Tim Düsterhus [Fri, 13 Nov 2020 14:40:02 +0000 (15:40 +0100)]
Disallow management of backup codes if they are not set up
Tim Düsterhus [Fri, 13 Nov 2020 14:34:54 +0000 (15:34 +0100)]
Add proper success messages for TOTP
Tim Düsterhus [Fri, 13 Nov 2020 13:42:27 +0000 (14:42 +0100)]
Add proper TOTP device management
Tim Düsterhus [Wed, 11 Nov 2020 14:59:19 +0000 (15:59 +0100)]
Add multifactor\Setup class for stronger typing
Tim Düsterhus [Wed, 11 Nov 2020 14:14:02 +0000 (15:14 +0100)]
Add helper methods to MultifactorManageForm
These will be required for a future commit, but they also improve readability.
Tim Düsterhus [Tue, 10 Nov 2020 14:19:39 +0000 (15:19 +0100)]
Clear MFA inputs if an invalid code is entered
It's not useful preserving an invalid code for the user.
Tim Düsterhus [Tue, 10 Nov 2020 14:07:27 +0000 (15:07 +0100)]
Improve UX when setting up TOTP
Tim Düsterhus [Tue, 10 Nov 2020 09:46:35 +0000 (10:46 +0100)]
Add flood control for multi-factor authentication
Tim Düsterhus [Tue, 10 Nov 2020 08:29:00 +0000 (09:29 +0100)]
Add MFA tables to update script
Tim Düsterhus [Tue, 10 Nov 2020 08:18:31 +0000 (09:18 +0100)]
Use 'Multi-Factor Authentication' in English phrasing
Tim Düsterhus [Mon, 9 Nov 2020 12:56:32 +0000 (13:56 +0100)]
Move the heavy TOTP lifting into unpack
Tim Düsterhus [Mon, 9 Nov 2020 12:41:59 +0000 (13:41 +0100)]
Add namespace to all functions and constants for multifactor forms
Tim Düsterhus [Mon, 9 Nov 2020 12:40:36 +0000 (13:40 +0100)]
Add namespace to all functions and constants for TotpMultifactorMethod
Tim Düsterhus [Mon, 9 Nov 2020 12:37:12 +0000 (13:37 +0100)]
Add namespace to all functions and constants for BackupMultifactorMethod
Tim Düsterhus [Mon, 9 Nov 2020 12:32:07 +0000 (13:32 +0100)]
Add default device name for TOTP
Tim Düsterhus [Fri, 6 Nov 2020 15:42:54 +0000 (16:42 +0100)]
Add barebones support for deleting TOTP devices
Tim Düsterhus [Fri, 6 Nov 2020 15:30:11 +0000 (16:30 +0100)]
Facelift adding TOTP devices
Tim Düsterhus [Fri, 6 Nov 2020 13:35:49 +0000 (14:35 +0100)]
Add multifactor language items
Tim Düsterhus [Fri, 6 Nov 2020 11:25:56 +0000 (12:25 +0100)]
Add authentication support to TotpMultifactorMethod
Tim Düsterhus [Fri, 6 Nov 2020 09:49:11 +0000 (10:49 +0100)]
Add QR code to __totpSecretField.tpl
Tim Düsterhus [Fri, 6 Nov 2020 08:38:27 +0000 (09:38 +0100)]
Add MultifactorAuthenticationForm
Tim Düsterhus [Thu, 5 Nov 2020 15:22:50 +0000 (16:22 +0100)]
Add SessionHandler::changeUserAfterMultifactor()
Tim Düsterhus [Thu, 5 Nov 2020 13:42:58 +0000 (14:42 +0100)]
Add support for adding devices to TotpMultifactorMethod
Tim Düsterhus [Thu, 5 Nov 2020 10:03:31 +0000 (11:03 +0100)]
Implement getStatusText() for the `backup` multifactor method
Tim Düsterhus [Thu, 5 Nov 2020 09:59:31 +0000 (10:59 +0100)]
Add MultifactorManageForm
Tim Düsterhus [Mon, 2 Nov 2020 14:04:40 +0000 (15:04 +0100)]
Add User::getEnabledMultifactorMethods()
Tim Düsterhus [Mon, 2 Nov 2020 14:11:41 +0000 (15:11 +0100)]
Add com.woltlab.wcf.multifactor.backup object type
Tim Düsterhus [Mon, 2 Nov 2020 13:55:08 +0000 (14:55 +0100)]
Add IMultifactorMethod
Tim Düsterhus [Mon, 2 Nov 2020 13:41:30 +0000 (14:41 +0100)]
Integrate multifactor into AccountSecurityPage
Tim Düsterhus [Mon, 2 Nov 2020 13:32:58 +0000 (14:32 +0100)]
Add wcf1_user_multifactor
Tim Düsterhus [Mon, 2 Nov 2020 13:28:58 +0000 (14:28 +0100)]
Add com.woltlab.wcf.multifactor.totp objectType
Tim Düsterhus [Mon, 2 Nov 2020 13:26:52 +0000 (14:26 +0100)]
Add com.woltlab.wcf.multifactor objectTypeDefinition
Tim Düsterhus [Mon, 9 Nov 2020 13:13:28 +0000 (14:13 +0100)]
Multifactor Authentication: Integration branch
Tim Düsterhus [Tue, 10 Nov 2020 14:14:20 +0000 (15:14 +0100)]
Add parent for AccountSecurity in page.xml
Tim Düsterhus [Tue, 10 Nov 2020 08:29:25 +0000 (09:29 +0100)]
Add missing import to update_com.woltlab.wcf_5.4_db.php
Alexander Ebert [Mon, 9 Nov 2020 18:14:20 +0000 (19:14 +0100)]
Merge pull request #3709 from WoltLab/54-typescript-i18n
Convert i18n modules to TypeScript
Alexander Ebert [Mon, 9 Nov 2020 18:13:54 +0000 (19:13 +0100)]
Merge pull request #3705 from WoltLab/54-typescript-upload
Convert `Ui/File/Upload` to TypeScript
Alexander Ebert [Mon, 9 Nov 2020 18:13:16 +0000 (19:13 +0100)]
Merge pull request #3706 from WoltLab/54-remove-enquire
Remove enquire.js
Tim Düsterhus [Mon, 9 Nov 2020 16:04:53 +0000 (17:04 +0100)]
Remove extra space after class attribute in form builder containers
Tim Düsterhus [Mon, 9 Nov 2020 13:45:33 +0000 (14:45 +0100)]
Add proper return types to CryptoUtil
Tim Düsterhus [Mon, 9 Nov 2020 13:43:20 +0000 (14:43 +0100)]
Use constant time encoding in CryptoUtil
Tim Düsterhus [Mon, 9 Nov 2020 14:24:24 +0000 (15:24 +0100)]
Fix diff problem matcher
Matthias Schmidt [Mon, 9 Nov 2020 13:10:31 +0000 (14:10 +0100)]
Merge branch '5.3'
Matthias Schmidt [Mon, 9 Nov 2020 13:08:28 +0000 (14:08 +0100)]
Merge branch '5.2' into 5.3
Matthias Schmidt [Mon, 9 Nov 2020 13:08:14 +0000 (14:08 +0100)]
Fix deleting obsolete nodes in form builder dependeny manager
Matthias Schmidt [Mon, 9 Nov 2020 12:43:58 +0000 (13:43 +0100)]
Remove obsolete code for update from 2.1 to 3.0 (#3710)
See
96ad3d1dfbda38394a8a31b6fff5839428719106
WoltLab [Mon, 9 Nov 2020 12:41:51 +0000 (12:41 +0000)]
Updating minified JavaScript files
Tim Düsterhus [Mon, 9 Nov 2020 12:00:02 +0000 (13:00 +0100)]
Fix WCFSetup
Alexander Ebert [Sun, 8 Nov 2020 18:19:49 +0000 (19:19 +0100)]
Merge branch '5.2' into 5.3
Alexander Ebert [Sun, 8 Nov 2020 18:19:34 +0000 (19:19 +0100)]
Merge branch '3.1' into 5.2
Alexander Ebert [Sun, 8 Nov 2020 18:19:17 +0000 (19:19 +0100)]
Obsolete exclusion of the old ACP catpcha
This route does not exist anymore since WoltLab Suite 3.0.
Alexander Ebert [Sun, 8 Nov 2020 18:04:00 +0000 (19:04 +0100)]
Convert `Language/Text` to TypeScript
Alexander Ebert [Sun, 8 Nov 2020 14:04:17 +0000 (15:04 +0100)]
Convert `Language/Input` to TypeScript
Alexander Ebert [Sat, 7 Nov 2020 23:40:23 +0000 (00:40 +0100)]
Convert `Language/Chooser` to TypeScript
Alexander Ebert [Sat, 7 Nov 2020 18:57:18 +0000 (19:57 +0100)]
Remove enquire.js
Alexander Ebert [Sat, 7 Nov 2020 18:32:48 +0000 (19:32 +0100)]
Convert `Ui/File/Upload` to TypeScript
Matthias Schmidt [Sat, 7 Nov 2020 11:53:50 +0000 (12:53 +0100)]
Add button form field and is not clicked condition
* Add button form field
Close #3693
* Add public method to submit `Ui/Dialog`
* Support additional submit buttons in `Form/Builder/Dialog`
* Support `ButtonFormField` in AJAX forms
* Fix identifier of data processor in `ButtonFormField`
* Fix data processor for `ButtonFormField`
* Add condition for form builder buttons not being clicked
* Simplify button form field-related TypeScript code
Co-authored-by: Alexander Ebert <ebert@woltlab.com>
* Add missing semicolon
* Unify condition to checked if form field button has been clicked
Co-authored-by: Alexander Ebert <ebert@woltlab.com>
Matthias Schmidt [Sat, 7 Nov 2020 09:17:01 +0000 (10:17 +0100)]
Merge branch '5.3'
Matthias Schmidt [Sat, 7 Nov 2020 09:15:35 +0000 (10:15 +0100)]
Merge branch '5.2' into 5.3
Matthias Schmidt [Sat, 7 Nov 2020 09:15:20 +0000 (10:15 +0100)]
Fix deleting obsolete nodes in form builder dependeny manager
Alexander Ebert [Fri, 6 Nov 2020 17:13:33 +0000 (18:13 +0100)]
Merge pull request #3700 from WoltLab/54-typescript-comment
Convert the comment (response) modules to TypeScript
Alexander Ebert [Fri, 6 Nov 2020 16:44:33 +0000 (17:44 +0100)]
Use `WeakSet` to track elements
Alexander Ebert [Fri, 6 Nov 2020 16:41:36 +0000 (17:41 +0100)]
Merge pull request #3697 from WoltLab/promote-owner-remove
Remove the owner group promotion functionality
Tim Düsterhus [Fri, 6 Nov 2020 08:45:05 +0000 (09:45 +0100)]
Remove the owner group promotion functionality
By now every instance should have an owner group.
Tim Düsterhus [Fri, 6 Nov 2020 16:22:07 +0000 (17:22 +0100)]
Fix filenames of 5.3 -> 5.4 update scripts
Joshua Rüsweg [Fri, 6 Nov 2020 16:00:10 +0000 (17:00 +0100)]
Use constant time encoding / decoding of security critical code (#3699)
* Use `Hex::decode` to convert hex2bin
Previously we used the internal PHP function `hex2bin` which has the problem with cache-timing leaks. The Hex class converts the given string without cache-timing leaks.
* Use `Hex::encode` to convert bin2hex
Previously we used the internal PHP function `bin2hex` which has the problem with cache-timing leaks. The Hex class converts the given string without cache-timing leaks.
Alexander Ebert [Fri, 6 Nov 2020 15:54:50 +0000 (16:54 +0100)]
Convert `Ui/Comment/Response/Edit` to TypeScript
Alexander Ebert [Fri, 6 Nov 2020 14:52:55 +0000 (15:52 +0100)]
Convert `Ui/Comment/Response/Add` to TypeScript
Matthias Schmidt [Fri, 6 Nov 2020 14:24:44 +0000 (15:24 +0100)]
Move types dev dependencies to normal dependencies
Matthias Schmidt [Fri, 6 Nov 2020 13:45:07 +0000 (14:45 +0100)]
Fix storing ids in `Ui/Dialog` elements
See
b6b1bdd4461e8a841b3d0aff02043aef5acceb3a
Alexander Ebert [Fri, 6 Nov 2020 12:35:15 +0000 (13:35 +0100)]
Convert `Ui/Comment/Edit` to TypeScript
Alexander Ebert [Fri, 6 Nov 2020 12:02:10 +0000 (13:02 +0100)]
Convert `Ui/Comment/Add` to TypeScript
Alexander Ebert [Fri, 6 Nov 2020 11:46:53 +0000 (12:46 +0100)]
Merge pull request #3696 from WoltLab/54-typescript-message
Convert message modules to TypeScript
Alexander Ebert [Fri, 6 Nov 2020 11:28:59 +0000 (12:28 +0100)]
Outdated JS files
Alexander Ebert [Fri, 6 Nov 2020 11:24:15 +0000 (12:24 +0100)]
Use the twitter definitions and cleaned up the code
Tim Düsterhus [Fri, 6 Nov 2020 09:04:40 +0000 (10:04 +0100)]
Avoid using PasswordUtil
Tim Düsterhus [Fri, 6 Nov 2020 08:57:13 +0000 (09:57 +0100)]
Replace use MathUtil::getRandomValue() by random_int()
Tim Düsterhus [Fri, 6 Nov 2020 08:49:48 +0000 (09:49 +0100)]
Remove legacy auto login remains from AccountManagementForm
Alexander Ebert [Thu, 5 Nov 2020 22:22:43 +0000 (23:22 +0100)]
Use the native click event if available
Alexander Ebert [Thu, 5 Nov 2020 22:22:06 +0000 (23:22 +0100)]
Merge branch '5.3'
Alexander Ebert [Thu, 5 Nov 2020 22:20:36 +0000 (23:20 +0100)]
Convert `Ui/Message/Replay` to TypeScript
Marcel Werk [Thu, 5 Nov 2020 22:05:51 +0000 (23:05 +0100)]
Merge branch '5.2' into 5.3
Marcel Werk [Thu, 5 Nov 2020 22:05:15 +0000 (23:05 +0100)]
Use native click event if available
Alexander Ebert [Thu, 5 Nov 2020 19:05:04 +0000 (20:05 +0100)]
Convert `Controller/Captcha` to TypeScript
This module was intentionally kept as an object instead of simple function exports because of the `delete()` function being a reserved keyword.
Alexander Ebert [Thu, 5 Nov 2020 18:44:31 +0000 (19:44 +0100)]
Convert `Ui/Message/TwitterEmbed` to TypeScript
Marcel Werk [Thu, 5 Nov 2020 17:21:09 +0000 (18:21 +0100)]
Replaced <b> tags with <strong>
Alexander Ebert [Thu, 5 Nov 2020 17:20:09 +0000 (18:20 +0100)]
Convert `Ui/Message/UserConsent` to TypeScript
Alexander Ebert [Thu, 5 Nov 2020 17:07:54 +0000 (18:07 +0100)]
Convert `Ui/Message/Share` to TypeScript
Alexander Ebert [Thu, 5 Nov 2020 16:56:51 +0000 (17:56 +0100)]
Merge branch 'master' into 54-typescript-message
Alexander Ebert [Thu, 5 Nov 2020 16:34:23 +0000 (17:34 +0100)]
Merge pull request #3695 from WoltLab/54-typescript-redactor
Convert modules for Redactor to TypeScript
Alexander Ebert [Thu, 5 Nov 2020 16:27:36 +0000 (17:27 +0100)]
Filter the keys in `localStorage` before processing them
Alexander Ebert [Thu, 5 Nov 2020 16:26:03 +0000 (17:26 +0100)]
Slightly modified the `prism-meta.js` to satisfy Prettier
Alexander Ebert [Thu, 5 Nov 2020 16:20:27 +0000 (17:20 +0100)]
Convert `Ui/Message/Manager` to TypeScript
Tim Düsterhus [Thu, 5 Nov 2020 10:46:15 +0000 (11:46 +0100)]
Add paragonie/constant_time_encoding composer dependency
Alexander Ebert [Thu, 5 Nov 2020 15:09:06 +0000 (16:09 +0100)]
Convert `Ui/Message/InlineEditor` to TypeScript
Alexander Ebert [Thu, 5 Nov 2020 12:53:29 +0000 (13:53 +0100)]
Simplified code for better readability
Alexander Ebert [Thu, 5 Nov 2020 10:41:09 +0000 (11:41 +0100)]
Improved the code readability
Alexander Ebert [Thu, 5 Nov 2020 10:10:25 +0000 (11:10 +0100)]
Convert `Ui/Redactor/Table` to TypeScript
Alexander Ebert [Thu, 5 Nov 2020 09:50:47 +0000 (10:50 +0100)]
Convert `Ui/Redactor/Spoiler` to TypeScript
Alexander Ebert [Wed, 4 Nov 2020 23:48:30 +0000 (00:48 +0100)]
Convert `Ui/Redactor/Quote` to TypeScript