diff --git a/composer.json b/composer.json index 0ce8891..365c577 100644 --- a/composer.json +++ b/composer.json @@ -79,6 +79,9 @@ }, "fxp-asset": { "enabled": false + }, + "allow-plugins": { + "yiisoft/yii2-composer": true } }, "conflict": { diff --git a/docs/installation/configuration-options.md b/docs/installation/configuration-options.md index e95f165..3b9cf50 100644 --- a/docs/installation/configuration-options.md +++ b/docs/installation/configuration-options.md @@ -12,6 +12,24 @@ Setting this attribute will allow users to configure their login process with tw By default, Google Authenticator App for two-factor authentication cycles in periods of 30 seconds. In order to allow a bigger period so to avoid out of sync issues. +#### twoFactorAuthenticationForcedPermissions (type: `array`, default: `[]`) + +The list of permissions for which two factor authentication is mandatory. In order to perform the check in every action you must configure a filter into your config file like this: + +use Da\User\Filter\TwoFactorAuthenticationEnforceFilter; +... +'on beforeAction' => function() { + Yii::$app->controller->attachBehavior( + 'enforceTwoFactorAuthentication',[ + 'class' => TwoFactorAuthenticationEnforceFilter::class, + 'except' => ['login', 'logout', 'account', 'two-factor', 'two-factor-enable'], + ] + ); + }, +... +This will redirect the user to their account page until the two factor authentication is enabled. + + #### enableGdprCompliance (type: `boolean`, default: `false`) Setting this attribute enables a serie of measures to comply with EU GDPR regulation, like data consent, right to be forgotten and data portability. diff --git a/src/User/Controller/SecurityController.php b/src/User/Controller/SecurityController.php index 133dcb0..eb02d5e 100644 --- a/src/User/Controller/SecurityController.php +++ b/src/User/Controller/SecurityController.php @@ -1,6 +1,6 @@ @@ -116,17 +116,21 @@ class SecurityController extends Controller return $this->goHome(); } - /** @var LoginForm $form */ + /** + * @var LoginForm $form + */ $form = $this->make(LoginForm::class); - /** @var FormEvent $event */ + /** + * @var FormEvent $event + */ $event = $this->make(FormEvent::class, [$form]); if (Yii::$app->request->isAjax && $form->load(Yii::$app->request->post())) { Yii::$app->response->format = Response::FORMAT_JSON; $errors = ActiveForm::validate($form); - if(empty($errors)) { + if (empty($errors)) { return $errors; } $this->trigger(FormEvent::EVENT_FAILED_LOGIN, $event); @@ -135,9 +139,10 @@ class SecurityController extends Controller if ($form->load(Yii::$app->request->post())) { if ($this->module->enableTwoFactorAuthentication && $form->validate()) { - if ($form->getUser()->auth_tf_enabled) { + $user = $form->getUser(); + + if ($user->auth_tf_enabled) { Yii::$app->session->set('credentials', ['login' => $form->login, 'pwd' => $form->password]); - return $this->redirect(['confirm']); } } @@ -153,10 +158,7 @@ class SecurityController extends Controller return $this->goBack(); } - else - { - $this->trigger(FormEvent::EVENT_FAILED_LOGIN, $event); - } + $this->trigger(FormEvent::EVENT_FAILED_LOGIN, $event); } return $this->render( @@ -179,13 +181,17 @@ class SecurityController extends Controller } $credentials = Yii::$app->session->get('credentials'); - /** @var LoginForm $form */ + /** + * @var LoginForm $form + */ $form = $this->make(LoginForm::class); $form->login = $credentials['login']; $form->password = $credentials['pwd']; $form->setScenario('2fa'); - /** @var FormEvent $event */ + /** + * @var FormEvent $event + */ $event = $this->make(FormEvent::class, [$form]); if (Yii::$app->request->isAjax && $form->load(Yii::$app->request->post())) { @@ -245,4 +251,5 @@ class SecurityController extends Controller $this->make(SocialNetworkAccountConnectService::class, [$this, $client])->run(); } + } diff --git a/src/User/Controller/SettingsController.php b/src/User/Controller/SettingsController.php index 3b0aef3..0a010a5 100644 --- a/src/User/Controller/SettingsController.php +++ b/src/User/Controller/SettingsController.php @@ -1,6 +1,6 @@ @@ -119,7 +119,7 @@ class SettingsController extends Controller 'allow' => true, 'actions' => ['confirm'], 'roles' => ['?', '@'], - ], + ] ], ], ]; @@ -138,7 +138,11 @@ class SettingsController extends Controller $profile->link('user', Yii::$app->user->identity); } - /** @var ProfileEvent $event */ + /** + * + * + * @var ProfileEvent $event + */ $event = $this->make(ProfileEvent::class, [$profile]); $this->make(AjaxRequestModelValidator::class, [$profile])->validate(); @@ -170,9 +174,11 @@ class SettingsController extends Controller if (!$this->module->enableGdprCompliance) { throw new NotFoundHttpException(); } - return $this->render('privacy', [ + return $this->render( + 'privacy', [ 'module' => $this->module - ]); + ] + ); } /** @@ -189,7 +195,11 @@ class SettingsController extends Controller if (!$this->module->enableGdprCompliance) { throw new NotFoundHttpException(); } - /** @var GdprDeleteForm $form */ + /** + * + * + * @var GdprDeleteForm $form + */ $form = $this->make(GdprDeleteForm::class); $user = $form->getUser(); @@ -211,21 +221,25 @@ class SettingsController extends Controller $security = $this->make(SecurityHelper::class); $anonymReplacement = $this->module->gdprAnonymizePrefix . $user->id; - $user->updateAttributes([ + $user->updateAttributes( + [ 'email' => $anonymReplacement . "@example.com", 'username' => $anonymReplacement, 'gdpr_deleted' => 1, 'blocked_at' => time(), 'auth_key' => $security->generateRandomString() - ]); - $user->profile->updateAttributes([ + ] + ); + $user->profile->updateAttributes( + [ 'public_email' => $anonymReplacement . "@example.com", 'name' => $anonymReplacement, 'gravatar_email' => $anonymReplacement . "@example.com", 'location' => $anonymReplacement, 'website' => $anonymReplacement . ".tld", 'bio' => Yii::t('usuario', 'Deleted by GDPR request') - ]); + ] + ); } $this->trigger(GdprEvent::EVENT_AFTER_DELETE, $event); @@ -234,14 +248,20 @@ class SettingsController extends Controller return $this->goHome(); } - return $this->render('gdpr-delete', [ + return $this->render( + 'gdpr-delete', [ 'model' => $form, - ]); + ] + ); } public function actionGdprConsent() { - /** @var User $user */ + /** + * + * + * @var User $user + */ $user = Yii::$app->user->identity; if ($user->gdpr_consent) { return $this->redirect(['profile']); @@ -249,30 +269,37 @@ class SettingsController extends Controller $model = new DynamicModel(['gdpr_consent']); $model->addRule('gdpr_consent', 'boolean'); $model->addRule('gdpr_consent', 'default', ['value' => 0, 'skipOnEmpty' => false]); - $model->addRule('gdpr_consent', 'compare', [ + $model->addRule( + 'gdpr_consent', 'compare', [ 'compareValue' => true, 'message' => Yii::t('usuario', 'Your consent is required to work with this site'), 'when' => function () { return $this->module->enableGdprCompliance; }, - ]); + ] + ); if ($model->load(Yii::$app->request->post()) && $model->validate()) { - $user->updateAttributes([ + $user->updateAttributes( + [ 'gdpr_consent' => 1, 'gdpr_consent_date' => time(), - ]); + ] + ); return $this->redirect(['profile']); } - return $this->render('gdpr-consent', [ + return $this->render( + 'gdpr-consent', [ 'model' => $model, 'gdpr_consent_hint' => $this->module->getConsentMessage(), - ]); + ] + ); } /** * Exports the data from the current user in a mechanical readable format (csv). Properties exported can be defined * in the module configuration. + * * @throws NotFoundHttpException if gdpr compliance is not enabled * @throws \Exception * @throws \Throwable @@ -317,7 +344,11 @@ class SettingsController extends Controller public function actionAccount() { - /** @var SettingsForm $form */ + /** +* + * + * @var SettingsForm $form +*/ $form = $this->make(SettingsForm::class); $event = $this->make(UserEvent::class, [$form->getUser()]); @@ -384,7 +415,11 @@ class SettingsController extends Controller throw new NotFoundHttpException(Yii::t('usuario', 'Not found')); } - /** @var User $user */ + /** + * + * + * @var User $user + */ $user = Yii::$app->user->identity; $event = $this->make(UserEvent::class, [$user]); Yii::$app->user->logout(); @@ -400,7 +435,11 @@ class SettingsController extends Controller public function actionTwoFactor($id) { - /** @var User $user */ + /** + * + * + * @var User $user + */ $user = $this->userQuery->whereId($id)->one(); if (null === $user) { @@ -416,7 +455,11 @@ class SettingsController extends Controller { Yii::$app->response->format = Response::FORMAT_JSON; - /** @var User $user */ + /** + * + * + * @var User $user + */ $user = $this->userQuery->whereId($id)->one(); if (null === $user) { @@ -443,9 +486,13 @@ class SettingsController extends Controller public function actionTwoFactorDisable($id) { - /** @var User $user */ + /** + * + * + * @var User $user + */ $user = $this->userQuery->whereId($id)->one(); - + if (null === $user) { throw new NotFoundHttpException(); } @@ -464,7 +511,7 @@ class SettingsController extends Controller } /** - * @param $id + * @param $id * @throws ForbiddenHttpException * @throws NotFoundHttpException * @throws \Exception @@ -473,7 +520,11 @@ class SettingsController extends Controller */ protected function disconnectSocialNetwork($id) { - /** @var SocialNetworkAccount $account */ + /** + * + * + * @var SocialNetworkAccount $account + */ $account = $this->socialNetworkAccountQuery->whereId($id)->one(); if ($account === null) { diff --git a/src/User/Filter/TwoFactorAuthenticationEnforceFilter.php b/src/User/Filter/TwoFactorAuthenticationEnforceFilter.php new file mode 100644 index 0000000..d5e7e89 --- /dev/null +++ b/src/User/Filter/TwoFactorAuthenticationEnforceFilter.php @@ -0,0 +1,50 @@ + + * + * For the full copyright and license information, please view + * the LICENSE file that was distributed with this source code. + */ + +namespace Da\User\Filter; + +use Da\User\Model\User; +use Da\User\Module; +use Yii; +use yii\base\ActionFilter; +use Da\User\Traits\AuthManagerAwareTrait; + + +class TwoFactorAuthenticationEnforceFilter extends ActionFilter +{ + use AuthManagerAwareTrait; + + public function beforeAction($action) + { + /** @var Module $module */ + $module = Yii::$app->getModule('user'); + + $enableTwoFactorAuthentication = $module->enableTwoFactorAuthentication; + // If enableTwoFactorAuthentication is set to false do nothing + if (!$enableTwoFactorAuthentication) { + return parent::beforeAction($action); + } + + if (Yii::$app->user->isGuest) { + // Not our business + return parent::beforeAction($action); + } + + $permissions = $module->twoFactorAuthenticationForcedPermissions; + $itemsByUser = array_keys($this->getAuthManager()->getItemsByUser(Yii::$app->user->identity->id)); + if(!empty(array_intersect($permissions, $itemsByUser))){ + Yii::$app->session->setFlash('warning', Yii::t('usuario', 'Your role requires 2FA, you won\'t be able to use the application until you enable it')); + return Yii::$app->response->redirect(['/user/settings/account'])->send(); + } + + return parent::beforeAction($action); + } +} diff --git a/src/User/Module.php b/src/User/Module.php index f86c8da..05af05e 100644 --- a/src/User/Module.php +++ b/src/User/Module.php @@ -81,6 +81,10 @@ class Module extends BaseModule * @var bool whether to enable two factor authentication or not */ public $enableTwoFactorAuthentication = false; + /** + * @var array list of permissions for which two factor authentication is mandatory + */ + public $twoFactorAuthenticationForcedPermissions = []; /** * @var int cycles of key generation are set on 30 sec. To avoid sync issues, increased validity up to 60 sec. * @see http://2fa-library.readthedocs.io/en/latest/ diff --git a/src/User/resources/i18n/ca/usuario.php b/src/User/resources/i18n/ca/usuario.php index 0776a37..59af1ed 100644 --- a/src/User/resources/i18n/ca/usuario.php +++ b/src/User/resources/i18n/ca/usuario.php @@ -112,6 +112,7 @@ return [ 'Gravatar email' => '', 'Hello' => '', 'Here you can download your personal data in a comma separated values format.' => '', + 'I agree processing of my personal data and the use of cookies to facilitate the operation of this site. For more information read our {privacyPolicy}' => '', 'If you already registered, sign in and connect this account on settings page' => '', 'If you cannot click the link, please try pasting the text into your browser' => '', 'If you did not make this request you can ignore this email' => '', @@ -273,6 +274,11 @@ return [ 'Your password has expired, you must change it now' => '', 'Your personal information has been removed' => '', 'Your profile has been updated' => '', + 'Your role requires 2FA, you won\'t be able to use the application until you enable it' => '', + 'privacy policy' => '', + '{0, date, MMM dd, YYYY HH:mm}' => '', '{0, date, MMMM dd, YYYY HH:mm}' => '', '{0} cannot be blank.' => '', + 'Every user having your role has two factor authentication mandatory, you must enable it' => '@@@@', + 'Now you can resume the login process' => '@@@@', ]; diff --git a/src/User/resources/i18n/da/usuario.php b/src/User/resources/i18n/da/usuario.php index 0776a37..59af1ed 100644 --- a/src/User/resources/i18n/da/usuario.php +++ b/src/User/resources/i18n/da/usuario.php @@ -112,6 +112,7 @@ return [ 'Gravatar email' => '', 'Hello' => '', 'Here you can download your personal data in a comma separated values format.' => '', + 'I agree processing of my personal data and the use of cookies to facilitate the operation of this site. For more information read our {privacyPolicy}' => '', 'If you already registered, sign in and connect this account on settings page' => '', 'If you cannot click the link, please try pasting the text into your browser' => '', 'If you did not make this request you can ignore this email' => '', @@ -273,6 +274,11 @@ return [ 'Your password has expired, you must change it now' => '', 'Your personal information has been removed' => '', 'Your profile has been updated' => '', + 'Your role requires 2FA, you won\'t be able to use the application until you enable it' => '', + 'privacy policy' => '', + '{0, date, MMM dd, YYYY HH:mm}' => '', '{0, date, MMMM dd, YYYY HH:mm}' => '', '{0} cannot be blank.' => '', + 'Every user having your role has two factor authentication mandatory, you must enable it' => '@@@@', + 'Now you can resume the login process' => '@@@@', ]; diff --git a/src/User/resources/i18n/de-DU/usuario.php b/src/User/resources/i18n/de-DU/usuario.php index 4feceab..f3bffff 100644 --- a/src/User/resources/i18n/de-DU/usuario.php +++ b/src/User/resources/i18n/de-DU/usuario.php @@ -278,5 +278,8 @@ return [ 'Submit' => '', 'Unfortunately, you can not work with this site without giving us consent to process your data.' => '', 'Your consent is required to work with this site' => '', + 'Your role requires 2FA, you won\'t be able to use the application until you enable it' => '', 'A message has been sent to your email address. ' => '@@Eine Nachricht wurde an Deine E-Mail Adresse gesendet@@', + 'Every user having your role has two factor authentication mandatory, you must enable it' => '@@@@', + 'Now you can resume the login process' => '@@@@', ]; diff --git a/src/User/resources/i18n/de/usuario.php b/src/User/resources/i18n/de/usuario.php index c4ab007..3344d82 100644 --- a/src/User/resources/i18n/de/usuario.php +++ b/src/User/resources/i18n/de/usuario.php @@ -22,6 +22,7 @@ return [ 'A message has been sent to your email address. It contains a confirmation link that you must click to complete registration.' => 'Eine Nachricht wurde an Ihre E-Mail-Adresse gesendet. Sie enthält einen Bestätigungslink, den Sie anklicken müssen, um die Registrierung abzuschließen.', 'A new confirmation link has been sent' => 'Ein neuer Bestätigungslink wurde versendet', 'A password will be generated automatically if not provided' => 'Leer lassen, um automatisch ein Passwort zu generieren', + 'According to the European General Data Protection Regulation (GDPR) we need your consent to work with your personal data.' => 'Gemäß der europäischen Datenschutzgrundverordnung (DSGVO) benötigen wir Ihre Zustimmung, um mit Ihren personenbezogenen Daten zu arbeiten.', 'Account' => 'Konto', 'Account confirmation' => 'Kontobestätigung', 'Account details' => 'Kontodetails', @@ -82,6 +83,7 @@ return [ 'Credentials will be sent to the user by email' => 'Die Zugangsdaten werden dem Nutzer per E-Mail versendet', 'Current password' => 'Aktuelles Passwort', 'Current password is not valid' => 'Das aktuelle Passwort ist nicht korrekt', + 'Data privacy' => 'Datenschutz', 'Data processing consent' => 'Zustimmung zur Datenverarbeitung', 'Delete' => 'Löschen', 'Delete account' => 'Konto Löschen', @@ -187,6 +189,7 @@ return [ 'Sign in' => 'Anmelden', 'Sign up' => 'Registrieren', 'Something went wrong' => 'Etwas ist schief gelaufen', + 'Submit' => 'Absenden', 'Switch identities is disabled.' => 'Identitäten wechseln ist deaktiviert.', 'Thank you for signing up on {0}' => 'Danke für ihre Registrierung auf {0}', 'Thank you, registration is now complete.' => 'Danke, ihre Registrierung ist nun abgeschlossen.', @@ -221,6 +224,7 @@ return [ 'Unable to update block status.' => 'Konnte den Block-Status nicht ändern', 'Unblock' => 'Freischalten', 'Unconfirmed' => 'Unbestätigt', + 'Unfortunately, you can not work with this site without giving us consent to process your data.' => 'Leider können Sie nicht mit dieser Seite arbeiten, ohne uns die Zustimmung zur Verarbeitung Ihrer Daten zu geben.', 'Update' => 'Bearbeiten', 'Update assignments' => 'Zuweisung ändern', 'Update permission' => 'Berechtigung ändern', @@ -264,6 +268,7 @@ return [ 'Your account on {0} has been created' => 'Ihr Konto auf {0} wurde erstellt', 'Your confirmation token is invalid or expired' => 'Ihr Bestätigungstoken ist falsch oder abgelaufen', 'Your consent is required to register' => 'Sie müssen Ihre Zustimmung registrieren', + 'Your consent is required to work with this site' => 'Ihre Zustimmung ist erforderlich, um mit dieser Website zu arbeiten', 'Your email address has been changed' => 'Ihre E-Mail-Adresse wurde geändert', 'Your password has expired, you must change it now' => 'Ihr Passwort ist abgelaufen, Sie müssen es jetzt ändern', 'Your personal information has been removed' => 'Ihre persönlichen Daten wurden gelöscht', @@ -272,9 +277,8 @@ return [ '{0, date, MMM dd, YYYY HH:mm}' => '{0, date, dd. MMM YYYY, HH:mm}', '{0, date, MMMM dd, YYYY HH:mm}' => '{0, date, dd. MMMM YYYY, HH:mm}', '{0} cannot be blank.' => '{0} darf nicht leer sein.', - 'According to the European General Data Protection Regulation (GDPR) we need your consent to work with your personal data.' => 'Gemäß der europäischen Datenschutzgrundverordnung (DSGVO) benötigen wir Ihre Zustimmung, um mit Ihren personenbezogenen Daten zu arbeiten.', - 'Data privacy' => 'Datenschutz', - 'Submit' => 'Absenden', - 'Unfortunately, you can not work with this site without giving us consent to process your data.' => 'Leider können Sie nicht mit dieser Seite arbeiten, ohne uns die Zustimmung zur Verarbeitung Ihrer Daten zu geben.', - 'Your consent is required to work with this site' => 'Ihre Zustimmung ist erforderlich, um mit dieser Website zu arbeiten', + 'Information' => '', + 'Your role requires 2FA, you won\'t be able to use the application until you enable it' => '', + 'Every user having your role has two factor authentication mandatory, you must enable it' => '@@@@', + 'Now you can resume the login process' => '@@@@', ]; diff --git a/src/User/resources/i18n/es/usuario.php b/src/User/resources/i18n/es/usuario.php index ea4ebc9..d5cfe41 100644 --- a/src/User/resources/i18n/es/usuario.php +++ b/src/User/resources/i18n/es/usuario.php @@ -277,7 +277,10 @@ return [ '{0, date, MMMM dd, YYYY HH:mm}' => '{0, date, dd MMMM, YYYY HH:mm}', '{0} cannot be blank.' => '{0} no puede estar vacío.', 'Your consent is required to work with this site' => '', + 'Your role requires 2FA, you won\'t be able to use the application until you enable it' => '', '{0, date, MMM dd, YYYY HH:mm}' => '', 'An email has been sent with instructions for resetting your password' => '@@Se ha enviado un correo electrónico con instrucciones para restablecer su contraseña@@', + 'Every user having your role has two factor authentication mandatory, you must enable it' => '@@@@', + 'Now you can resume the login process' => '@@@@', 'Two factor authentication protects you against stolen credentials' => '@@La autenticación de dos factores le protege del robo de credenciales@@', ]; diff --git a/src/User/resources/i18n/et/usuario.php b/src/User/resources/i18n/et/usuario.php index 4d748bc..a873ba6 100644 --- a/src/User/resources/i18n/et/usuario.php +++ b/src/User/resources/i18n/et/usuario.php @@ -109,6 +109,7 @@ return [ 'Gravatar email' => 'Gravatari e-posti aadress', 'Hello' => 'Tere', 'Here you can download your personal data in a comma separated values format.' => 'Siit saad alla laadida sinuga seotud andmed CSV formaadis.', + 'I agree processing of my personal data and the use of cookies to facilitate the operation of this site. For more information read our {privacyPolicy}' => 'Nõusutn oma isikuandmete töötlemise ning küpsiste kasutamisega, et selle lehe kasutamiset hõlbustada. Lisainfot loe lehelt {privacyPolicy}.', 'If you already registered, sign in and connect this account on settings page' => 'Kui oled juba registreerunud, logi sisse ja ühenda see konto oma seadete lehel', 'If you cannot click the link, please try pasting the text into your browser' => 'Kui sa ei saa lingil klikkida, proovi see kleepida oma brausri aadressireale', 'If you did not make this request you can ignore this email' => 'Kui sa ei ole seda päringut tellinud, siis võid seda kirja ignoreerida', @@ -264,6 +265,7 @@ return [ 'Your password has expired, you must change it now' => 'Sinu parool on aegunud, pead seda uuendama.', 'Your personal information has been removed' => 'Sinu isiklikud andmed on kustutatud', 'Your profile has been updated' => 'Sinu profiil on uuendatud', + 'privacy policy' => 'privaatsuspoliitika', '{0} cannot be blank.' => '{0} ei või olla tühi.', 'According to the European General Data Protection Regulation (GDPR) we need your consent to work with your personal data.' => '', 'Authentication rule class {0} can not be instantiated' => '', @@ -274,8 +276,9 @@ return [ 'VKontakte' => '', 'Yandex' => '', 'Your consent is required to work with this site' => '', + 'Your role requires 2FA, you won\'t be able to use the application until you enable it' => '', '{0, date, MMM dd, YYYY HH:mm}' => '', '{0, date, MMMM dd, YYYY HH:mm}' => '', - 'I agree processing of my personal data and the use of cookies to facilitate the operation of this site. For more information read our {privacyPolicy}' => 'Nõusutn oma isikuandmete töötlemise ning küpsiste kasutamisega, et selle lehe kasutamiset hõlbustada. Lisainfot loe lehelt {privacyPolicy}.', - 'privacy policy' => 'privaatsuspoliitika', + 'Every user having your role has two factor authentication mandatory, you must enable it' => '@@@@', + 'Now you can resume the login process' => '@@@@', ]; diff --git a/src/User/resources/i18n/fa-IR/usuario.php b/src/User/resources/i18n/fa-IR/usuario.php index f262beb..c64df14 100644 --- a/src/User/resources/i18n/fa-IR/usuario.php +++ b/src/User/resources/i18n/fa-IR/usuario.php @@ -193,6 +193,7 @@ return [ 'Export my data' => '', 'Force password change at next login' => '', 'Here you can download your personal data in a comma separated values format.' => '', + 'I agree processing of my personal data and the use of cookies to facilitate the operation of this site. For more information read our {privacyPolicy}' => '', 'Impersonate this user' => '', 'In order to finish your registration, we need you to enter following fields' => '', 'Invalid password' => '', @@ -274,7 +275,12 @@ return [ 'Your consent is required to work with this site' => '', 'Your password has expired, you must change it now' => '', 'Your personal information has been removed' => '', + 'Your role requires 2FA, you won\'t be able to use the application until you enable it' => '', + 'privacy policy' => '', + '{0, date, MMM dd, YYYY HH:mm}' => '', '{0} cannot be blank.' => '', 'An email has been sent with instructions for resetting your password' => '@@ایمیلی حاوی راهنمایی برای تنظیم مجدد رمز عبور به شما ارسال شد@@', + 'Every user having your role has two factor authentication mandatory, you must enable it' => '@@@@', + 'Now you can resume the login process' => '@@@@', 'Registration ip' => '@@ای پی ثبت نام@@', ]; diff --git a/src/User/resources/i18n/fi/usuario.php b/src/User/resources/i18n/fi/usuario.php index 0776a37..59af1ed 100644 --- a/src/User/resources/i18n/fi/usuario.php +++ b/src/User/resources/i18n/fi/usuario.php @@ -112,6 +112,7 @@ return [ 'Gravatar email' => '', 'Hello' => '', 'Here you can download your personal data in a comma separated values format.' => '', + 'I agree processing of my personal data and the use of cookies to facilitate the operation of this site. For more information read our {privacyPolicy}' => '', 'If you already registered, sign in and connect this account on settings page' => '', 'If you cannot click the link, please try pasting the text into your browser' => '', 'If you did not make this request you can ignore this email' => '', @@ -273,6 +274,11 @@ return [ 'Your password has expired, you must change it now' => '', 'Your personal information has been removed' => '', 'Your profile has been updated' => '', + 'Your role requires 2FA, you won\'t be able to use the application until you enable it' => '', + 'privacy policy' => '', + '{0, date, MMM dd, YYYY HH:mm}' => '', '{0, date, MMMM dd, YYYY HH:mm}' => '', '{0} cannot be blank.' => '', + 'Every user having your role has two factor authentication mandatory, you must enable it' => '@@@@', + 'Now you can resume the login process' => '@@@@', ]; diff --git a/src/User/resources/i18n/fr/usuario.php b/src/User/resources/i18n/fr/usuario.php index 4118950..0126a73 100644 --- a/src/User/resources/i18n/fr/usuario.php +++ b/src/User/resources/i18n/fr/usuario.php @@ -110,6 +110,7 @@ return [ 'Gravatar email' => 'Email gravatar', 'Hello' => 'Bonjour', 'Here you can download your personal data in a comma separated values format.' => 'Ici vous pouvez télécharger vos données personnelles dans un format avec les données séparées par des virgules', + 'I agree processing of my personal data and the use of cookies to facilitate the operation of this site. For more information read our {privacyPolicy}' => 'J\'accepte le traitement de mes données personnelles et l\'utilisation de cookies pour faciliter le fonctionnement de ce site. Pour plus d\'information, lisez notre {privacyPolicy}', 'If you already registered, sign in and connect this account on settings page' => 'Si vous êtes déjà inscrit, connectez-vous et liez ce compte dans la page des réglages', 'If you cannot click the link, please try pasting the text into your browser' => 'Si vous ne parvenez pas à cliquer sur le lien, veuillez essayer de coller le texte dans votre navigateur', 'If you did not make this request you can ignore this email' => 'Si vous n\'avez pas fait cette demande, vous pouvez ignorer cet email', @@ -268,6 +269,7 @@ return [ 'Your password has expired, you must change it now' => 'Votre mot de passe a expiré, vous devez le renouveler maintenant', 'Your personal information has been removed' => 'Vos données personnelles ont été supprimées', 'Your profile has been updated' => 'Votre profil a été mis à jour', + 'privacy policy' => 'politique de confidentialité', '{0, date, MMMM dd, YYYY HH:mm}' => '{0, date, dd MMMM YYYY HH:mm}', '{0} cannot be blank.' => '{0} ne peut être vide.', 'According to the European General Data Protection Regulation (GDPR) we need your consent to work with your personal data.' => '', @@ -275,7 +277,8 @@ return [ 'Submit' => '', 'Unfortunately, you can not work with this site without giving us consent to process your data.' => '', 'Your consent is required to work with this site' => '', + 'Your role requires 2FA, you won\'t be able to use the application until you enable it' => '', '{0, date, MMM dd, YYYY HH:mm}' => '', - 'I agree processing of my personal data and the use of cookies to facilitate the operation of this site. For more information read our {privacyPolicy}' => 'J\'accepte le traitement de mes données personnelles et l\'utilisation de cookies pour faciliter le fonctionnement de ce site. Pour plus d\'information, lisez notre {privacyPolicy}', - 'privacy policy' => 'politique de confidentialité', + 'Every user having your role has two factor authentication mandatory, you must enable it' => '@@@@', + 'Now you can resume the login process' => '@@@@', ]; diff --git a/src/User/resources/i18n/hr/usuario.php b/src/User/resources/i18n/hr/usuario.php index 0776a37..59af1ed 100644 --- a/src/User/resources/i18n/hr/usuario.php +++ b/src/User/resources/i18n/hr/usuario.php @@ -112,6 +112,7 @@ return [ 'Gravatar email' => '', 'Hello' => '', 'Here you can download your personal data in a comma separated values format.' => '', + 'I agree processing of my personal data and the use of cookies to facilitate the operation of this site. For more information read our {privacyPolicy}' => '', 'If you already registered, sign in and connect this account on settings page' => '', 'If you cannot click the link, please try pasting the text into your browser' => '', 'If you did not make this request you can ignore this email' => '', @@ -273,6 +274,11 @@ return [ 'Your password has expired, you must change it now' => '', 'Your personal information has been removed' => '', 'Your profile has been updated' => '', + 'Your role requires 2FA, you won\'t be able to use the application until you enable it' => '', + 'privacy policy' => '', + '{0, date, MMM dd, YYYY HH:mm}' => '', '{0, date, MMMM dd, YYYY HH:mm}' => '', '{0} cannot be blank.' => '', + 'Every user having your role has two factor authentication mandatory, you must enable it' => '@@@@', + 'Now you can resume the login process' => '@@@@', ]; diff --git a/src/User/resources/i18n/hu/usuario.php b/src/User/resources/i18n/hu/usuario.php index f49f3ef..8c3a1f5 100644 --- a/src/User/resources/i18n/hu/usuario.php +++ b/src/User/resources/i18n/hu/usuario.php @@ -278,14 +278,17 @@ return [ 'Two factor authentication protects you in case of stolen credentials' => '', 'Unfortunately, you can not work with this site without giving us consent to process your data.' => '', 'Your consent is required to work with this site' => '', + 'Your role requires 2FA, you won\'t be able to use the application until you enable it' => '', 'A message has been sent to your email address. ' => '@@Üzenet érkezett az e-mail címedre.@@', 'An email has been sent with instructions for resetting your password' => '@@E-mailt küldtek a jelszó visszaállításával kapcsolatos utasításokkal@@', 'Awesome, almost there. ' => '@@Hurrá, majdnem kész.@@', 'Disable Two-Factor Auth' => '@@Letiltja a kétütemű hitelesítést@@', 'Enable Two-factor auth' => '@@Engedélyezze a kétütemű hitelesítést@@', + 'Every user having your role has two factor authentication mandatory, you must enable it' => '@@@@', 'I aggree processing of my personal data and the use of cookies to facilitate the operation of this site. For more information read our {privacyPolicy}' => '@@Aggregálom a személyes adataim feldolgozását és a cookie-k használatát a webhely működésének megkönnyítése érdekében. További információért olvassa el a {privacyPolicy}@@', 'Invalid two-factor code' => '@@Érvénytelen kétütemű kód@@', 'Last login' => '@@Utolsó bejelentkezés@@', + 'Now you can resume the login process' => '@@@@', 'This will disable two-factor auth. Are you sure?' => '@@Ez letiltja a kétütemű hitelesítést. biztos vagy ebben?@@', 'Two Factor Authentication' => '@@Két tényező hitelesítés@@', 'Two factor authentication protects you against stolen credentials' => '@@Két tényező-hitelesítés megvédi az ellopott hitelesítő adatokat@@', diff --git a/src/User/resources/i18n/it/usuario.php b/src/User/resources/i18n/it/usuario.php index 6d37ea0..ac97d23 100644 --- a/src/User/resources/i18n/it/usuario.php +++ b/src/User/resources/i18n/it/usuario.php @@ -209,7 +209,7 @@ return [ 'Two Factor Authentication (2FA)' => 'Autenticazione a due fattori (2FA)', 'Two factor authentication code' => 'Codice di autenticazione a due fattori', 'Two factor authentication has been disabled.' => 'Autenticazione a due fattori disabilitata.', - 'Two factor authentication protects you in case of stolen credentials' => 'L\'autenticazione a due fattura ti protegge in caso di furto di credenziali', + 'Two factor authentication protects you in case of stolen credentials' => 'L\'autenticazione a due fattori ti protegge in caso di furto di credenziali', 'Two factor authentication successfully enabled.' => 'Autenticazione a due fattori abilitata con successo.', 'Unable to confirm user. Please, try again.' => 'Impossibile confermare l\'utente, per favore ritenta.', 'Unable to create an account.' => 'Impossibile creare l\'account.', @@ -274,9 +274,11 @@ return [ 'Your password has expired, you must change it now' => 'La tua password è scaduta, devi cambiarla', 'Your personal information has been removed' => 'I tuoi dati personali sono stati rimossi', 'Your profile has been updated' => 'Il tuo profilo è stato aggiornato', + 'Your role requires 2FA, you won\'t be able to use the application until you enable it' => 'Il tuo ruolo richiede l\'autenticazione a due fattori, non potrai usare l\'applicazione finché non l\'avrai abilitata', 'privacy policy' => 'politica della privacy', '{0, date, MMM dd, YYYY HH:mm}' => '{0, date, MMM dd, YYYY HH:mm}', '{0, date, MMMM dd, YYYY HH:mm}' => '{0, date, dd MMMM YYYY HH:mm}', '{0} cannot be blank.' => '{0} non può essere vuoto.', 'An email has been sent with instructions for resetting your password' => '@@È stata inviata un\'email con le istruzioni per azzerare la tua password@@', + 'Now you can resume the login process' => '@@Ora puoi riprendere il processo di autenticazione@@', ]; diff --git a/src/User/resources/i18n/kk/usuario.php b/src/User/resources/i18n/kk/usuario.php index 0776a37..59af1ed 100644 --- a/src/User/resources/i18n/kk/usuario.php +++ b/src/User/resources/i18n/kk/usuario.php @@ -112,6 +112,7 @@ return [ 'Gravatar email' => '', 'Hello' => '', 'Here you can download your personal data in a comma separated values format.' => '', + 'I agree processing of my personal data and the use of cookies to facilitate the operation of this site. For more information read our {privacyPolicy}' => '', 'If you already registered, sign in and connect this account on settings page' => '', 'If you cannot click the link, please try pasting the text into your browser' => '', 'If you did not make this request you can ignore this email' => '', @@ -273,6 +274,11 @@ return [ 'Your password has expired, you must change it now' => '', 'Your personal information has been removed' => '', 'Your profile has been updated' => '', + 'Your role requires 2FA, you won\'t be able to use the application until you enable it' => '', + 'privacy policy' => '', + '{0, date, MMM dd, YYYY HH:mm}' => '', '{0, date, MMMM dd, YYYY HH:mm}' => '', '{0} cannot be blank.' => '', + 'Every user having your role has two factor authentication mandatory, you must enable it' => '@@@@', + 'Now you can resume the login process' => '@@@@', ]; diff --git a/src/User/resources/i18n/lt/usuario.php b/src/User/resources/i18n/lt/usuario.php index 0776a37..59af1ed 100644 --- a/src/User/resources/i18n/lt/usuario.php +++ b/src/User/resources/i18n/lt/usuario.php @@ -112,6 +112,7 @@ return [ 'Gravatar email' => '', 'Hello' => '', 'Here you can download your personal data in a comma separated values format.' => '', + 'I agree processing of my personal data and the use of cookies to facilitate the operation of this site. For more information read our {privacyPolicy}' => '', 'If you already registered, sign in and connect this account on settings page' => '', 'If you cannot click the link, please try pasting the text into your browser' => '', 'If you did not make this request you can ignore this email' => '', @@ -273,6 +274,11 @@ return [ 'Your password has expired, you must change it now' => '', 'Your personal information has been removed' => '', 'Your profile has been updated' => '', + 'Your role requires 2FA, you won\'t be able to use the application until you enable it' => '', + 'privacy policy' => '', + '{0, date, MMM dd, YYYY HH:mm}' => '', '{0, date, MMMM dd, YYYY HH:mm}' => '', '{0} cannot be blank.' => '', + 'Every user having your role has two factor authentication mandatory, you must enable it' => '@@@@', + 'Now you can resume the login process' => '@@@@', ]; diff --git a/src/User/resources/i18n/nl/usuario.php b/src/User/resources/i18n/nl/usuario.php index e5c3d96..37df1e7 100644 --- a/src/User/resources/i18n/nl/usuario.php +++ b/src/User/resources/i18n/nl/usuario.php @@ -278,17 +278,20 @@ return [ 'Two factor authentication protects you in case of stolen credentials' => '', 'Unfortunately, you can not work with this site without giving us consent to process your data.' => '', 'Your consent is required to work with this site' => '', + 'Your role requires 2FA, you won\'t be able to use the application until you enable it' => '', 'A message has been sent to your email address. ' => '@@Een bericht werd naar jouw emailadres verzonden@@', 'An email has been sent with instructions for resetting your password' => '@@Er werd een email verstuurd met instructies om jouw wachtwoord te resetten@@', 'Awesome, almost there. ' => '@@Super, bijna klaar.@@', 'Class "{0}" does not exist' => '@@Class "{0} bestaat niet@@', 'Disable Two-Factor Auth' => '@@Tweetraps authenticatie uitschakelen@@', 'Enable Two-factor auth' => '@@Tweetraps authenticatie inschakelen@@', + 'Every user having your role has two factor authentication mandatory, you must enable it' => '@@@@', 'I aggree processing of my personal data and the use of cookies to facilitate the operation of this site. For more information read our {privacyPolicy}' => '@@Ik ga akkoord dat mijn persoonlijke data en cookies worden verwerkt voor het gebruik van deze website. Voor meer informatie lees onze {privacyPolicy}@@', 'I aggree processing of my personal data and the use of cookies to facilitate the operation of this site. For more information read our {privacyPolicy}' => '@@Ik ga akkoord dat mijn persoonlijke data en cookies worden verwerkt voor het gebruik van deze website. Voor meer informatie lees onze {privacyPolicy}@@', 'Invalid two-factor code' => '@@Ongeldige tweetraps authenticatie code@@', 'Last login' => '@@Laatste login@@', + 'Now you can resume the login process' => '@@@@', 'Registration ip' => '@@Registratie IP@@', 'Rule class can not be instantiated' => '@@Registratie IP@@', 'Rule class must extend "yii\\rbac\\Rule"' => '@@Regel klasse moet worden uitgebreid met "yii\\rbac\\Rule"@@', diff --git a/src/User/resources/i18n/pl/usuario.php b/src/User/resources/i18n/pl/usuario.php index e1e29a2..82b2909 100644 --- a/src/User/resources/i18n/pl/usuario.php +++ b/src/User/resources/i18n/pl/usuario.php @@ -278,11 +278,14 @@ return [ 'Two factor authentication protects you in case of stolen credentials' => '', 'Unfortunately, you can not work with this site without giving us consent to process your data.' => '', 'Your consent is required to work with this site' => '', + 'Your role requires 2FA, you won\'t be able to use the application until you enable it' => '', 'An email has been sent with instructions for resetting your password' => '@@Email z instrukcją resetowania hasła został wysłany@@', 'Disable Two-Factor Auth' => '@@Wyłącz uwierzytelnianie dwuetapowe@@', 'Enable Two-factor auth' => '@@Włącz uwierzytelnianie dwuetapowe@@', + 'Every user having your role has two factor authentication mandatory, you must enable it' => '@@@@', 'Invalid two-factor code' => '@@Nieprawidłowy kod uwierzytelniania dwuetapowego@@', 'Last login' => '@@Data ostatniego logowania@@', + 'Now you can resume the login process' => '@@@@', 'This will disable two-factor auth. Are you sure?' => '@@To wyłączy uwierzytelnianie dwuetapowe. Czy jesteś pewny?@@', 'Two Factor Authentication' => '@@Uwierzytelnianie dwuetapowe@@', 'Two factor authentication protects you against stolen credentials' => '@@Uwierzytelnianie dwuetapowe chroni Cię przed kradzieżą danych logowania@@', diff --git a/src/User/resources/i18n/pt-BR/usuario.php b/src/User/resources/i18n/pt-BR/usuario.php index 2de3773..dd165e1 100644 --- a/src/User/resources/i18n/pt-BR/usuario.php +++ b/src/User/resources/i18n/pt-BR/usuario.php @@ -278,17 +278,20 @@ return [ 'Two factor authentication protects you in case of stolen credentials' => '', 'Unfortunately, you can not work with this site without giving us consent to process your data.' => '', 'Your consent is required to work with this site' => '', + 'Your role requires 2FA, you won\'t be able to use the application until you enable it' => '', 'A message has been sent to your email address. ' => '@@Uma mensagem foi enviada para o seu endereço de e-mail.@@', 'An email has been sent with instructions for resetting your password' => '@@Um e-mail foi enviado com instruções para redefinir sua senha@@', 'Awesome, almost there. ' => '@@Incrível, quase lá.@@', 'Class "{0}" does not exist' => '@@A classe "{0}" não existe@@', 'Disable Two-Factor Auth' => '@@Desabilitar autenticação em dois fatores@@', 'Enable Two-factor auth' => '@@Habilitar autenticação em dois fatores@@', + 'Every user having your role has two factor authentication mandatory, you must enable it' => '@@@@', 'I aggree processing of my personal data and the use of cookies to facilitate the operation of this site. For more information read our {privacyPolicy}' => '@@Concordo com o processamento de meus dados pessoais e o uso de cookies para facilitar a operação deste site. Para mais informações, leia nosso {privacyPolicy}@@', 'I aggree processing of my personal data and the use of cookies to facilitate the operation of this site. For more information read our {privacyPolicy}' => '@@Concordo com o processamento de meus dados pessoais e o uso de cookies para facilitar a operação deste site. Para mais informações, leia nosso {privacyPolicy}@@', 'Invalid two-factor code' => '@@Código de dois fatores inválido@@', 'Last login' => '@@Último login@@', + 'Now you can resume the login process' => '@@@@', 'Registration ip' => '@@IP de registro@@', 'Rule class can not be instantiated' => '@@A classe de regras não pode ser instanciada@@', 'Rule class must extend "yii\\rbac\\Rule"' => '@@A classe de regras deve estender de "yii\\rbac\\Rule"@@', diff --git a/src/User/resources/i18n/pt-PT/usuario.php b/src/User/resources/i18n/pt-PT/usuario.php index 3164616..56f0388 100644 --- a/src/User/resources/i18n/pt-PT/usuario.php +++ b/src/User/resources/i18n/pt-PT/usuario.php @@ -276,5 +276,9 @@ return [ 'Website' => '', 'Yandex' => '', 'Your consent is required to work with this site' => '', + 'Your role requires 2FA, you won\'t be able to use the application until you enable it' => '', + '{0, date, MMM dd, YYYY HH:mm}' => '', '{0, date, MMMM dd, YYYY HH:mm}' => '', + 'Every user having your role has two factor authentication mandatory, you must enable it' => '@@@@', + 'Now you can resume the login process' => '@@@@', ]; diff --git a/src/User/resources/i18n/ro/usuario.php b/src/User/resources/i18n/ro/usuario.php index 0527b1e..2c76749 100644 --- a/src/User/resources/i18n/ro/usuario.php +++ b/src/User/resources/i18n/ro/usuario.php @@ -278,16 +278,19 @@ return [ 'Two factor authentication protects you in case of stolen credentials' => '', 'Unfortunately, you can not work with this site without giving us consent to process your data.' => '', 'Your consent is required to work with this site' => '', + 'Your role requires 2FA, you won\'t be able to use the application until you enable it' => '', 'A message has been sent to your email address. ' => '@@A fost trimis un mesaj la adresa dvs. de e-mail.@@', 'An email has been sent with instructions for resetting your password' => '@@A fost trimis un e-mail cu instrucțiuni pentru resetarea parolei@@', 'Awesome, almost there. ' => '@@Minunat, aproape gata.@@', 'Disable Two-Factor Auth' => '@@Dezactivați autentificarea cu două factori@@', 'Enable Two-factor auth' => '@@Activați Auth@@', + 'Every user having your role has two factor authentication mandatory, you must enable it' => '@@@@', 'I aggree processing of my personal data and the use of cookies to facilitate the operation of this site. For more information read our {privacyPolicy}' => '@@Am agregat prelucrarea datelor mele personale și utilizarea cookie-urilor pentru a facilita funcționarea acestui site. Pentru mai multe informații, citiți {privacyPolicy}@@', 'I aggree processing of my personal data and the use of cookies to facilitate the operation of this site. For more information read our {privacyPolicy}' => '@@Am agregat prelucrarea datelor mele personale și utilizarea cookie-urilor pentru a facilita funcționarea acestui site. Pentru mai multe informații, citiți {privacyPolicy}@@', 'Invalid two-factor code' => '@@Cod de două factori nevalid@@', 'Last login' => '@@Ultima logare@@', + 'Now you can resume the login process' => '@@@@', 'This will disable two-factor auth. Are you sure?' => '@@Aceasta va dezactiva auth-ul cu două factori. Esti sigur?@@', 'Two Factor Authentication' => '@@Două autentificare cu factori@@', 'Two factor authentication protects you against stolen credentials' => '@@Autentificarea cu două factori vă protejează împotriva acreditărilor furate@@', diff --git a/src/User/resources/i18n/ru/usuario.php b/src/User/resources/i18n/ru/usuario.php index ab62d8b..d064c1a 100644 --- a/src/User/resources/i18n/ru/usuario.php +++ b/src/User/resources/i18n/ru/usuario.php @@ -278,14 +278,17 @@ return [ 'Submit' => '', 'Unfortunately, you can not work with this site without giving us consent to process your data.' => '', 'Your consent is required to work with this site' => '', + 'Your role requires 2FA, you won\'t be able to use the application until you enable it' => '', 'A message has been sent to your email address. ' => '@@Сообщение было отправлено на вашу электронную почту@@', 'An email has been sent with instructions for resetting your password' => '@@Вам отправлено письмо с инструкциями по смене пароля@@', 'Awesome, almost there. ' => '@@Замечательно, почти готово!@@', 'Class "{0}" does not exist' => '@@Класс "{0}" не найден@@', 'Disable Two-Factor Auth' => '@@Отключить двухфакторную авторизацию@@', 'Enable Two-factor auth' => '@@Включить двухфакторную авторизацию@@', + 'Every user having your role has two factor authentication mandatory, you must enable it' => '@@@@', 'Invalid two-factor code' => '@@Неверный код двухфакторной авторизации@@', 'Last login' => '@@Последний вход@@', + 'Now you can resume the login process' => '@@@@', 'Registration ip' => '@@IP при регистрации@@', 'Rule class can not be instantiated' => '@@Класс правила не может быть создан@@', 'Rule class must extend "yii\\rbac\\Rule"' => '@@Класс правила должен наследоваться от "yii\\rbac\\Rule"@@', diff --git a/src/User/resources/i18n/th/usuario.php b/src/User/resources/i18n/th/usuario.php index 0776a37..59af1ed 100644 --- a/src/User/resources/i18n/th/usuario.php +++ b/src/User/resources/i18n/th/usuario.php @@ -112,6 +112,7 @@ return [ 'Gravatar email' => '', 'Hello' => '', 'Here you can download your personal data in a comma separated values format.' => '', + 'I agree processing of my personal data and the use of cookies to facilitate the operation of this site. For more information read our {privacyPolicy}' => '', 'If you already registered, sign in and connect this account on settings page' => '', 'If you cannot click the link, please try pasting the text into your browser' => '', 'If you did not make this request you can ignore this email' => '', @@ -273,6 +274,11 @@ return [ 'Your password has expired, you must change it now' => '', 'Your personal information has been removed' => '', 'Your profile has been updated' => '', + 'Your role requires 2FA, you won\'t be able to use the application until you enable it' => '', + 'privacy policy' => '', + '{0, date, MMM dd, YYYY HH:mm}' => '', '{0, date, MMMM dd, YYYY HH:mm}' => '', '{0} cannot be blank.' => '', + 'Every user having your role has two factor authentication mandatory, you must enable it' => '@@@@', + 'Now you can resume the login process' => '@@@@', ]; diff --git a/src/User/resources/i18n/tr-TR/usuario.php b/src/User/resources/i18n/tr-TR/usuario.php index 0776a37..59af1ed 100644 --- a/src/User/resources/i18n/tr-TR/usuario.php +++ b/src/User/resources/i18n/tr-TR/usuario.php @@ -112,6 +112,7 @@ return [ 'Gravatar email' => '', 'Hello' => '', 'Here you can download your personal data in a comma separated values format.' => '', + 'I agree processing of my personal data and the use of cookies to facilitate the operation of this site. For more information read our {privacyPolicy}' => '', 'If you already registered, sign in and connect this account on settings page' => '', 'If you cannot click the link, please try pasting the text into your browser' => '', 'If you did not make this request you can ignore this email' => '', @@ -273,6 +274,11 @@ return [ 'Your password has expired, you must change it now' => '', 'Your personal information has been removed' => '', 'Your profile has been updated' => '', + 'Your role requires 2FA, you won\'t be able to use the application until you enable it' => '', + 'privacy policy' => '', + '{0, date, MMM dd, YYYY HH:mm}' => '', '{0, date, MMMM dd, YYYY HH:mm}' => '', '{0} cannot be blank.' => '', + 'Every user having your role has two factor authentication mandatory, you must enable it' => '@@@@', + 'Now you can resume the login process' => '@@@@', ]; diff --git a/src/User/resources/i18n/uk/usuario.php b/src/User/resources/i18n/uk/usuario.php index f533081..7590331 100644 --- a/src/User/resources/i18n/uk/usuario.php +++ b/src/User/resources/i18n/uk/usuario.php @@ -278,15 +278,18 @@ return [ 'Submit' => '', 'Unfortunately, you can not work with this site without giving us consent to process your data.' => '', 'Your consent is required to work with this site' => '', + 'Your role requires 2FA, you won\'t be able to use the application until you enable it' => '', 'A message has been sent to your email address. ' => '@@На вашу електронну адресу надіслано повідомлення@@', 'An email has been sent with instructions for resetting your password' => '@@Лист з інструкціями по зміні пароля надіслано на електронну адресу@@', 'Awesome, almost there. ' => '@@Чудово, майже все.@@', 'Class "{0}" does not exist' => '@@Клас "{0}" не існує@@', 'Disable Two-Factor Auth' => '@@Вимкнути двофакторну аутентифікацію@@', 'Enable Two-factor auth' => '@@Увімкнути двофакторну аутентифікацію@@', + 'Every user having your role has two factor authentication mandatory, you must enable it' => '@@@@', 'I aggree processing of my personal data and the use of cookies to facilitate the operation of this site. For more information read our {privacyPolicy}' => '@@Я даю згоду на обробку моїх персональних даних та на використання cookie даним сайтом. Для більш детальної інформації ознайомтесь з {privacyPolicy}@@', 'Invalid two-factor code' => '@@Невірний код двофакторної авторизації@@', 'Last login' => '@@Останній вхід@@', + 'Now you can resume the login process' => '@@@@', 'Registration ip' => '@@IP реєстрації@@', 'Rule class can not be instantiated' => '@@Клас Правила не може бути ініційований@@', 'Rule class must extend "yii\\rbac\\Rule"' => '@@Клас Правила має розширювати "yii\\rbac\\Rule"@@', diff --git a/src/User/resources/i18n/vi/usuario.php b/src/User/resources/i18n/vi/usuario.php index 0776a37..59af1ed 100644 --- a/src/User/resources/i18n/vi/usuario.php +++ b/src/User/resources/i18n/vi/usuario.php @@ -112,6 +112,7 @@ return [ 'Gravatar email' => '', 'Hello' => '', 'Here you can download your personal data in a comma separated values format.' => '', + 'I agree processing of my personal data and the use of cookies to facilitate the operation of this site. For more information read our {privacyPolicy}' => '', 'If you already registered, sign in and connect this account on settings page' => '', 'If you cannot click the link, please try pasting the text into your browser' => '', 'If you did not make this request you can ignore this email' => '', @@ -273,6 +274,11 @@ return [ 'Your password has expired, you must change it now' => '', 'Your personal information has been removed' => '', 'Your profile has been updated' => '', + 'Your role requires 2FA, you won\'t be able to use the application until you enable it' => '', + 'privacy policy' => '', + '{0, date, MMM dd, YYYY HH:mm}' => '', '{0, date, MMMM dd, YYYY HH:mm}' => '', '{0} cannot be blank.' => '', + 'Every user having your role has two factor authentication mandatory, you must enable it' => '@@@@', + 'Now you can resume the login process' => '@@@@', ]; diff --git a/src/User/resources/i18n/zh-CN/usuario.php b/src/User/resources/i18n/zh-CN/usuario.php index 0776a37..59af1ed 100644 --- a/src/User/resources/i18n/zh-CN/usuario.php +++ b/src/User/resources/i18n/zh-CN/usuario.php @@ -112,6 +112,7 @@ return [ 'Gravatar email' => '', 'Hello' => '', 'Here you can download your personal data in a comma separated values format.' => '', + 'I agree processing of my personal data and the use of cookies to facilitate the operation of this site. For more information read our {privacyPolicy}' => '', 'If you already registered, sign in and connect this account on settings page' => '', 'If you cannot click the link, please try pasting the text into your browser' => '', 'If you did not make this request you can ignore this email' => '', @@ -273,6 +274,11 @@ return [ 'Your password has expired, you must change it now' => '', 'Your personal information has been removed' => '', 'Your profile has been updated' => '', + 'Your role requires 2FA, you won\'t be able to use the application until you enable it' => '', + 'privacy policy' => '', + '{0, date, MMM dd, YYYY HH:mm}' => '', '{0, date, MMMM dd, YYYY HH:mm}' => '', '{0} cannot be blank.' => '', + 'Every user having your role has two factor authentication mandatory, you must enable it' => '@@@@', + 'Now you can resume the login process' => '@@@@', ]; diff --git a/tests/_app/config/db.php b/tests/_app/config/db.php index db1c386..3d53ff6 100644 --- a/tests/_app/config/db.php +++ b/tests/_app/config/db.php @@ -12,4 +12,4 @@ if (file_exists(__DIR__.'/db.local.php')) { $db = array_merge($db, require(__DIR__.'/db.local.php')); } -return $db; +return $db; \ No newline at end of file diff --git a/tests/_app/config/test.php b/tests/_app/config/test.php index 690b908..60cc458 100644 --- a/tests/_app/config/test.php +++ b/tests/_app/config/test.php @@ -1,5 +1,7 @@ 'yii2-user-tests', 'basePath' => dirname(__DIR__), @@ -47,4 +49,12 @@ return [ ], ], 'params' => [], + 'on beforeAction' => function() { + Yii::$app->controller->attachBehavior( + 'enforceTwoFactorAuthentication',[ + 'class' => TwoFactorAuthenticationEnforceFilter::class, + 'except' => ['login', 'logout','account','two-factor', 'two-factor-enable'], + ] + ); + }, ]; diff --git a/tests/_fixtures/AssignmentFixture.php b/tests/_fixtures/AssignmentFixture.php new file mode 100644 index 0000000..fa03a7f --- /dev/null +++ b/tests/_fixtures/AssignmentFixture.php @@ -0,0 +1,11 @@ + [ + 'item_name' => 'admin', + 'user_id' => '1', + ], +]; diff --git a/tests/_fixtures/data/auth_item.php b/tests/_fixtures/data/auth_item.php new file mode 100644 index 0000000..41085f7 --- /dev/null +++ b/tests/_fixtures/data/auth_item.php @@ -0,0 +1,9 @@ + [ + 'name' => 'admin', + 'type' => 1, + 'description' => 'test admin', + ], +]; diff --git a/tests/_fixtures/data/user.php b/tests/_fixtures/data/user.php index b8772fb..adb87e9 100644 --- a/tests/_fixtures/data/user.php +++ b/tests/_fixtures/data/user.php @@ -73,4 +73,17 @@ return [ 'updated_at' => $time, 'confirmed_at' => $time, ], + 'user_with_2fa_enabled' => [ + 'id' => 7, + 'username' => 'user2fa', + 'email' => 'user2faenabled@example.com', + 'password_hash' => '$2y$13$qY.ImaYBppt66qez6B31QO92jc5DYVRzo5NxM1ivItkW74WsSG6Ui', + 'auth_key' => '39HU0m5lpjWtqstFVGFjj6lFb7UZDeRq', + 'auth_tf_key' => '', + 'auth_tf_enabled' => true, + 'created_at' => $time, + 'updated_at' => $time, + 'confirmed_at' => $time, + 'gdpr_consent' => false, + ], ]; diff --git a/tests/functional/TwoFactorAuthenticationCept.php b/tests/functional/TwoFactorAuthenticationCept.php new file mode 100644 index 0000000..39b85b3 --- /dev/null +++ b/tests/functional/TwoFactorAuthenticationCept.php @@ -0,0 +1,55 @@ +wantTo('ensure that two factor authentication check works'); +$I->haveFixtures(['user' => UserFixture::className()]); +$I->haveFixtures(['permission' => PermissionFixture::className()]); +$I->haveFixtures(['assignment' => AssignmentFixture::className()]); + +$I->amGoingTo('try to login with user having two factor authentication enabled'); +Yii::$app->getModule('user')->enableTwoFactorAuthentication = true; +$I->amOnRoute('/user/security/login'); +$user = $I->grabFixture('user', 'user_with_2fa_enabled'); +$I->fillField('#loginform-login', $user->email); +$I->fillField('#loginform-password', 'qwerty'); +$I->click('Sign in'); +$I->expectTo('See form to insert two factor authentication code'); +$I->see('Two factor authentication code'); + + +$I->amGoingTo('try to login with user permission admin, having two factor authentication disabled'); +Yii::$app->getModule('user')->enableTwoFactorAuthentication = true; +Yii::$app->getModule('user')->twoFactorAuthenticationForcedPermissions = ['admin']; +$I->haveFixtures(['user' => UserFixture::className(), 'profile' => ProfileFixture::className()]); +$I->amOnRoute('/user/security/login'); +$user = $I->grabFixture('user', 'user'); +$I->fillField('#loginform-login', $user->email); +$I->fillField('#loginform-password', 'qwerty'); +$I->click('Sign in'); +$I->expectTo('The user must be forced to enable two factor authentication'); +$I->see('Your role requires 2FA, you won\'t be able to use the application until you enable it'); +Yii::$app->user->logout(); + +$I->amGoingTo('try to login with correct credentials when two factor authentication is disabled on the module'); +Yii::$app->getModule('user')->enableTwoFactorAuthentication = false; +$I->amOnRoute('/user/security/login'); +$I->amGoingTo('try to login with correct credentials'); +$user = $I->grabFixture('user', 'user'); +$I->fillField('#loginform-login', $user->email); +$I->fillField('#loginform-password', 'qwerty'); +$I->click('Sign in'); +$I->dontSee('Login'); +$I->see('Logout'); + + +