diff options
| author | Dylan William Hardison <dylan@hardison.net> | 2017-09-19 17:46:25 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2017-09-19 17:46:25 +0200 |
| commit | 5abefb689bc17dc26e747164f9251926faade358 (patch) | |
| tree | 9675fb0d20e51c5a908eb99cef8af62407b7d1e8 | |
| parent | 251dcb33528c771dcb7e6793b6611aa2436f4bbe (diff) | |
| download | bugzilla-5abefb689bc17dc26e747164f9251926faade358.tar.gz bugzilla-5abefb689bc17dc26e747164f9251926faade358.tar.xz | |
Bug 1400419 - Direct GitHub-auth'd users that are required to use 2FA to issue a password reset
| -rw-r--r-- | Bugzilla.pm | 3 | ||||
| -rw-r--r-- | js/account.js | 13 | ||||
| -rw-r--r-- | template/en/default/account/prefs/mfa.html.tmpl | 22 |
3 files changed, 33 insertions, 5 deletions
diff --git a/Bugzilla.pm b/Bugzilla.pm index 96eff5df2..9234243f7 100644 --- a/Bugzilla.pm +++ b/Bugzilla.pm @@ -407,13 +407,14 @@ sub login { my $grace_period = Bugzilla->params->{mfa_group_grace_period}; my $expired = defined $date && $date < DateTime->now; my $on_mfa_page = $cgi->script_name eq '/userprefs.cgi' && $cgi->param('tab') eq 'mfa'; + my $on_token_page = $cgi->script_name eq '/token.cgi'; Bugzilla->request_cache->{mfa_warning} = 1; Bugzilla->request_cache->{mfa_grace_period_expired} = $expired; Bugzilla->request_cache->{on_mfa_page} = $on_mfa_page; if ( $grace_period == 0 || $expired) { - if (!$on_mfa_page) { + if ( !( $on_mfa_page || $on_token_page ) ) { print Bugzilla->cgi->redirect("userprefs.cgi?tab=mfa"); exit; } diff --git a/js/account.js b/js/account.js index c5557aa41..8642cadbd 100644 --- a/js/account.js +++ b/js/account.js @@ -287,7 +287,18 @@ $(function() { }); if ($('#mfa-action').length) { - $('#update').attr('disabled', true); + if ($("#mfa-action").data('nopassword')) { + $('#update') + .attr('disabled', false) + .val("Reset Password") + .click(function(event) { + event.preventDefault(); + $('#forgot-form').submit(); + }); + } + else { + $("#update").attr('disabled', true); + } } // api-key diff --git a/template/en/default/account/prefs/mfa.html.tmpl b/template/en/default/account/prefs/mfa.html.tmpl index 99a4b0f2a..482832f63 100644 --- a/template/en/default/account/prefs/mfa.html.tmpl +++ b/template/en/default/account/prefs/mfa.html.tmpl @@ -7,6 +7,13 @@ #%] [% SET MFA_HOWTO = "https://wiki.mozilla.org/BMO/UserGuide/Two-Factor_Authentication" %] +[% tab_footer = BLOCK %] + <form action="token.cgi" method="post" id="forgot-form"> + <input type="hidden" name="loginname" value="[% user.login FILTER html %]"> + <input type="hidden" name="a" value="reqpw"> + <input type="hidden" name="token" value="[% issue_hash_token(['reqpw']) FILTER html %]"> + </form> +[% END %] [% IF NOT Bugzilla.feature('mfa') %] <input type="hidden" name="mfa_action" id="mfa-action" value=""> @@ -16,10 +23,19 @@ [% RETURN %] [% END %] [% IF user.cryptpassword == '*' %] - <input type="hidden" name="mfa_action" id="mfa-action" value=""> + <input type="hidden" name="mfa_action" id="mfa-action" value="" data-nopassword="true"> + [% IF Bugzilla.request_cache.mfa_warning %] + <p> + Your account requires Two-Factor authentication to be configured before you can use [% terms.Bugzilla %] + </p> + [% END %] + <p> + Before you can enable two-factor authentication you must set a password on your account. + To do this on your account please click on "Reset Password"; + this will email you instructions to start the password reset process. + </p> <p> - Two-factor Authentication is not available on your account because you are - using an external authentication provider. + As part of this transition you will no longer be able to use GitHub to log in to [% terms.Bugzilla %]. </p> [% RETURN %] [% END %] |