Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

2 fa #10

Open
wants to merge 199 commits into
base: master
Choose a base branch
from
Open

2 fa #10

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
199 commits
Select commit Hold shift + click to select a range
8f7b903
rename test to integration tests
keywan-ghadami-oxid Apr 30, 2021
8caf47d
Initial Commit
moritzdemmer Apr 14, 2021
4fb68c3
added hacked password check
moritzdemmer Apr 14, 2021
bc0f862
added password check
moritzdemmer Apr 14, 2021
f4f8ebe
added API Unit test
moritzdemmer Apr 14, 2021
69afe36
PSCORE-65 added own exception for "Passwort befindet sich bereits in …
moritzdemmer Apr 15, 2021
812e750
fixed some language issues
moritzdemmer Apr 16, 2021
58fff26
cleaned up the code
moritzdemmer Apr 16, 2021
b24e88d
added check when logging in
moritzdemmer Apr 19, 2021
a28317e
added possibility to deactivate api in the backend
moritzdemmer Apr 20, 2021
7c0ea29
renamed variables
moritzdemmer Apr 20, 2021
bdfe730
removed unecessary API lib
moritzdemmer Apr 20, 2021
be2e3b9
removed unecessary use
moritzdemmer Apr 20, 2021
6a8643a
improved code with dependency injection
moritzdemmer Apr 20, 2021
de3d4d0
fixed bug that password is checked for an unauthorized user
moritzdemmer Apr 20, 2021
a45d861
added dependencies in services.yaml
moritzdemmer Apr 20, 2021
ef9f747
removed settings check and added it in the DataBreach Validator Class
moritzdemmer Apr 21, 2021
8588743
renamed file names
moritzdemmer Apr 21, 2021
fa85fa1
added new validators
moritzdemmer Apr 21, 2021
363aade
added credentials api
moritzdemmer Apr 21, 2021
4845273
fixed registration bug (no error message)
moritzdemmer Apr 21, 2021
87c9e16
fixed unit tests
moritzdemmer Apr 22, 2021
f9898a6
added validators unit tests
moritzdemmer Apr 22, 2021
8792026
now loads the user so you can get the username all the time
moritzdemmer Apr 22, 2021
32d35f3
now testing credentials (password AND mail)
moritzdemmer Apr 22, 2021
401ad33
now doesnt check when an admin is logging in
moritzdemmer Apr 23, 2021
a709e6b
added better error message when resetting the password
moritzdemmer Apr 23, 2021
22076ad
in case of registration, get username via getRequestEscapedParameter(…
moritzdemmer Apr 27, 2021
b5486bd
added enzoic lib
moritzdemmer Apr 27, 2021
61bea85
fixed enzoic lib
moritzdemmer Apr 27, 2021
7baa7eb
fixed codestyle
moritzdemmer Apr 27, 2021
ad6be21
clean up
moritzdemmer Apr 27, 2021
710c11d
added haveibeenpwned password check
moritzdemmer Apr 27, 2021
d6d646f
added new module setting to deacitvate/activate haveIBeenPwned and En…
moritzdemmer Apr 27, 2021
fd38b05
fixed codestyle
moritzdemmer Apr 27, 2021
b48f705
now checking whether status of response is 200 (= password found)
moritzdemmer Apr 28, 2021
b13d892
removed return parent
moritzdemmer Apr 28, 2021
f9e9fe1
added settings validation of enzoic api
moritzdemmer Apr 28, 2021
7045974
fixed language
moritzdemmer Apr 29, 2021
06a561a
resets enzoic fields
moritzdemmer Apr 29, 2021
99fcc96
fixed little bug
moritzdemmer Apr 29, 2021
9decde0
refactoring unittests
keywan-ghadami-oxid Apr 30, 2021
3cdd344
new API key check with new lib
keywan-ghadami-oxid Apr 30, 2021
d21a2c8
fixed refactoring
moritzdemmer Apr 30, 2021
834e5cc
added new error code
moritzdemmer Apr 30, 2021
3fab3b6
changed exception handling
moritzdemmer Apr 30, 2021
637414d
set autowire to true
moritzdemmer May 3, 2021
9a2ff81
added github lib to composer.json
moritzdemmer May 3, 2021
16fa3a8
removed local git
moritzdemmer May 3, 2021
4f7353c
added rate limiting translations
moritzdemmer May 3, 2021
154b6ac
added rate limit to settings
moritzdemmer May 3, 2021
94de57e
added ugly rate limiting functionality
moritzdemmer May 3, 2021
b7a8579
now checking the rate limit before login
moritzdemmer May 3, 2021
f055dda
added credentials check in isPasswordKnown function, used dependency …
moritzdemmer May 5, 2021
26a5972
renamed files
moritzdemmer May 5, 2021
5dfa0d1
added rate limiting module settings
moritzdemmer May 5, 2021
d506555
fixed spelling mistake
moritzdemmer May 5, 2021
e4db46e
added rate limiting
moritzdemmer May 5, 2021
e881415
added missing var type
moritzdemmer May 5, 2021
c0801ec
fixed phpdocs
moritzdemmer May 5, 2021
97ec771
now logs when enzoic throws an error (not visible for user)
moritzdemmer May 5, 2021
91b009d
changed return type to RateLimiter Interface
moritzdemmer May 6, 2021
7dd97f4
now gets the selected ratelimiter from container
moritzdemmer May 6, 2021
69d67ba
added RateLimiter to services.yaml
moritzdemmer May 6, 2021
c5173a0
removed redis and predis from drivers
moritzdemmer May 7, 2021
b82783e
now only deactivates enzoic
moritzdemmer May 7, 2021
7072b50
temporary solution for admin users added
moritzdemmer May 7, 2021
6bc29fb
added password check translations for admin
moritzdemmer May 7, 2021
5df4699
removed checks for admin and used config from container
moritzdemmer May 7, 2021
4cc689a
added requirements for 2FA
moritzdemmer May 10, 2021
730c140
login checks not available for admins
moritzdemmer May 11, 2021
ab377b3
added translation for frontend
moritzdemmer May 11, 2021
88f12b0
added event
moritzdemmer May 11, 2021
5aa61f5
now adds new columns on activation for 2FA
moritzdemmer May 11, 2021
fdf3590
added 2fa code
moritzdemmer May 11, 2021
f5ae68c
added temporary code for 2FA
moritzdemmer May 11, 2021
29895e5
added 2FA registration
moritzdemmer May 17, 2021
303bfd5
renamed variables
moritzdemmer May 17, 2021
95843dd
added black border
moritzdemmer May 17, 2021
7a780e9
cleaned up code
moritzdemmer May 17, 2021
ca82a05
used user as label and active shop name as issuer
moritzdemmer May 17, 2021
3769707
added new translations
moritzdemmer May 17, 2021
1b84830
added new template block for 2FA checkbox
moritzdemmer May 17, 2021
d618e86
changed name of register controller
moritzdemmer May 18, 2021
81c6bd6
now using DI and renamed
moritzdemmer May 18, 2021
9780288
removed validator
moritzdemmer May 18, 2021
af7c7ce
renamed database entry
moritzdemmer May 18, 2021
fff5308
added POC 2FA Login
moritzdemmer May 18, 2021
c0e997f
renamed register template
moritzdemmer May 18, 2021
b54fdf0
cleaned up login
moritzdemmer May 18, 2021
82fd468
added session clean up (delete otp_secret after successfull registrat…
moritzdemmer May 18, 2021
5a32bfb
now deletes usr session
moritzdemmer May 18, 2021
1ee684d
added functionality so that qr doesnt get created again when user ent…
moritzdemmer May 18, 2021
5cf0d61
new translations
moritzdemmer May 18, 2021
acb204f
now autofocus the first text field
moritzdemmer May 18, 2021
7862b3b
changed get function name
moritzdemmer May 20, 2021
ea8847b
moved finalizeLogin/Registration from login controller to UserComponent
moritzdemmer May 20, 2021
1a0bf27
cleaned up code
moritzdemmer May 20, 2021
2307d52
added save setting cookie
moritzdemmer May 20, 2021
69b4f8c
added 2FA account setting
moritzdemmer May 20, 2021
f680e8e
renamed settings getter
moritzdemmer May 20, 2021
002430c
added option to deactivate/activate 2FA in my account section
moritzdemmer May 21, 2021
9eab4c4
now using DI container to get classes
moritzdemmer May 21, 2021
85a3cfe
changed translations
moritzdemmer May 21, 2021
91abee3
now checks when logging in whether user has 2FA enabled or not
moritzdemmer May 21, 2021
714bb81
moved file to new folder
moritzdemmer May 21, 2021
5b1521e
renamed new db entry to oxps
moritzdemmer May 21, 2021
61842bb
made sure that views will be regenerated after views update
moritzdemmer May 21, 2021
aed1318
setFullWidth to true (called by 3 FA templates for design purpose)
moritzdemmer May 21, 2021
8ee5905
added new translation
moritzdemmer May 21, 2021
c80c49f
changed 2FA template design
moritzdemmer May 21, 2021
a95fec3
cleaned up code
moritzdemmer May 25, 2021
562cc3d
added redirection to backup code page
moritzdemmer May 25, 2021
e65b679
removed function and replaced it with success variable
moritzdemmer May 25, 2021
2fd44d2
now removing backup code when resetting 2FA
moritzdemmer May 25, 2021
551a4a2
added success variable instead of getStatus function
moritzdemmer May 25, 2021
3de37e2
now adds oxpsbackupcode to database when activating the module
moritzdemmer May 25, 2021
3d4ceef
set background color to grey when loading page
moritzdemmer May 25, 2021
7995b94
added new translations
moritzdemmer May 25, 2021
efb7f55
styling changes
moritzdemmer May 25, 2021
3b29d9e
added backupcode page
moritzdemmer May 25, 2021
10a2b24
added css style file instead of a link
moritzdemmer May 26, 2021
ca192c7
added recovery funktionality in case 2FA is lost
moritzdemmer May 26, 2021
6b2bbb5
added new translations
moritzdemmer May 26, 2021
fb14a4b
added secret encryption
moritzdemmer May 27, 2021
30f9f72
random key will now be generated when activating the module in the co…
moritzdemmer May 27, 2021
a609614
using random_bytes instead of openssl
moritzdemmer May 27, 2021
d04ac9d
added decryption of secret
moritzdemmer May 28, 2021
efde80a
now checks next and previous OTP in case of different time
moritzdemmer Jun 3, 2021
c12b7ac
now prevents replay attacks
moritzdemmer Jun 7, 2021
ce75a02
fixed replay attacks
moritzdemmer Jun 7, 2021
9ed0d8b
fixed key generation
moritzdemmer Jun 11, 2021
69c8e5d
added new translations for EN
moritzdemmer Sep 28, 2021
bd08e62
Update passwordpolicy_lang.php
moritzdemmer Sep 28, 2021
f4b4a60
added 2FA to servicebox menu
moritzdemmer Sep 28, 2021
d3225b8
added 2FA to servicebox
moritzdemmer Sep 28, 2021
301f5ec
added english translation for admin
moritzdemmer Sep 28, 2021
439b5bb
capture edgecase if user secrete can not be stored
keywan-ghadami-oxid Sep 29, 2021
bbdfdec
only show 2FA in menu when logged in
moritzdemmer Sep 29, 2021
3254924
changed tailwind to own style
moritzdemmer Sep 29, 2021
0aa91e4
now redirects admin to password reset page in case his password is le…
moritzdemmer Sep 29, 2021
f2de3f7
changed style for OTP text fields
moritzdemmer Sep 30, 2021
7fb8a11
disabled admin password reset temporary
moritzdemmer Sep 30, 2021
65a2598
moved memcached to rate limiting settings
moritzdemmer Sep 30, 2021
3923995
changed language keys
moritzdemmer Sep 30, 2021
0c5aa81
added rate limiting to 2FA
moritzdemmer Sep 30, 2021
b4c328f
translation keys changed
moritzdemmer Sep 30, 2021
9ca108e
now checks whether the columns are already there
moritzdemmer Sep 30, 2021
9fcb58f
now checks when activating the feature for admins whether they have a…
moritzdemmer Sep 30, 2021
cad84fc
cleaning tmp folder when activating the module
moritzdemmer Sep 30, 2021
cf53d92
added functionality for admins
moritzdemmer Sep 30, 2021
958d26b
requires the modified enzoic lib
moritzdemmer Oct 1, 2021
2dd81c4
trying to add 2fA for backend
moritzdemmer Oct 6, 2021
f0dfbb1
totp im admin
keywan-ghadami-oxid Oct 6, 2021
256c224
little fix
moritzdemmer Oct 6, 2021
bb94e35
added 2FA for admin backend (only registration)
moritzdemmer Oct 6, 2021
8e64293
using random_int as a more secure way to generate backupcode
moritzdemmer Oct 7, 2021
931de53
fixed replay attack database entry
moritzdemmer Oct 13, 2021
fe48a17
adds rate limiting to verifyOTP method
moritzdemmer Oct 13, 2021
1b91c6d
added new translations
moritzdemmer Oct 13, 2021
068741d
added working 2FA login for admins
moritzdemmer Oct 13, 2021
4e44462
language changes
moritzdemmer Oct 13, 2021
3459f7c
style changes
moritzdemmer Oct 13, 2021
e8b5832
fix
moritzdemmer Oct 13, 2021
36b6378
added recovery functionality to admin
moritzdemmer Oct 13, 2021
8329a36
added recovery template for admin
moritzdemmer Oct 13, 2021
d2776e7
style changes
moritzdemmer Oct 13, 2021
b4a0a98
added language for my data
moritzdemmer Oct 13, 2021
b1c9bf4
style changes
moritzdemmer Oct 13, 2021
20aa5a3
fixxed anti replay attack for admin
moritzdemmer Oct 13, 2021
67385bc
now takes language keys from frontend & backend
moritzdemmer Oct 14, 2021
95d15ff
added new (non working) admin password forgot controller and templates
moritzdemmer Oct 14, 2021
1886403
displays error messages when logging in
moritzdemmer Oct 14, 2021
b2154c3
added 2 new content messages for password forgot mail
moritzdemmer Oct 14, 2021
380fad9
added demo password recovery
moritzdemmer Oct 14, 2021
ab3340d
small language changes
moritzdemmer Oct 14, 2021
b923bf7
added new controller and templates
moritzdemmer Oct 14, 2021
281bc7c
design changes
moritzdemmer Oct 15, 2021
fd6bc43
fix
moritzdemmer Oct 15, 2021
c0525d4
removed forgot pwd mail tpl
moritzdemmer Oct 15, 2021
d744ed1
textbox fixed
moritzdemmer Oct 18, 2021
7e22aa0
now redirects to 2FA incase password is resetted
moritzdemmer Oct 18, 2021
1a970c2
if 2FA is disabled in admin, its skipped when logging in
moritzdemmer Oct 18, 2021
8a5d898
admins can now deactivate 2FA for individual users
moritzdemmer Oct 18, 2021
748eb04
added validation from frontend
moritzdemmer Oct 20, 2021
2a7cc78
added passwort strength indicator to backend
moritzdemmer Oct 20, 2021
0a19c39
prevents submitting when error messages still exist
moritzdemmer Oct 20, 2021
d3224fe
code style fixxes
moritzdemmer Oct 20, 2021
d7e5d1a
codestyle fixes
moritzdemmer Oct 22, 2021
5f75e33
fixed codestyle
moritzdemmer Oct 22, 2021
28726e3
renamed constant
moritzdemmer Oct 22, 2021
f57fe54
fixed codestyle
moritzdemmer Oct 22, 2021
f9a16ed
renamed variables
moritzdemmer Oct 22, 2021
ab38bc2
fixed language error
moritzdemmer Oct 22, 2021
2358ac8
admin login box style changes [temporary]
moritzdemmer Oct 25, 2021
f306be3
saving is now disabled when 2FA is deactivated for admins
moritzdemmer Oct 25, 2021
970db27
now shows 2FA disabled when its deactivated in module settings
moritzdemmer Oct 25, 2021
be248f0
code clean up
moritzdemmer Oct 26, 2021
4cee62e
sets 2FA rate limiting to 5 per minute
moritzdemmer Oct 26, 2021
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
7 changes: 6 additions & 1 deletion composer.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,12 @@
"license": "GPL-3.0-only",
"require": {
"php": ">=7.3",
"ext-json": "*"
"ext-json": "*",
"moritzdemmer/enzoic": "dev-master",
"divineomega/password_exposed": "v3.2.0",
"nikolaposa/rate-limit": "dev-master",
"spomky-labs/otphp": "v10.0.1",
"bacon/bacon-qr-code": "v2.0.3"
},
"require-dev": {
"php-parallel-lint/php-parallel-lint": "^1.2",
Expand Down
7 changes: 3 additions & 4 deletions menu.xml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,10 +1,9 @@
<?xml version="1.0" encoding="UTF-8"?>
<OX>
<OXMENU id="NAVIGATION_ESHOPADMIN">
<MAINMENU id="mxuadmin">
<SUBMENU id="oxpspasswordpolicy" cl="admin_oxpspasswordpolicy">
<TAB id="oxpspasswordpolicy_main" cl="admin_oxpspasswordpolicy_main" />
<BTN id="oxpspasswordpolicy_save" />
<MAINMENU id="OXPS_PASSWORDPOLICY_TWOFACTORAUTH_MYDATA">
<SUBMENU id="OXPS_PASSWORDPOLICY_TWOFACTORAUTH_LOGIN" cl="admin_twofactoraccount">

</SUBMENU>
</MAINMENU>
</OXMENU>
Expand Down
119 changes: 115 additions & 4 deletions metadata.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -25,10 +25,36 @@
* Metadata version
*/

use OxidEsales\Eshop\Application\Component\UserComponent;
use OxidEsales\Eshop\Application\Controller\AccountPasswordController;
use OxidEsales\Eshop\Application\Controller\Admin\LoginController;
use OxidEsales\Eshop\Application\Controller\Admin\UserMain;
use OxidEsales\Eshop\Core\InputValidator;
use OxidEsales\Eshop\Core\ViewConfig;
use OxidEsales\Eshop\Application\Model\User;
use OxidEsales\Eshop\Application\Controller\Admin\ModuleConfiguration;
use OxidProfessionalServices\PasswordPolicy\Controller\Admin\PasswordPolicyForgotPasswordControllerAdmin;
use OxidProfessionalServices\PasswordPolicy\Controller\Admin\PasswordPolicyTwoFactorRecoveryAdmin;
use OxidProfessionalServices\PasswordPolicy\Component\PasswordPolicyUserComponent;
use OxidProfessionalServices\PasswordPolicy\Controller\Admin\PasswordPolicyAccountTOTPAdmin;
use OxidProfessionalServices\PasswordPolicy\Controller\Admin\PasswordPolicyLoginController;
use OxidProfessionalServices\PasswordPolicy\Controller\Admin\PasswordPolicyTwoFactorBackupCodeAdmin;
use OxidProfessionalServices\PasswordPolicy\Controller\Admin\PasswordPolicyTwoFactorLoginAdmin;
use OxidProfessionalServices\PasswordPolicy\Controller\Admin\PasswordPolicyTwoFactorRegisterAdmin;
use OxidProfessionalServices\PasswordPolicy\Controller\Admin\PasswordPolicyUserMain;
use OxidProfessionalServices\PasswordPolicy\Controller\PasswordPolicyAccountTOTP;
use OxidProfessionalServices\PasswordPolicy\Controller\PasswordPolicyTwoFactorConfirmation;
use OxidProfessionalServices\PasswordPolicy\Controller\PasswordPolicyTwoFactorBackupCode;
use OxidProfessionalServices\PasswordPolicy\Controller\Admin\PasswordPolicyTwoFactorConfirmationAdmin;
use OxidProfessionalServices\PasswordPolicy\Controller\PasswordPolicyTwoFactorRecovery;
use OxidProfessionalServices\PasswordPolicy\Controller\PasswordPolicyTwoFactorRegister;
use OxidProfessionalServices\PasswordPolicy\Controller\PasswordPolicyTwoFactorLogin;
use OxidProfessionalServices\PasswordPolicy\Core\PasswordPolicyLanguage;
use OxidProfessionalServices\PasswordPolicy\Core\PasswordPolicyValidator;
use OxidProfessionalServices\PasswordPolicy\Core\PasswordPolicyViewConfig;
use OxidProfessionalServices\PasswordPolicy\Controller\PasswordPolicyAccountPasswordController;
use OxidProfessionalServices\PasswordPolicy\Model\PasswordPolicyUser;
use OxidProfessionalServices\PasswordPolicy\Controller\Admin\PasswordPolicyModuleConfiguration;

$sMetadataVersion = '2.1';

Expand All @@ -52,10 +78,56 @@
'email' => '[email protected]',
'extend' => [
ViewConfig::class => PasswordPolicyViewConfig::class,
InputValidator::class => PasswordPolicyValidator::class
InputValidator::class => PasswordPolicyValidator::class,
AccountPasswordController::class => PasswordPolicyAccountPasswordController::class,
User::class => PasswordPolicyUser::class,
ModuleConfiguration::class => PasswordPolicyModuleConfiguration::class,
UserComponent::class => PasswordPolicyUserComponent::class,
LoginController::class => PasswordPolicyLoginController::class,
\OxidEsales\Eshop\Core\Language::class => PasswordPolicyLanguage::class,
UserMain::class => PasswordPolicyUserMain::class
],
'controllers' => [],
'controllers' => [
'twofactorregister' => PasswordPolicyTwoFactorRegister::class,
'twofactorlogin' => PasswordPolicyTwoFactorLogin::class,
'twofactoraccount' => PasswordPolicyAccountTOTP::class,
'twofactorconfirmation' => PasswordPolicyTwoFactorConfirmation::class,
'twofactorbackup' => PasswordPolicyTwoFactorBackupCode::class,
'twofactorrecovery' => PasswordPolicyTwoFactorRecovery::class,
'admin_twofactoraccount' => PasswordPolicyAccountTOTPAdmin::class,
'admin_twofactorregister' => PasswordPolicyTwoFactorRegisterAdmin::class,
'admin_twofactorconfirmation' => PasswordPolicyTwoFactorConfirmationAdmin::class,
'admin_twofactorbackup' => PasswordPolicyTwoFactorBackupCodeAdmin::class,
'admin_twofactorlogin' => PasswordPolicyTwoFactorLoginAdmin::class,
'admin_twofactorrecovery' => PasswordPolicyTwoFactorRecoveryAdmin::class,
'admin_forgotpwd' => PasswordPolicyForgotPasswordControllerAdmin::class,


],
'templates' => [
'twofactorregister.tpl' => 'oxps/passwordpolicy/views/tpl/twofactorregister.tpl',
'twofactorlogin.tpl' => 'oxps/passwordpolicy/views/tpl/twofactorlogin.tpl',
'twofactoraccount.tpl' => 'oxps/passwordpolicy/views/tpl/twofactoraccount.tpl',
'twofactorconfirmation.tpl' => 'oxps/passwordpolicy/views/tpl/twofactorconfirmation.tpl',
'twofactorbackupcode.tpl' => 'oxps/passwordpolicy/views/tpl/twofactorbackupcode.tpl',
'twofactorrecovery.tpl' => 'oxps/passwordpolicy/views/tpl/twofactorrecovery.tpl',
'admin_twofactoraccount.tpl' => 'oxps/passwordpolicy/views/admin/tpl/admin_twofactoraccount.tpl',
'admin_twofactorregister.tpl' => 'oxps/passwordpolicy/views/admin/tpl/admin_twofactorregister.tpl',
'admin_twofactorconfirmation.tpl' => 'oxps/passwordpolicy/views/admin/tpl/admin_twofactorconfirmation.tpl',
'admin_twofactorbackupcode.tpl' => 'oxps/passwordpolicy/views/admin/tpl/admin_twofactorbackupcode.tpl',
'admin_twofactorlogin.tpl' => 'oxps/passwordpolicy/views/admin/tpl/admin_twofactorlogin.tpl',
'admin_twofactorrecovery.tpl' => 'oxps/passwordpolicy/views/admin/tpl/admin_twofactorrecovery.tpl',
'message/errors.tpl' => 'oxps/passwordpolicy/views/admin/tpl/message/errors.tpl',
'message/error.tpl' => 'oxps/passwordpolicy/views/admin/tpl/message/error.tpl',
'email/html/forgotpwd.tpl' => 'oxps/passwordpolicy/views/admin/tpl/email/html/forgotpwd.tpl',
'email/html/header.tpl' => 'oxps/passwordpolicy/views/admin/tpl/email/html/header.tpl',
'email/html/footer.tpl' => 'oxps/passwordpolicy/views/admin/tpl/email/html/footer.tpl',
'email/plain/forgotpwd.tpl' => 'oxps/passwordpolicy/views/admin/tpl/email/plain/forgotpwd.tpl',
'forgotpwd.tpl' => 'oxps/passwordpolicy/views/admin/tpl/page/account/forgotpwd.tpl',
'layout/page.tpl' => 'oxps/passwordpolicy/views/admin/tpl/layout/page.tpl',
'form/forgotpwd_change_pwd.tpl' => 'oxps/passwordpolicy/views/admin/tpl/form/forgotpwd_change_pwd.tpl'


],
'blocks' => [
[
Expand All @@ -72,7 +144,32 @@
'template' => 'form/user_password.tpl',
'block' => 'user_account_password',
'file' => 'views/blocks/passwordpolicystrengthindicator.tpl',
]
],
[
'template' => 'form/fieldset/user_account.tpl',
'block' => 'user_account_newsletter',
'file' => 'views/blocks/user_account.tpl',
],
[
'template' => 'page/account/inc/account_menu.tpl',
'block' => 'account_menu',
'file' => 'views/blocks/account_menu.tpl',
],
[
'template' => 'widget/header/servicebox.tpl',
'block' => 'widget_header_servicebox_items',
'file' => 'views/blocks/servicebox.tpl',
],
[
'template' => 'user_main.tpl',
'block' => 'admin_user_main_form',
'file' => 'views/admin/blocks/user_main.tpl',
],
[
'template' => 'login.tpl',
'block' => 'admin_login_form',
'file' => 'views/admin/blocks/login.tpl',
],
],
'settings' => [
['group' => 'passwordpolicy', 'name' => 'oxpspasswordpolicyGoodPasswordLength', 'type' => 'num', 'value' => 12],
Expand All @@ -81,6 +178,20 @@
['group' => 'passwordpolicy_requirements', 'name' => 'oxpspasswordpolicyLowerCase', 'type' => 'bool', 'value' => true],
['group' => 'passwordpolicy_requirements', 'name' => 'oxpspasswordpolicySpecial', 'type' => 'bool', 'value' => true],
['group' => 'passwordpolicy_requirements', 'name' => 'oxpspasswordpolicyDigits', 'type' => 'bool', 'value' => true],
['group' => 'passwordpolicy_api', 'name' => 'oxpspasswordpolicyAPI', 'type' => 'bool', 'value' => true],
['group' => 'passwordpolicy_api', 'name' => 'oxpspasswordpolicyHaveIBeenPwned', 'type' => 'bool', 'value' => true],
['group' => 'passwordpolicy_api', 'name' => 'oxpspasswordpolicyEnzoic', 'type' => 'bool', 'value' => false],
['group' => 'passwordpolicy_api', 'name' => 'oxpspasswordpolicyEnzoicAPIKey', 'type' => 'str', 'value'=>''],
['group' => 'passwordpolicy_api', 'name' => 'oxpspasswordpolicyEnzoicSecretKey', 'type' => 'str', 'value'=>''],
['group' => 'passwordpolicy_ratelimiting', 'name' => 'oxpspasswordpolicyRateLimiting', 'type' => 'bool', 'value' => true],
['group' => 'passwordpolicy_ratelimiting', 'name' => 'oxpspasswordpolicyRateLimitingDrivers', 'type' => 'select', 'value' => 'APCu', 'constraints' => 'Memcached|APCu'],
['group' => 'passwordpolicy_ratelimiting', 'name' => 'oxpspasswordpolicyRateLimitingLimit', 'type' => 'num', 'value' => 60],
['group' => 'passwordpolicy_ratelimiting', 'name' => 'oxpspasswordpolicyMemcachedHost', 'type' => 'str', 'value' => 'memcached'],
['group' => 'passwordpolicy_ratelimiting', 'name' => 'oxpspasswordpolicyMemcachedPort', 'type' => 'num', 'value' => 11211],
['group' => 'passwordpolicy_twofactor', 'name' => 'oxpspasswordpolicyTOTP', 'type' => 'bool', 'value' => false],
['group' => 'passwordpolicy_admin', 'name' => 'oxpspasswordpolicyadmin', 'type' => 'bool', 'value' => false]
],
'events' => [],
'events' => array(
'onActivate' => 'OxidProfessionalServices\PasswordPolicy\Core\PasswordPolicyEvents::onActivate',
),
];
80 changes: 80 additions & 0 deletions out/src/css/style.css
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,80 @@
div.admin-login-box {
border: 0;
padding: 0;
border-radius: 0;
background: #fff;
box-shadow: 0 20px 40px rgba(0,0,0,0.1);
width: 340px;
top: 50%;
-ms-transform: translate(-50%, -50%);
transform: translate(-50%, -50%);
margin: auto;
height: unset;
right: unset;
bottom: unset;
left: 50%;
}

input.w-12 {
width: 3rem;
}


input.h-12 {
height: 3rem;
}


.flex {
display: flex;
}

.flex-col {
flex-direction: column;
}

.justify-center {
justify-content: center;
}

.sm\:justify-center {
justify-content: center;
}

.md\:justify-center {
justify-content: center;
}

.lg\:justify-center {
justify-content: center;
}

.xl\:justify-center {
justify-content: center;
}

.min-h-screen {
min-height: 100vh;
}

.sm\:min-h-screen {
min-height: 100vh;
}

.md\:min-h-screen {
min-height: 100vh;
}

.lg\:min-h-screen {
min-height: 100vh;
}

.xl\:min-h-screen {
min-height: 100vh;
}


.form-control:focus {
border-color: #74abb9 !important;
box-shadow: 0 0 5px rgb(102, 173, 217) !important;
}
88 changes: 88 additions & 0 deletions out/src/css/styles.css
View file
Open in desktop

Large diffs are not rendered by default.

46 changes: 46 additions & 0 deletions out/src/js/otpField.js
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,46 @@
const $otp_length = 6;

const element = document.getElementById('OTPInput');
for (let i = 0; i < $otp_length; i++) {
let inputField = document.createElement('input'); // Creates a new input element
inputField.className = "w-12 h-12 bg-light outline-none form-control m-2 text-center rounded";
inputField.style.cssText = "color: transparent; text-shadow: 0 0 0 gray;";
inputField.id = 'otp-field' + i;
inputField.maxLength = 1;
element.appendChild(inputField);
}

const inputs = document.querySelectorAll('#OTPInput > *[id]');
inputs[0].focus();
for (let i = 0; i < inputs.length; i++) {
inputs[i].addEventListener('keydown', function (event) {
if (event.key === "Backspace") {
inputs[i].value = '';
if (i !== 0) {
inputs[i - 1].focus();
}
} else if (event.key === "ArrowLeft" && i !== 0) {
inputs[i - 1].focus();
} else if (event.key === "ArrowRight" && i !== inputs.length - 1) {
inputs[i + 1].focus();
}
});
inputs[i].addEventListener('input', function () {
this.value = this.value.replace(/[^0-9.]/g, '').replace(/(\..*?)\..*/g, '$1');
if (i === inputs.length - 1 && inputs[i].value !== '') {
return true;
} else if (inputs[i].value !== '') {
inputs[i + 1].focus();
}
});

}

document.getElementById('accUserSaveTop').addEventListener("click", function () {
let compiledOtp = '';
for (let input of inputs) {
compiledOtp += input.value;
}
document.getElementById('otp').value = compiledOtp;
return true;
});
43 changes: 43 additions & 0 deletions services.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,43 @@
services:
OxidProfessionalServices\PasswordPolicy\Validators\PasswordPolicyValidatorsCollector:
class: OxidProfessionalServices\PasswordPolicy\Validators\PasswordPolicyValidatorsCollector
arguments:
$validators:
- '@OxidProfessionalServices\PasswordPolicy\Validators\PasswordPolicyPasswordLength'
- '@OxidProfessionalServices\PasswordPolicy\Validators\PasswordPolicyUpperLowerCase'
- '@OxidProfessionalServices\PasswordPolicy\Validators\PasswordPolicyDigits'
- '@OxidProfessionalServices\PasswordPolicy\Validators\PasswordPolicySpecialCharacter'
- '@OxidProfessionalServices\PasswordPolicy\Validators\PasswordPolicyDataBreach'
autowire: true
OxidProfessionalServices\PasswordPolicy\Validators\PasswordPolicyPasswordLength:
class: OxidProfessionalServices\PasswordPolicy\Validators\PasswordPolicyPasswordLength
autowire: true;
OxidProfessionalServices\PasswordPolicy\Validators\PasswordPolicyUpperLowerCase:
class: OxidProfessionalServices\PasswordPolicy\Validators\PasswordPolicyUpperLowerCase
autowire: true;
OxidProfessionalServices\PasswordPolicy\Validators\PasswordPolicyDigits:
class: OxidProfessionalServices\PasswordPolicy\Validators\PasswordPolicyDigits
autowire: true;
OxidProfessionalServices\PasswordPolicy\Validators\PasswordPolicySpecialCharacter:
class: OxidProfessionalServices\PasswordPolicy\Validators\PasswordPolicySpecialCharacter
autowire: true;
OxidProfessionalServices\PasswordPolicy\Validators\PasswordPolicyDataBreach:
class: OxidProfessionalServices\PasswordPolicy\Validators\PasswordPolicyDataBreach
autowire: true;
OxidProfessionalServices\PasswordPolicy\Core\PasswordPolicyConfig:
class: OxidProfessionalServices\PasswordPolicy\Core\PasswordPolicyConfig
autowire: true;
OxidProfessionalServices\PasswordPolicy\Api\PasswordCheck:
class: OxidProfessionalServices\PasswordPolicy\Api\PasswordCheck
autowire: true;
PasswordPolicyAPCu:
class: OxidProfessionalServices\PasswordPolicy\Factory\RateLimiter\PasswordPolicyAPCu
PasswordPolicyMemcached:
class: OxidProfessionalServices\PasswordPolicy\Factory\RateLimiter\PasswordPolicyMemcached
autowire: true;
DivineOmega\PasswordExposed\PasswordExposedChecker:
class: DivineOmega\PasswordExposed\PasswordExposedChecker
OxidProfessionalServices\PasswordPolicy\TwoFactorAuth\PasswordPolicyQrCodeRenderer:
class: OxidProfessionalServices\PasswordPolicy\TwoFactorAuth\PasswordPolicyQrCodeRenderer
OxidProfessionalServices\PasswordPolicy\TwoFactorAuth\PasswordPolicyTOTP:
class: OxidProfessionalServices\PasswordPolicy\TwoFactorAuth\PasswordPolicyTOTP
Loading