding devices to TotpMultifactorMethod
Tim Düsterhus [Thu, 5 Nov 2020 13:42:58 +0000 (14:42 +0100)]
Add support for adding devices to TotpMultifactorMethod

3 years agoImplement getStatusText() for the `backup` multifactor method
Tim Düsterhus [Thu, 5 Nov 2020 10:03:31 +0000 (11:03 +0100)]
Implement getStatusText() for the `backup` multifactor method

3 years agoAdd MultifactorManageForm
Tim Düsterhus [Thu, 5 Nov 2020 09:59:31 +0000 (10:59 +0100)]
Add MultifactorManageForm

3 years agoAdd User::getEnabledMultifactorMethods()
Tim Düsterhus [Mon, 2 Nov 2020 14:04:40 +0000 (15:04 +0100)]
Add User::getEnabledMultifactorMethods()

3 years agoAdd com.woltlab.wcf.multifactor.backup object type
Tim Düsterhus [Mon, 2 Nov 2020 14:11:41 +0000 (15:11 +0100)]
Add com.woltlab.wcf.multifactor.backup object type

3 years agoAdd IMultifactorMethod
Tim Düsterhus [Mon, 2 Nov 2020 13:55:08 +0000 (14:55 +0100)]
Add IMultifactorMethod

3 years agoIntegrate multifactor into AccountSecurityPage
Tim Düsterhus [Mon, 2 Nov 2020 13:41:30 +0000 (14:41 +0100)]
Integrate multifactor into AccountSecurityPage

3 years agoAdd wcf1_user_multifactor
Tim Düsterhus [Mon, 2 Nov 2020 13:32:58 +0000 (14:32 +0100)]
Add wcf1_user_multifactor

3 years agoAdd com.woltlab.wcf.multifactor.totp objectType
Tim Düsterhus [Mon, 2 Nov 2020 13:28:58 +0000 (14:28 +0100)]
Add com.woltlab.wcf.multifactor.totp objectType

3 years agoAdd com.woltlab.wcf.multifactor objectTypeDefinition
Tim Düsterhus [Mon, 2 Nov 2020 13:26:52 +0000 (14:26 +0100)]
Add com.woltlab.wcf.multifactor objectTypeDefinition

3 years agoMultifactor Authentication: Integration branch
Tim Düsterhus [Mon, 9 Nov 2020 13:13:28 +0000 (14:13 +0100)]
Multifactor Authentication: Integration branch

3 years agoAdd parent for AccountSecurity in page.xml
Tim Düsterhus [Tue, 10 Nov 2020 14:14:20 +0000 (15:14 +0100)]
Add parent for AccountSecurity in page.xml

3 years agoAdd missing import to update_com.woltlab.wcf_5.4_db.php
Tim Düsterhus [Tue, 10 Nov 2020 08:29:25 +0000 (09:29 +0100)]
Add missing import to update_com.woltlab.wcf_5.4_db.php

3 years agoMerge pull request #3709 from WoltLab/54-typescript-i18n
Alexander Ebert [Mon, 9 Nov 2020 18:14:20 +0000 (19:14 +0100)]
Merge pull request #3709 from WoltLab/54-typescript-i18n

Convert i18n modules to TypeScript

3 years agoMerge pull request #3705 from WoltLab/54-typescript-upload
Alexander Ebert [Mon, 9 Nov 2020 18:13:54 +0000 (19:13 +0100)]
Merge pull request #3705 from WoltLab/54-typescript-upload

Convert `Ui/File/Upload` to TypeScript

3 years agoMerge pull request #3706 from WoltLab/54-remove-enquire
Alexander Ebert [Mon, 9 Nov 2020 18:13:16 +0000 (19:13 +0100)]
Merge pull request #3706 from WoltLab/54-remove-enquire

Remove enquire.js

3 years agoRemove extra space after class attribute in form builder containers
Tim Düsterhus [Mon, 9 Nov 2020 16:04:53 +0000 (17:04 +0100)]
Remove extra space after class attribute in form builder containers

3 years agoAdd proper return types to CryptoUtil
Tim Düsterhus [Mon, 9 Nov 2020 13:45:33 +0000 (14:45 +0100)]
Add proper return types to CryptoUtil

3 years agoUse constant time encoding in CryptoUtil
Tim Düsterhus [Mon, 9 Nov 2020 13:43:20 +0000 (14:43 +0100)]
Use constant time encoding in CryptoUtil

3 years agoFix diff problem matcher
Tim Düsterhus [Mon, 9 Nov 2020 14:24:24 +0000 (15:24 +0100)]
Fix diff problem matcher

3 years agoMerge branch '5.3'
Matthias Schmidt [Mon, 9 Nov 2020 13:10:31 +0000 (14:10 +0100)]
Merge branch '5.3'

3 years agoMerge branch '5.2' into 5.3
Matthias Schmidt [Mon, 9 Nov 2020 13:08:28 +0000 (14:08 +0100)]
Merge branch '5.2' into 5.3

3 years agoFix deleting obsolete nodes in form builder dependeny manager
Matthias Schmidt [Mon, 9 Nov 2020 13:08:14 +0000 (14:08 +0100)]
Fix deleting obsolete nodes in form builder dependeny manager

3 years agoRemove obsolete code for update from 2.1 to 3.0 (#3710)
Matthias Schmidt [Mon, 9 Nov 2020 12:43:58 +0000 (13:43 +0100)]
Remove obsolete code for update from 2.1 to 3.0 (#3710)

See 96ad3d1dfbda38394a8a31b6fff5839428719106

3 years agoUpdating minified JavaScript files
WoltLab [Mon, 9 Nov 2020 12:41:51 +0000 (12:41 +0000)]
Updating minified JavaScript files

3 years agoFix WCFSetup
Tim Düsterhus [Mon, 9 Nov 2020 12:00:02 +0000 (13:00 +0100)]
Fix WCFSetup

3 years agoMerge branch '5.2' into 5.3
Alexander Ebert [Sun, 8 Nov 2020 18:19:49 +0000 (19:19 +0100)]
Merge branch '5.2' into 5.3

3 years agoMerge branch '3.1' into 5.2
Alexander Ebert [Sun, 8 Nov 2020 18:19:34 +0000 (19:19 +0100)]
Merge branch '3.1' into 5.2

3 years agoObsolete exclusion of the old ACP catpcha
Alexander Ebert [Sun, 8 Nov 2020 18:19:17 +0000 (19:19 +0100)]
Obsolete exclusion of the old ACP catpcha

This route does not exist anymore since WoltLab Suite 3.0.

3 years agoConvert `Language/Text` to TypeScript
Alexander Ebert [Sun, 8 Nov 2020 18:04:00 +0000 (19:04 +0100)]
Convert `Language/Text` to TypeScript

3 years agoConvert `Language/Input` to TypeScript
Alexander Ebert [Sun, 8 Nov 2020 14:04:17 +0000 (15:04 +0100)]
Convert `Language/Input` to TypeScript

3 years agoConvert `Language/Chooser` to TypeScript
Alexander Ebert [Sat, 7 Nov 2020 23:40:23 +0000 (00:40 +0100)]
Convert `Language/Chooser` to TypeScript

3 years agoRemove enquire.js
Alexander Ebert [Sat, 7 Nov 2020 18:57:18 +0000 (19:57 +0100)]
Remove enquire.js

3 years agoConvert `Ui/File/Upload` to TypeScript
Alexander Ebert [Sat, 7 Nov 2020 18:32:48 +0000 (19:32 +0100)]
Convert `Ui/File/Upload` to TypeScript

3 years agoAdd button form field and is not clicked condition
Matthias Schmidt [Sat, 7 Nov 2020 11:53:50 +0000 (12:53 +0100)]
Add button form field and is not clicked condition

* Add button form field

Close #3693

* Add public method to submit `Ui/Dialog`

* Support additional submit buttons in `Form/Builder/Dialog`

* Support `ButtonFormField` in AJAX forms

* Fix identifier of data processor in `ButtonFormField`

* Fix data processor for `ButtonFormField`

* Add condition for form builder buttons not being clicked

* Simplify button form field-related TypeScript code

Co-authored-by: Alexander Ebert <ebert@woltlab.com>
* Add missing semicolon

* Unify condition to checked if form field button has been clicked

Co-authored-by: Alexander Ebert <ebert@woltlab.com>
3 years agoMerge branch '5.3'
Matthias Schmidt [Sat, 7 Nov 2020 09:17:01 +0000 (10:17 +0100)]
Merge branch '5.3'

3 years agoMerge branch '5.2' into 5.3
Matthias Schmidt [Sat, 7 Nov 2020 09:15:35 +0000 (10:15 +0100)]
Merge branch '5.2' into 5.3

3 years agoFix deleting obsolete nodes in form builder dependeny manager
Matthias Schmidt [Sat, 7 Nov 2020 09:15:20 +0000 (10:15 +0100)]
Fix deleting obsolete nodes in form builder dependeny manager

3 years agoMerge pull request #3700 from WoltLab/54-typescript-comment
Alexander Ebert [Fri, 6 Nov 2020 17:13:33 +0000 (18:13 +0100)]
Merge pull request #3700 from WoltLab/54-typescript-comment

Convert the comment (response) modules to TypeScript

3 years agoUse `WeakSet` to track elements
Alexander Ebert [Fri, 6 Nov 2020 16:44:33 +0000 (17:44 +0100)]
Use `WeakSet` to track elements

3 years agoMerge pull request #3697 from WoltLab/promote-owner-remove
Alexander Ebert [Fri, 6 Nov 2020 16:41:36 +0000 (17:41 +0100)]
Merge pull request #3697 from WoltLab/promote-owner-remove

Remove the owner group promotion functionality

3 years agoRemove the owner group promotion functionality
Tim Düsterhus [Fri, 6 Nov 2020 08:45:05 +0000 (09:45 +0100)]
Remove the owner group promotion functionality

By now every instance should have an owner group.

3 years agoFix filenames of 5.3 -> 5.4 update scripts
Tim Düsterhus [Fri, 6 Nov 2020 16:22:07 +0000 (17:22 +0100)]
Fix filenames of 5.3 -> 5.4 update scripts

3 years agoUse constant time encoding / decoding of security critical code (#3699)
Joshua Rüsweg [Fri, 6 Nov 2020 16:00:10 +0000 (17:00 +0100)]
Use constant time encoding / decoding of security critical code (#3699)

* Use `Hex::decode` to convert hex2bin
Previously we used the internal PHP function `hex2bin` which has the problem with cache-timing leaks. The Hex class converts the given string without cache-timing leaks.

* Use `Hex::encode` to convert bin2hex
Previously we used the internal PHP function `bin2hex` which has the problem with cache-timing leaks. The Hex class converts the given string without cache-timing leaks.

3 years agoConvert `Ui/Comment/Response/Edit` to TypeScript
Alexander Ebert [Fri, 6 Nov 2020 15:54:50 +0000 (16:54 +0100)]
Convert `Ui/Comment/Response/Edit` to TypeScript

3 years agoConvert `Ui/Comment/Response/Add` to TypeScript
Alexander Ebert [Fri, 6 Nov 2020 14:52:55 +0000 (15:52 +0100)]
Convert `Ui/Comment/Response/Add` to TypeScript

3 years agoMove types dev dependencies to normal dependencies
Matthias Schmidt [Fri, 6 Nov 2020 14:24:44 +0000 (15:24 +0100)]
Move types dev dependencies to normal dependencies

3 years agoFix storing ids in `Ui/Dialog` elements
Matthias Schmidt [Fri, 6 Nov 2020 13:45:07 +0000 (14:45 +0100)]
Fix storing ids in `Ui/Dialog` elements

See b6b1bdd4461e8a841b3d0aff02043aef5acceb3a

3 years agoConvert `Ui/Comment/Edit` to TypeScript
Alexander Ebert [Fri, 6 Nov 2020 12:35:15 +0000 (13:35 +0100)]
Convert `Ui/Comment/Edit` to TypeScript

3 years agoConvert `Ui/Comment/Add` to TypeScript
Alexander Ebert [Fri, 6 Nov 2020 12:02:10 +0000 (13:02 +0100)]
Convert `Ui/Comment/Add` to TypeScript

3 years agoMerge pull request #3696 from WoltLab/54-typescript-message
Alexander Ebert [Fri, 6 Nov 2020 11:46:53 +0000 (12:46 +0100)]
Merge pull request #3696 from WoltLab/54-typescript-message

Convert message modules to TypeScript

3 years agoOutdated JS files
Alexander Ebert [Fri, 6 Nov 2020 11:28:59 +0000 (12:28 +0100)]
Outdated JS files