diff options
| author | Shishkevich D. <135337715+shishkevichd@users.noreply.github.com> | 2025-07-02 12:25:25 +0300 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2025-07-02 12:25:25 +0300 |
| commit | 5d11e6e13f7254a72874dabee6c1cf4e81f5ec52 (patch) | |
| tree | 3e255de35ef4f9f4cb79daabaa7a696f10263dc1 /web | |
| parent | f3d0b92e4ab2737f96fea3d0f567fdc040c21acb (diff) | |
chore: reset two-factor authentication after changing admin credentials (#3029)
* chore: add `resetTwoFactor` argument for main.go
fixes #3025
* chore: reset two-factor authentication after changing admin credentials
* chore: reset two-factor authentication after changing admin credentials
---------
Co-authored-by: somebodywashere <68244480+somebodywashere@users.noreply.github.com>
Co-authored-by: Sanaei <ho3ein.sanaei@gmail.com>
Diffstat (limited to 'web')
| -rw-r--r-- | web/html/modals/two_factor_modal.html | 18 | ||||
| -rw-r--r-- | web/html/settings.html | 37 | ||||
| -rw-r--r-- | web/service/setting.go | 8 | ||||
| -rw-r--r-- | web/service/user.go | 10 | ||||
| -rw-r--r-- | web/translation/translate.ar_EG.toml | 2 | ||||
| -rw-r--r-- | web/translation/translate.en_US.toml | 2 | ||||
| -rw-r--r-- | web/translation/translate.es_ES.toml | 2 | ||||
| -rw-r--r-- | web/translation/translate.fa_IR.toml | 2 | ||||
| -rw-r--r-- | web/translation/translate.id_ID.toml | 2 | ||||
| -rw-r--r-- | web/translation/translate.ja_JP.toml | 2 | ||||
| -rw-r--r-- | web/translation/translate.pt_BR.toml | 2 | ||||
| -rw-r--r-- | web/translation/translate.ru_RU.toml | 2 | ||||
| -rw-r--r-- | web/translation/translate.tr_TR.toml | 2 | ||||
| -rw-r--r-- | web/translation/translate.uk_UA.toml | 2 | ||||
| -rw-r--r-- | web/translation/translate.vi_VN.toml | 2 | ||||
| -rw-r--r-- | web/translation/translate.zh_CN.toml | 2 | ||||
| -rw-r--r-- | web/translation/translate.zh_TW.toml | 2 |
17 files changed, 79 insertions, 20 deletions
diff --git a/web/html/modals/two_factor_modal.html b/web/html/modals/two_factor_modal.html index 7823485f..13d22a5e 100644 --- a/web/html/modals/two_factor_modal.html +++ b/web/html/modals/two_factor_modal.html @@ -15,8 +15,8 @@ <p>{{ i18n "pages.settings.security.twoFactorModalSecondStep" }}</p> <a-input v-model.trim="twoFactorModal.enteredCode" :style="{ width: '100%' }"></a-input> </template> - <template v-if="twoFactorModal.type === 'remove'"> - <p>{{ i18n "pages.settings.security.twoFactorModalRemoveStep" }}</p> + <template v-if="twoFactorModal.type === 'confirm'"> + <p>[[ twoFactorModal.description ]]</p> <a-input v-model.trim="twoFactorModal.enteredCode" :style="{ width: '100%' }"></a-input> </template> <template slot="footer"> @@ -32,6 +32,7 @@ <script> const twoFactorModal = { title: '', + description: '', fileName: '', token: '', enteredCode: '', @@ -45,17 +46,6 @@ ObjectUtil.execute(twoFactorModal.confirm, true) twoFactorModal.close() - - switch (twoFactorModal.type) { - case 'set': - Vue.prototype.$message['success']('{{ i18n "pages.settings.security.twoFactorModalSetSuccess" }}') - break; - case 'remove': - Vue.prototype.$message['success']('{{ i18n "pages.settings.security.twoFactorModalDeleteSuccess" }}') - break; - default: - break; - } } else { Vue.prototype.$message['error']('{{ i18n "pages.settings.security.twoFactorModalError" }}') } @@ -67,11 +57,13 @@ }, show: function ({ title = '', + description = '', token = '', type = 'set', confirm = (success) => { } }) { this.title = title; + this.description = description; this.token = token; this.visible = true; this.confirm = confirm; diff --git a/web/html/settings.html b/web/html/settings.html index 1c55ea81..c7fa9bd8 100644 --- a/web/html/settings.html +++ b/web/html/settings.html @@ -310,12 +310,30 @@ } }, async updateUser() { - this.loading(true); - const msg = await HttpUtil.post("/panel/setting/updateUser", this.user); - this.loading(false); - if (msg.success) { - this.user = {}; - window.location.replace(basePath + "logout"); + const sendUpdateUserRequest = async () => { + this.loading(true); + const msg = await HttpUtil.post("/panel/setting/updateUser", this.user); + this.loading(false); + if (msg.success) { + this.user = {}; + window.location.replace(basePath + "logout"); + } + } + + if (this.allSetting.twoFactorEnable) { + twoFactorModal.show({ + title: '{{ i18n "pages.settings.security.twoFactorModalChangeCredentialsTitle" }}', + description: '{{ i18n "pages.settings.security.twoFactorModalChangeCredentialsStep" }}', + token: this.allSetting.twoFactorToken, + type: 'confirm', + confirm: (success) => { + if (success) { + sendUpdateUserRequest(); + } + } + }) + } else { + sendUpdateUserRequest(); } }, async restartPanel() { @@ -353,6 +371,8 @@ type: 'set', confirm: (success) => { if (success) { + Vue.prototype.$message['success']('{{ i18n "pages.settings.security.twoFactorModalSetSuccess" }}') + this.allSetting.twoFactorToken = newTwoFactorToken } @@ -362,10 +382,13 @@ } else { twoFactorModal.show({ title: '{{ i18n "pages.settings.security.twoFactorModalDeleteTitle" }}', + description: '{{ i18n "pages.settings.security.twoFactorModalRemoveStep" }}', token: this.allSetting.twoFactorToken, - type: 'remove', + type: 'confirm', confirm: (success) => { if (success) { + Vue.prototype.$message['success']('{{ i18n "pages.settings.security.twoFactorModalDeleteSuccess" }}') + this.allSetting.twoFactorEnable = false this.allSetting.twoFactorToken = "" } diff --git a/web/service/setting.go b/web/service/setting.go index 62d66c11..868d55bc 100644 --- a/web/service/setting.go +++ b/web/service/setting.go @@ -322,10 +322,18 @@ func (s *SettingService) GetTwoFactorEnable() (bool, error) { return s.getBool("twoFactorEnable") } +func (s *SettingService) SetTwoFactorEnable(value bool) error { + return s.setBool("twoFactorEnable", value) +} + func (s *SettingService) GetTwoFactorToken() (string, error) { return s.getString("twoFactorToken") } +func (s *SettingService) SetTwoFactorToken(value string) error { + return s.setString("twoFactorToken", value) +} + func (s *SettingService) GetPort() (int, error) { return s.getInt("webPort") } diff --git a/web/service/user.go b/web/service/user.go index f0b04f52..ff5b8531 100644 --- a/web/service/user.go +++ b/web/service/user.go @@ -79,6 +79,16 @@ func (s *UserService) UpdateUser(id int, username string, password string) error return err } + twoFactorEnable, err := s.settingService.GetTwoFactorEnable() + if err != nil { + return err + } + + if twoFactorEnable { + s.settingService.SetTwoFactorEnable(false) + s.settingService.SetTwoFactorToken("") + } + return db.Model(model.User{}). Where("id = ?", id). Updates(map[string]any{"username": username, "password": hashedPassword}). diff --git a/web/translation/translate.ar_EG.toml b/web/translation/translate.ar_EG.toml index 50e1680f..e582c9cd 100644 --- a/web/translation/translate.ar_EG.toml +++ b/web/translation/translate.ar_EG.toml @@ -542,6 +542,8 @@ "twoFactorModalFirstStep" = "1. امسح رمز QR هذا في تطبيق المصادقة أو انسخ الرمز الموجود بجانب رمز QR والصقه في التطبيق" "twoFactorModalSecondStep" = "2. أدخل الرمز من التطبيق" "twoFactorModalRemoveStep" = "أدخل الرمز من التطبيق لإزالة المصادقة الثنائية." +"twoFactorModalChangeCredentialsTitle" = "تغيير بيانات الاعتماد" +"twoFactorModalChangeCredentialsStep" = "أدخل الرمز من التطبيق لتغيير بيانات اعتماد المسؤول." "twoFactorModalSetSuccess" = "تم إنشاء المصادقة الثنائية بنجاح" "twoFactorModalDeleteSuccess" = "تم حذف المصادقة الثنائية بنجاح" "twoFactorModalError" = "رمز خاطئ" diff --git a/web/translation/translate.en_US.toml b/web/translation/translate.en_US.toml index 33339fa7..3dea80dc 100644 --- a/web/translation/translate.en_US.toml +++ b/web/translation/translate.en_US.toml @@ -541,6 +541,8 @@ "twoFactorModalFirstStep" = "1. Scan this QR code in the app for authentication or copy the token near the QR code and paste it into the app" "twoFactorModalSecondStep" = "2. Enter the code from the app" "twoFactorModalRemoveStep" = "Enter the code from the application to remove two-factor authentication." +"twoFactorModalChangeCredentialsTitle" = "Change credentials" +"twoFactorModalChangeCredentialsStep" = "Enter the code from the application to change administrator credentials." "twoFactorModalSetSuccess" = "Two-factor authentication has been successfully established" "twoFactorModalDeleteSuccess" = "Two-factor authentication has been successfully deleted" "twoFactorModalError" = "Wrong code" diff --git a/web/translation/translate.es_ES.toml b/web/translation/translate.es_ES.toml index 0b8d009c..54b7d5b8 100644 --- a/web/translation/translate.es_ES.toml +++ b/web/translation/translate.es_ES.toml @@ -544,6 +544,8 @@ "twoFactorModalFirstStep" = "1. Escanea este código QR en la aplicación de autenticación o copia el token cerca del código QR y pégalo en la aplicación"
"twoFactorModalSecondStep" = "2. Ingresa el código de la aplicación"
"twoFactorModalRemoveStep" = "Ingresa el código de la aplicación para eliminar la autenticación de dos factores."
+"twoFactorModalChangeCredentialsTitle" = "Cambiar credenciales"
+"twoFactorModalChangeCredentialsStep" = "Ingrese el código de la aplicación para cambiar las credenciales del administrador."
"twoFactorModalSetSuccess" = "La autenticación de dos factores se ha establecido con éxito"
"twoFactorModalDeleteSuccess" = "La autenticación de dos factores se ha eliminado con éxito"
"twoFactorModalError" = "Código incorrecto"
diff --git a/web/translation/translate.fa_IR.toml b/web/translation/translate.fa_IR.toml index 9d53f47d..3861e7ef 100644 --- a/web/translation/translate.fa_IR.toml +++ b/web/translation/translate.fa_IR.toml @@ -544,6 +544,8 @@ "twoFactorModalFirstStep" = "1. این کد QR را در برنامه احراز هویت اسکن کنید یا توکن کنار کد QR را کپی کرده و در برنامه بچسبانید" "twoFactorModalSecondStep" = "2. کد را از برنامه وارد کنید" "twoFactorModalRemoveStep" = "برای حذف احراز هویت دو مرحلهای، کد را از برنامه وارد کنید." +"twoFactorModalChangeCredentialsTitle" = "تغییر اعتبارنامهها" +"twoFactorModalChangeCredentialsStep" = "برای تغییر اعتبارنامههای مدیر، کد را از برنامه وارد کنید." "twoFactorModalSetSuccess" = "احراز هویت دو مرحلهای با موفقیت برقرار شد" "twoFactorModalDeleteSuccess" = "احراز هویت دو مرحلهای با موفقیت حذف شد" "twoFactorModalError" = "کد نادرست" diff --git a/web/translation/translate.id_ID.toml b/web/translation/translate.id_ID.toml index f6a45b92..dbed4130 100644 --- a/web/translation/translate.id_ID.toml +++ b/web/translation/translate.id_ID.toml @@ -545,6 +545,8 @@ "twoFactorModalFirstStep" = "1. Pindai kode QR ini di aplikasi autentikasi atau salin token di dekat kode QR dan tempelkan ke aplikasi" "twoFactorModalSecondStep" = "2. Masukkan kode dari aplikasi" "twoFactorModalRemoveStep" = "Masukkan kode dari aplikasi untuk menghapus autentikasi dua faktor." +"twoFactorModalChangeCredentialsTitle" = "Ubah kredensial" +"twoFactorModalChangeCredentialsStep" = "Masukkan kode dari aplikasi untuk mengubah kredensial administrator." "twoFactorModalSetSuccess" = "Autentikasi dua faktor telah berhasil dibuat" "twoFactorModalDeleteSuccess" = "Autentikasi dua faktor telah berhasil dihapus" "twoFactorModalError" = "Kode salah" diff --git a/web/translation/translate.ja_JP.toml b/web/translation/translate.ja_JP.toml index fa5ed69a..0e50a2c8 100644 --- a/web/translation/translate.ja_JP.toml +++ b/web/translation/translate.ja_JP.toml @@ -544,6 +544,8 @@ "twoFactorModalFirstStep" = "1. 認証アプリでこのQRコードをスキャンするか、QRコード近くのトークンをコピーしてアプリに貼り付けます" "twoFactorModalSecondStep" = "2. アプリからコードを入力してください" "twoFactorModalRemoveStep" = "二段階認証を削除するには、アプリからコードを入力してください。" +"twoFactorModalChangeCredentialsTitle" = "認証情報の変更" +"twoFactorModalChangeCredentialsStep" = "管理者の認証情報を変更するには、アプリケーションからコードを入力してください。" "twoFactorModalSetSuccess" = "二要素認証が正常に設定されました" "twoFactorModalDeleteSuccess" = "二要素認証が正常に削除されました" "twoFactorModalError" = "コードが間違っています" diff --git a/web/translation/translate.pt_BR.toml b/web/translation/translate.pt_BR.toml index 1c6cadb0..5f13943e 100644 --- a/web/translation/translate.pt_BR.toml +++ b/web/translation/translate.pt_BR.toml @@ -544,6 +544,8 @@ "twoFactorModalFirstStep" = "1. Escaneie este QR code no aplicativo de autenticação ou copie o token próximo ao QR code e cole no aplicativo" "twoFactorModalSecondStep" = "2. Digite o código do aplicativo" "twoFactorModalRemoveStep" = "Digite o código do aplicativo para remover a autenticação de dois fatores." +"twoFactorModalChangeCredentialsTitle" = "Alterar credenciais" +"twoFactorModalChangeCredentialsStep" = "Insira o código do aplicativo para alterar as credenciais do administrador." "twoFactorModalSetSuccess" = "A autenticação de dois fatores foi estabelecida com sucesso" "twoFactorModalDeleteSuccess" = "A autenticação de dois fatores foi excluída com sucesso" "twoFactorModalError" = "Código incorreto" diff --git a/web/translation/translate.ru_RU.toml b/web/translation/translate.ru_RU.toml index bf3fb43a..ce40138c 100644 --- a/web/translation/translate.ru_RU.toml +++ b/web/translation/translate.ru_RU.toml @@ -544,6 +544,8 @@ "twoFactorModalFirstStep" = "1. Отсканируйте этот QR-код в приложении для аутентификации или скопируйте токен рядом с QR-кодом и вставьте его в приложение" "twoFactorModalSecondStep" = "2. Введите код из приложения" "twoFactorModalRemoveStep" = "Введите код из приложения, чтобы отключить двухфакторную аутентификацию." +"twoFactorModalChangeCredentialsTitle" = "Изменить учетные данные" +"twoFactorModalChangeCredentialsStep" = "Введите код из приложения, чтобы изменить учетные данные администратора." "twoFactorModalSetSuccess" = "Двухфакторная аутентификация была успешно установлена" "twoFactorModalDeleteSuccess" = "Двухфакторная аутентификация была успешно удалена" "twoFactorModalError" = "Неверный код" diff --git a/web/translation/translate.tr_TR.toml b/web/translation/translate.tr_TR.toml index 4ace318a..af9d1d19 100644 --- a/web/translation/translate.tr_TR.toml +++ b/web/translation/translate.tr_TR.toml @@ -544,6 +544,8 @@ "twoFactorModalFirstStep" = "1. Bu QR kodunu doğrulama uygulamasında tarayın veya QR kodunun yanındaki token'ı kopyalayıp uygulamaya yapıştırın" "twoFactorModalSecondStep" = "2. Uygulamadaki kodu girin" "twoFactorModalRemoveStep" = "İki adımlı doğrulamayı kaldırmak için uygulamadaki kodu girin." +"twoFactorModalChangeCredentialsTitle" = "Kimlik bilgilerini değiştir" +"twoFactorModalChangeCredentialsStep" = "Yönetici kimlik bilgilerini değiştirmek için uygulamadaki kodu girin." "twoFactorModalSetSuccess" = "İki faktörlü kimlik doğrulama başarıyla kuruldu" "twoFactorModalDeleteSuccess" = "İki faktörlü kimlik doğrulama başarıyla silindi" "twoFactorModalError" = "Yanlış kod" diff --git a/web/translation/translate.uk_UA.toml b/web/translation/translate.uk_UA.toml index a8eb81e2..7066ee49 100644 --- a/web/translation/translate.uk_UA.toml +++ b/web/translation/translate.uk_UA.toml @@ -544,6 +544,8 @@ "twoFactorModalFirstStep" = "1. Відскануйте цей QR-код у програмі для аутентифікації або скопіюйте токен біля QR-коду та вставте його в програму" "twoFactorModalSecondStep" = "2. Введіть код з програми" "twoFactorModalRemoveStep" = "Введіть код з програми, щоб вимкнути двофакторну аутентифікацію." +"twoFactorModalChangeCredentialsTitle" = "Змінити облікові дані" +"twoFactorModalChangeCredentialsStep" = "Введіть код з додатку, щоб змінити облікові дані адміністратора." "twoFactorModalSetSuccess" = "Двофакторна аутентифікація була успішно встановлена" "twoFactorModalDeleteSuccess" = "Двофакторна аутентифікація була успішно видалена" "twoFactorModalError" = "Невірний код" diff --git a/web/translation/translate.vi_VN.toml b/web/translation/translate.vi_VN.toml index da5b09a5..d4c95f79 100644 --- a/web/translation/translate.vi_VN.toml +++ b/web/translation/translate.vi_VN.toml @@ -544,6 +544,8 @@ "twoFactorModalFirstStep" = "1. Quét mã QR này trong ứng dụng xác thực hoặc sao chép mã token gần mã QR và dán vào ứng dụng"
"twoFactorModalSecondStep" = "2. Nhập mã từ ứng dụng"
"twoFactorModalRemoveStep" = "Nhập mã từ ứng dụng để xóa xác thực hai yếu tố."
+"twoFactorModalChangeCredentialsTitle" = "Thay đổi thông tin xác thực"
+"twoFactorModalChangeCredentialsStep" = "Nhập mã từ ứng dụng để thay đổi thông tin xác thực quản trị viên."
"twoFactorModalSetSuccess" = "Xác thực hai yếu tố đã được thiết lập thành công"
"twoFactorModalDeleteSuccess" = "Xác thực hai yếu tố đã được xóa thành công"
"twoFactorModalError" = "Mã sai"
diff --git a/web/translation/translate.zh_CN.toml b/web/translation/translate.zh_CN.toml index 7069c825..26cc3322 100644 --- a/web/translation/translate.zh_CN.toml +++ b/web/translation/translate.zh_CN.toml @@ -544,6 +544,8 @@ "twoFactorModalFirstStep" = "1. 在认证应用程序中扫描此QR码,或复制QR码附近的令牌并粘贴到应用程序中" "twoFactorModalSecondStep" = "2. 输入应用程序中的验证码" "twoFactorModalRemoveStep" = "输入应用程序中的验证码以移除双重认证。" +"twoFactorModalChangeCredentialsTitle" = "更改凭据" +"twoFactorModalChangeCredentialsStep" = "输入应用程序中的代码以更改管理员凭据。" "twoFactorModalSetSuccess" = "双因素认证已成功建立" "twoFactorModalDeleteSuccess" = "双因素认证已成功删除" "twoFactorModalError" = "验证码错误" diff --git a/web/translation/translate.zh_TW.toml b/web/translation/translate.zh_TW.toml index e933f4ce..0875cf47 100644 --- a/web/translation/translate.zh_TW.toml +++ b/web/translation/translate.zh_TW.toml @@ -546,6 +546,8 @@ "twoFactorModalFirstStep" = "1. 在認證應用程式中掃描此QR碼,或複製QR碼附近的令牌並貼到應用程式中" "twoFactorModalSecondStep" = "2. 輸入應用程式中的驗證碼" "twoFactorModalRemoveStep" = "輸入應用程式中的驗證碼以移除雙重認證。" +"twoFactorModalChangeCredentialsTitle" = "更改憑證" +"twoFactorModalChangeCredentialsStep" = "輸入應用程式中的代碼以更改管理員憑證。" "twoFactorModalSetSuccess" = "雙重身份驗證已成功建立" "twoFactorModalDeleteSuccess" = "雙重身份驗證已成功刪除" "twoFactorModalError" = "驗證碼錯誤" |