Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Mandatory 2FA] Spec: User settings interface #11381

Closed
ChristophWurst opened this issue Sep 26, 2018 · 2 comments
Closed

[Mandatory 2FA] Spec: User settings interface #11381

ChristophWurst opened this issue Sep 26, 2018 · 2 comments
Assignees
@ChristophWurst
Labels
1. to develop Accepted and waiting to be taken care of feature: authentication security spec

Comments

@ChristophWurst
Copy link
Member

ChristophWurst commented Sep 26, 2018
edited
Loading

Mandatory 2FA in Nextcloud 15

Overview/progress board: https://github.com/orgs/nextcloud/projects/17

🚀

Specification: User settings interface

Until now, two-factor providers in Nextcloud register their own individual settings on the security page/section. This isn't necessarily bad, but I think we could consolidate their individual sections into a new Two-Factor Auth section.

One possible way to implement this would be to not register settings via info.xml by the providers themselves, but offer an interface that extends IProvider, like

<?php

namespace OCP\Authentication\TwoFactorAuth;

use OCP\IUser;

interface IProvidesPersonalSettings extends IProvider {

	/**
	 * @return TemplateResponse
	 */
	public function getPersonalSettingsTemplate(IUser $user): TemplateResponse;

}

This change would allow us to structure the 2FA settings in a more logical way, e.g. by showing the backup codes on top.

While doing this change, we could also one step further and create a more complex settings mechanism that ensures providers are displayed in a consistent way (as opposed to rendering an arbitrary template and hoping that the structure is okay).

This could looks like this:

namespace OCP\Authentication\TwoFactorAuth;

use OCP\IUser;
use OCP\Template;

interface IProvidesPersonalSettings extends IProvider {

	public function getPersonalSettings(IUser $user): IProviderPersonalSettings;

}

interface IProviderPersonalSettings {

	public function getIcon(): String;

	public function getBody(): Template;

}

Then we can use implementation of IProvidesPersonalSettings and IProviderPersonalSettings to render a (list?) of providers with

  • Their icon
  • Their name
  • Their description
  • Their body for the custom settings (the template)

cc @blizzz @jancborchardt @MorrisJobke @rullzer
@ChristophWurst ChristophWurst self-assigned this Sep 26, 2018
@nextcloud-bot

This comment has been minimized.

Sign in to view
@blizzz
Copy link
Member

blizzz commented Sep 26, 2018

When it is possible to boil it down to custom set of elements and behaviour, i am all for providing the second mechanism. For consistency, and easiser/safer implementation.

This was referenced Sep 26, 2018
Merged
Merged
@nextcloud-bot nextcloud-bot mentioned this issue Nov 5, 2018
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@ChristophWurst ChristophWurst

Labels
1. to develop Accepted and waiting to be taken care of feature: authentication security spec
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@ChristophWurst @blizzz @nextcloud-bot