Merge branch 'release/1.10.27'

getgrav · Jan 12, 2022 · e46ca6f · e46ca6f
2 parents c836423 + 4f9a5c6
commit e46ca6f
Show file tree

Hide file tree

Showing 18 changed files with 16,705 additions and 114,532 deletions.
diff --git a/.editorconfig b/.editorconfig
@@ -10,7 +10,7 @@ end_of_line = lf
 trim_trailing_whitespace = true
 insert_final_newline = true
 indent_style = space
-indent_size = 4
+indent_size = 2
 
 # 2 space indentation
 [*.{yaml,.yml}]

diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,3 +1,13 @@
+# v1.10.27
+## 01/12/2022
+
+1. [](#new)
+   * Support for `YubiKey OTP` 2-Factor authenticator
+   * New `elements` container field that shows/hides children fields based on boolean trigger value
+   * Requires Grav `v1.7.27` and Login `v3.6.2`
+2. [](#improved)
+   * Added new asset language strings
+
 # v1.10.26.1
 ## 01/03/2022
 

diff --git a/blueprints.yaml b/blueprints.yaml
@@ -1,7 +1,7 @@
 name: Admin Panel
 slug: admin
 type: plugin
-version: 1.10.26.1
+version: 1.10.27
 description: Adds an advanced administration panel to manage your site
 icon: empire
 author:
@@ -15,9 +15,9 @@ docs: https://github.com/getgrav/grav-plugin-admin/blob/develop/README.md
 license: MIT
 
 dependencies:
-    - { name: grav, version: '>=1.7.24' }
+    - { name: grav, version: '>=1.7.27' }
     - { name: form, version: '>=5.1.0' }
-    - { name: login, version: '>=3.5.0' }
+    - { name: login, version: '>=3.6.2' }
     - { name: email, version: '>=3.1.0' }
     - { name: flex-objects, version: '>=1.1.0' }
 

diff --git a/classes/plugin/Controllers/Login/LoginController.php b/classes/plugin/Controllers/Login/LoginController.php
@@ -275,11 +275,17 @@ public function taskTwofa(): ResponseInterface
             $twoFa = null;
         }
 
-        $code = $data['2fa_code'] ?? null;
-        $secret = $user->twofa_secret ?? null;
+        $code = $data['2fa_code'] ?? '';
+        $secret = $user->twofa_secret ?? '';
+        $twofa_valid = $twoFa->verifyCode($secret, $code);
+
+        $yubikey_otp = $data['yubikey_otp'] ?? '';
+        $yubikey_id = $user->yubikey_id ?? '';
+        $yubikey_valid = $twoFa->verifyYubikeyOTP($yubikey_id, $yubikey_otp);
+
         $redirect = (string)$this->getRequest()->getUri();
 
-        if (null === $twoFa || !$user->authenticated || !$code || !$secret || !$twoFa->verifyCode($secret, $code)) {
+        if (null === $twoFa || !$user->authenticated || (!$twofa_valid && !$yubikey_valid) ) {
             Admin::DEBUG && Admin::addDebugMessage('Admin login: 2FA check failed, log out!');
 
             // Failed 2FA auth, logout and redirect to the current page.

diff --git a/languages/en.yaml b/languages/en.yaml
@@ -394,6 +394,7 @@ PLUGIN_ADMIN:
   AUTOESCAPE_VARIABLES: "Autoescape variables"
   AUTOESCAPE_VARIABLES_HELP: "Autoescapes all variables.  This will break your site most likely"
   ASSETS: "Assets"
+  CSS_ASSETS: "CSS Assets"
   CSS_PIPELINE: "CSS pipeline"
   CSS_PIPELINE_HELP: "The CSS pipeline is the unification of multiple CSS resources into one file"
   CSS_PIPELINE_INCLUDE_EXTERNALS: "Include externals in CSS pipeline"
@@ -406,12 +407,21 @@ PLUGIN_ADMIN:
   CSS_MINIFY_WINDOWS_OVERRIDE_HELP: "Minify Override for Windows platforms. False by default due to ThreadStackSize"
   CSS_REWRITE: "CSS rewrite"
   CSS_REWRITE_HELP: "Rewrite any CSS relative URLs during pipelining"
+  JS_ASSETS: "JavaScript Assets"
   JAVASCRIPT_PIPELINE: "JavaScript pipeline"
   JAVASCRIPT_PIPELINE_HELP: "The JS pipeline is the unification of multiple JS resources into one file"
   JAVASCRIPT_PIPELINE_INCLUDE_EXTERNALS: "Include externals in JS pipeline"
   JAVASCRIPT_PIPELINE_INCLUDE_EXTERNALS_HELP: "External URLs sometimes have relative file references and shouldn't be pipelined"
   JAVASCRIPT_PIPELINE_BEFORE_EXCLUDES: "JS pipeline render first"
   JAVASCRIPT_PIPELINE_BEFORE_EXCLUDES_HELP: "Render the JS pipeline before any other JS references that are not included"
+  JS_MODULE_ASSETS: "JavaScript Module Assets"
+  JAVASCRIPT_MODULE_PIPELINE: "JavaScript Module pipeline"
+  JAVASCRIPT_MODULE_PIPELINE_HELP: "The JS Module pipeline is the unification of multiple JS resources into one file"
+  JAVASCRIPT_MODULE_PIPELINE_INCLUDE_EXTERNALS: "Include externals in JS Module pipeline"
+  JAVASCRIPT_MODULE_PIPELINE_INCLUDE_EXTERNALS_HELP: "External URLs sometimes have relative file references and shouldn't be pipelined"
+  JAVASCRIPT_MODULE_PIPELINE_BEFORE_EXCLUDES: "JS Module pipeline render first"
+  JAVASCRIPT_MODULE_PIPELINE_BEFORE_EXCLUDES_HELP: "Render the JS pipeline before any other JS references that are not included"
+  GENERAL_CONFIG: "General Asset Configuration"
   JAVASCRIPT_MINIFY: "JavaScript minify"
   JAVASCRIPT_MINIFY_HELP: "Minify the JS during pipelining"
   ENABLED_TIMESTAMPS_ON_ASSETS: "Enable timestamps on assets"
@@ -748,6 +758,9 @@ PLUGIN_ADMIN:
   2FA_SECRET: "2FA Secret"
   2FA_SECRET_HELP: "Scan this QR code into your [Authenticator App](https://learn.getgrav.org/admin-panel/2fa#apps). Also it's a good idea to backup the secret in a safe location, in case you need to reinstall your app. Check the [Grav docs](https://learn.getgrav.org/admin-panel/2fa) for more information "
   2FA_REGENERATE: "Regenerate"
+  YUBIKEY_ID: "YubiKey ID"
+  YUBIKEY_OTP_INPUT: "YubiKey OTP"
+  YUBIKEY_HELP: "Insert your YubiKey into your computer and click the button to generate an OTP. The first 12 chars are your client ID and will be saved."
   FORCE_LOWERCASE_URLS: "Force lowercase URLs"
   FORCE_LOWERCASE_URLS_HELP: "By default Grav will set all slugs and routes to be lowercase. With this set to false, Uppercase slugs and routes can be used"
   INTL_ENABLED: "Intl module integration"

diff --git a/pages/admin/login.md b/pages/admin/login.md
@@ -37,4 +37,9 @@ forms:
         id: twofa-code
         autofocus: true
         placeholder: PLUGIN_ADMIN.2FA_CODE_INPUT
+        description: or
+      yubikey_otp: 
+        type: text
+        id: yubikey-otp
+        placeholder: PLUGIN_ADMIN.YUBIKEY_OTP_INPUT
 ---
diff --git a/themes/grav/.eslintrc b/themes/grav/.eslintrc
@@ -35,7 +35,6 @@
     "generator-star-spacing": [2, { "before": true, "after": true }],
     "guard-for-in": 0,
     "handle-callback-err": [2, "^(err|error)$" ],
-    "indent": [2, 4, { "SwitchCase": 1 }],
     "key-spacing": [2, { "beforeColon": false, "afterColon": true }],
     "linebreak-style": 0,
     "lines-around-comment": 0,

diff --git a/themes/grav/app/forms/fields/elements.js b/themes/grav/app/forms/fields/elements.js
@@ -0,0 +1,10 @@
+import $ from 'jquery';
+
+$(document).on('change', '[data-grav-elements] select', (event) => {
+  const target = $(event.currentTarget);
+  const value = target.val();
+  const id = target.closest('[data-grav-elements]').data('gravElements');
+
+  $(`[id^="${id}_"]`).css('display', 'none');
+  $(`[id="${id}__${value}"]`).css('display', 'inherit');
+});
diff --git a/themes/grav/app/forms/fields/index.js b/themes/grav/app/forms/fields/index.js
@@ -19,6 +19,7 @@ import './mediapicker';
 import './multilevel';
 import './text';
 import './range';
+import './elements';
 
 export default {
     FilepickerField: {

diff --git a/themes/grav/css-compiled/template.css b/themes/grav/css-compiled/template.css
diff --git a/themes/grav/css-compiled/template.css.map b/themes/grav/css-compiled/template.css.map