Differential D8886

Make two-factor auth actually work
ClosedPublic
Actions

Authored by epriestley on Apr 28 2014, 5:03 PM.

Details

Reviewers

btrahan

Maniphest Tasks

T4398: Implement two-factor authentication

Commits

Restricted Diffusion Commit
rPa017a8e02b51: Make two-factor auth actually work

Summary

Ref T4398. Allows auth factors to render and validate when prompted to take a hi-sec action.

This has a whole lot of rough edges still (see D8875) but does fundamentally work correctly.

Test Plan

Added two different TOTP factors to my account for EXTRA SECURITY.
Took hisec actions with no auth factors, and with attached auth factors.
Hit all the error/failure states of the hisec entry process.
Verified hisec failures appear in activity logs.

Diff Detail

Repository

rP Phabricator

Lint

Lint Skipped

Unit

Tests Skipped

Event Timeline

epriestley updated this revision to Diff 21080.Apr 28 2014, 5:03 PM

epriestley retitled this revision from to Make two-factor auth actually work.

epriestley updated this object.

epriestley edited the test plan for this revision. (Show Details)

epriestley added a reviewer: btrahan.

epriestley added a task: T4398: Implement two-factor authentication.

Herald added a subscriber: epriestley. · View Herald TranscriptApr 28 2014, 5:03 PM

My account is secure to the max!!

Screen_Shot_2014-04-28_at_9.58.49_AM.png (1×1 px, 179 KB)

Harbormaster completed remote builds in B102: Diff 21080.Apr 28 2014, 5:04 PM

Macro epriestleyweddingcake: false topper lyuba at comp too

This revision is now accepted and ready to land.Apr 28 2014, 5:14 PM

Closed by commit rPa017a8e02b51 (authored by @epriestley).

Revision Contents
Changeset List

Path

Size

src/

aphront/

configuration/

AphrontDefaultApplicationConfiguration.php

2 lines

applications/

auth/

engine/

PhabricatorAuthSessionEngine.php

95 lines

exception/

PhabricatorAuthHighSecurityRequiredException.php

21 lines

factor/

PhabricatorAuthFactor.php

23 lines

PhabricatorAuthFactorTOTP.php

43 lines

storage/

PhabricatorAuthFactorConfig.php

13 lines

people/

storage/

PhabricatorUserLog.php

2 lines

settings/

panel/

PhabricatorSettingsPanelMultiFactor.php

5 lines

PhabricatorSettingsPanelSSHKeys.php

9 lines

Diff 21081

View Options

src/aphront/configuration/AphrontDefaultApplicationConfiguration.php

View Options

src/applications/auth/engine/PhabricatorAuthSessionEngine.php

View Options

src/applications/auth/exception/PhabricatorAuthHighSecurityRequiredException.php

View Options

src/applications/auth/factor/PhabricatorAuthFactor.php

View Options

src/applications/auth/factor/PhabricatorAuthFactorTOTP.php

View Options

src/applications/auth/storage/PhabricatorAuthFactorConfig.php

View Options

src/applications/people/storage/PhabricatorUserLog.php

View Options

src/applications/settings/panel/PhabricatorSettingsPanelMultiFactor.php

View Options

src/applications/settings/panel/PhabricatorSettingsPanelSSHKeys.php

Make two-factor auth actually workClosedPublicActions

Details

Diff Detail

Event Timeline

Revision ContentsChangeset List

Diff 21081

src/aphront/configuration/AphrontDefaultApplicationConfiguration.php

src/applications/auth/engine/PhabricatorAuthSessionEngine.php

src/applications/auth/exception/PhabricatorAuthHighSecurityRequiredException.php

src/applications/auth/factor/PhabricatorAuthFactor.php

src/applications/auth/factor/PhabricatorAuthFactorTOTP.php

src/applications/auth/storage/PhabricatorAuthFactorConfig.php

src/applications/people/storage/PhabricatorUserLog.php

src/applications/settings/panel/PhabricatorSettingsPanelMultiFactor.php

src/applications/settings/panel/PhabricatorSettingsPanelSSHKeys.php

Make two-factor auth actually work
ClosedPublic
Actions

Revision Contents
Changeset List