osr-plastic/osr-discourse-src
Archived
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
This repository has been archived on 2023-03-18. You can view files and clone it, but cannot push or open issues or pull requests.
c368d35602
osr-discourse-src/app/assets/javascripts/discourse/app/controllers/second-factor-auth.js
Dan Gebhardt 03b7b7d1bc
DEV: Remove usage of {{action}} modifiers - Take 2 (#18476) 
This PR enables the [`no-action-modifiers`](https://github.com/ember-template-lint/ember-template-lint/blob/master/docs/rule/no-action-modifiers.md) template lint rule and removes all usages of the `{{action}}` modifier in core.

In general, instances of `{{action "x"}}` have been replaced with `{{on "click" (action "x")}}`. 

In many cases, such as for `a` elements, we also need to prevent default event handling to avoid unwanted side effects. While the `{{action}}` modifier internally calls `event.preventDefault()`, we need to handle these cases more explicitly. For this purpose, this PR also adds the [ember-event-helpers](https://github.com/buschtoens/ember-event-helpers) dependency so we can use the `prevent-default` handler. For instance:

```
<a href {{on "click" (prevent-default (action "x"))}}>Do X</a>
```

Note that `action` has not in general been refactored away as a helper yet. In general, all event handlers should be methods on the corresponding component and referenced directly (e.g. `{{on "click" this.doSomething}}`). However, the `action` helper is used extensively throughout the codebase and often references methods in the `actions` hash on controllers or routes. Thus this refactor will also be extensive and probably deserves a separate PR.

Note: This work was done to complement #17767 by minimizing the potential impact of the `action` modifier override, which uses private API and arguably should be replaced with an AST transform.

This is a followup to #18333, which had to be reverted because it did not account for the default treatment of modifier keys by the {{action}} modifier.

Commits:
* Enable `no-action-modifiers` template lint rule
* Replace {{action "x"}} with {{on "click" (action "x")}}
* Remove unnecessary action helper usage
* Remove ctl+click tests for user-menu
   These tests now break in Chrome when used with addEventListener. As per the comment, they can probably be safely removed.
* Prevent default event handlers to avoid unwanted side effects
   Uses `event.preventDefault()` in event handlers to prevent default event handling. This had been done automatically by the `action` modifier, but is not always desirable or necessary.
* Restore UserCardContents#showUser action to avoid regression
   By keeping the `showUser` action, we can avoid a breaking change for plugins that rely upon it, while not interfering with the `showUser` argument that's been passed.
* Revert EditCategoryTab#selectTab -> EditCategoryTab#select
   Avoid potential breaking change in themes / plugins
* Restore GroupCardContents#showGroup action to avoid regression
   By keeping the `showGroup` action, we can avoid a breaking change for plugins that rely upon it, while not interfering with the `showGroup` argument that's been passed.
* Restore SecondFactorAddTotp#showSecondFactorKey action to avoid regression
   By keeping the `showSecondFactorKey` action, we can avoid a breaking change for plugins that rely upon it, while not interfering with the `showSecondFactorKey` property that's maintained on the controller.
* Refactor away from `actions` hash in ChooseMessage component
* Modernize EmojiPicker#onCategorySelection usage
* Modernize SearchResultEntry#logClick usage
* Modernize Discovery::Categories#showInserted usage
* Modernize Preferences::Account#resendConfirmationEmail usage
* Modernize MultiSelect::SelectedCategory#onSelectedNameClick usage
* Favor fn over action in SelectedChoice component
* Modernize WizardStep event handlers
* Favor fn over action usage in buttons
* Restore Login#forgotPassword action to avoid possible regression
* Introduce modKeysPressed utility
   Returns an array of modifier keys that are pressed during a given `MouseEvent` or `KeyboardEvent`.
* Don't interfere with click events on links with `href` values when modifier keys are pressed
2022-10-05 13:08:54 +01:00

239 lines
6.4 KiB
JavaScript
Raw Blame History

import Controller from "@ember/controller";
import { SECOND_FACTOR_METHODS } from "discourse/models/user";
import I18n from "I18n";
import { ajax } from "discourse/lib/ajax";
import { extractError } from "discourse/lib/ajax-error";
import { action } from "@ember/object";
import discourseComputed from "discourse-common/utils/decorators";
import { equal, readOnly } from "@ember/object/computed";
import { getWebauthnCredential } from "discourse/lib/webauthn";
import DiscourseURL from "discourse/lib/url";
const { TOTP, BACKUP_CODE, SECURITY_KEY } = SECOND_FACTOR_METHODS;
export default Controller.extend({
TOTP,
BACKUP_CODE,
SECURITY_KEY,
queryParams: ["nonce"],
message: null,
loadError: false,
messageIsError: false,
secondFactorToken: null,
userSelectedMethod: null,
totpEnabled: readOnly("model.totp_enabled"),
backupCodesEnabled: readOnly("model.backup_enabled"),
securityKeysEnabled: readOnly("model.security_keys_enabled"),
allowedMethods: readOnly("model.allowed_methods"),
customDescription: readOnly("model.description"),
showTotpForm: equal("shownSecondFactorMethod", TOTP),
showSecurityKeyForm: equal("shownSecondFactorMethod", SECURITY_KEY),
showBackupCodesForm: equal("shownSecondFactorMethod", BACKUP_CODE),
@discourseComputed("allowedMethods.[]", "totpEnabled")
totpAvailable() {
return this.totpEnabled && this.allowedMethods.includes(TOTP);
},
@discourseComputed("allowedMethods.[]", "backupCodesEnabled")
backupCodesAvailable() {
return this.backupCodesEnabled && this.allowedMethods.includes(BACKUP_CODE);
},
@discourseComputed("allowedMethods.[]", "securityKeysEnabled")
securityKeysAvailable() {
return (
this.securityKeysEnabled && this.allowedMethods.includes(SECURITY_KEY)
);
},
@discourseComputed(
"userSelectedMethod",
"securityKeysAvailable",
"totpAvailable",
"backupCodesAvailable"
)
shownSecondFactorMethod(
userSelectedMethod,
securityKeysAvailable,
totpAvailable,
backupCodesAvailable
) {
if (userSelectedMethod !== null) {
return userSelectedMethod;
} else {
if (securityKeysAvailable) {
return SECURITY_KEY;
} else if (totpAvailable) {
return TOTP;
} else if (backupCodesAvailable) {
return BACKUP_CODE;
} else {
throw new Error("unexpected state of user 2fa settings!");
}
}
},
@discourseComputed(
"shownSecondFactorMethod",
"securityKeysAvailable",
"totpAvailable",
"backupCodesAvailable"
)
alternativeMethods(
shownSecondFactorMethod,
securityKeysAvailable,
totpAvailable,
backupCodesAvailable
) {
const alts = [];
if (securityKeysAvailable && shownSecondFactorMethod !== SECURITY_KEY) {
alts.push({
id: SECURITY_KEY,
translationKey: "login.second_factor_toggle.security_key",
class: "security-key",
});
}
if (totpAvailable && shownSecondFactorMethod !== TOTP) {
alts.push({
id: TOTP,
translationKey: "login.second_factor_toggle.totp",
class: "totp",
});
}
if (backupCodesAvailable && shownSecondFactorMethod !== BACKUP_CODE) {
alts.push({
id: BACKUP_CODE,
translationKey: "login.second_factor_toggle.backup_code",
class: "backup-code",
});
}
return alts;
},
@discourseComputed("shownSecondFactorMethod")
secondFactorTitle(shownSecondFactorMethod) {
switch (shownSecondFactorMethod) {
case TOTP:
return I18n.t("login.second_factor_title");
case SECURITY_KEY:
return I18n.t("login.second_factor_title");
case BACKUP_CODE:
return I18n.t("login.second_factor_backup_title");
}
},
@discourseComputed("shownSecondFactorMethod")
secondFactorDescription(shownSecondFactorMethod) {
switch (shownSecondFactorMethod) {
case TOTP:
return I18n.t("login.second_factor_description");
case SECURITY_KEY:
return I18n.t("login.security_key_description");
case BACKUP_CODE:
return I18n.t("login.second_factor_backup_description");
}
},
@discourseComputed("messageIsError")
alertClass(messageIsError) {
if (messageIsError) {
return "alert-error";
} else {
return "alert-success";
}
},
@discourseComputed("showTotpForm", "showBackupCodesForm")
inputFormClass(showTotpForm, showBackupCodesForm) {
if (showTotpForm) {
return "totp-token";
} else if (showBackupCodesForm) {
return "backup-code-token";
}
},
resetState() {
this.set("message", null);
this.set("messageIsError", false);
this.set("secondFactorToken", null);
this.set("userSelectedMethod", null);
this.set("loadError", false);
},
displayError(message) {
this.set("message", message);
this.set("messageIsError", true);
},
displaySuccess(message) {
this.set("message", message);
this.set("messageIsError", false);
},
verifySecondFactor(data) {
return ajax("/session/2fa", {
type: "POST",
data: {
...data,
second_factor_method: this.shownSecondFactorMethod,
nonce: this.nonce,
},
})
.then((response) => {
this.displaySuccess(
I18n.t("second_factor_auth.redirect_after_success")
);
ajax(response.callback_path, {
type: response.callback_method,
data: { second_factor_nonce: this.nonce },
})
.then((callbackResponse) => {
const redirectUrl =
callbackResponse.redirect_url || response.redirect_url;
DiscourseURL.routeTo(redirectUrl);
})
.catch((error) => this.displayError(extractError(error)));
})
.catch((error) => {
this.displayError(extractError(error));
});
},
@action
onTokenInput(event) {
this.set("secondFactorToken", event.target.value);
},
@action
useAnotherMethod(newMethod, event) {
event?.preventDefault();
this.set("userSelectedMethod", newMethod);
},
@action
authenticateSecurityKey() {
getWebauthnCredential(
this.model.challenge,
this.model.allowed_credential_ids,
(credentialData) => {
this.verifySecondFactor({ second_factor_token: credentialData });
},
(errorMessage) => {
this.displayError(errorMessage);
}
);
},
@action
authenticateToken() {
this.verifySecondFactor({ second_factor_token: this.secondFactorToken });
},
});
Reference in New Issue View Git Blame Copy Permalink