mirror of
https://github.com/casdoor/casdoor.git
synced 2025-07-08 00:50:28 +08:00
Compare commits
10 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
| 9bbe5afb7c | |||
| b42391c6ce | |||
| fb035a5353 | |||
| b1f68a60a4 | |||
| 201d704a31 | |||
| bf91ad6c97 | |||
| 3ccc0339c7 | |||
| 1f2b0a3587 | |||
| 0b3feb0d5f | |||
| 568c0e2c3d |
@ -42,6 +42,7 @@ type Response struct {
|
||||
Name string `json:"name"`
|
||||
Data interface{} `json:"data"`
|
||||
Data2 interface{} `json:"data2"`
|
||||
Data3 interface{} `json:"data3"`
|
||||
}
|
||||
|
||||
type Captcha struct {
|
||||
|
||||
@ -132,7 +132,7 @@ func (c *ApiController) HandleLoggedIn(application *object.Application, user *ob
|
||||
if form.Type == ResponseTypeLogin {
|
||||
c.SetSessionUsername(userId)
|
||||
util.LogInfo(c.Ctx, "API: [%s] signed in", userId)
|
||||
resp = &Response{Status: "ok", Msg: "", Data: userId, Data2: user.NeedUpdatePassword}
|
||||
resp = &Response{Status: "ok", Msg: "", Data: userId, Data3: user.NeedUpdatePassword}
|
||||
} else if form.Type == ResponseTypeCode {
|
||||
clientId := c.Input().Get("clientId")
|
||||
responseType := c.Input().Get("responseType")
|
||||
@ -154,7 +154,7 @@ func (c *ApiController) HandleLoggedIn(application *object.Application, user *ob
|
||||
}
|
||||
|
||||
resp = codeToResponse(code)
|
||||
resp.Data2 = user.NeedUpdatePassword
|
||||
resp.Data3 = user.NeedUpdatePassword
|
||||
if application.EnableSigninSession || application.HasPromptPage() {
|
||||
// The prompt page needs the user to be signed in
|
||||
c.SetSessionUsername(userId)
|
||||
@ -168,7 +168,7 @@ func (c *ApiController) HandleLoggedIn(application *object.Application, user *ob
|
||||
token, _ := object.GetTokenByUser(application, user, scope, nonce, c.Ctx.Request.Host)
|
||||
resp = tokenToResponse(token)
|
||||
|
||||
resp.Data2 = user.NeedUpdatePassword
|
||||
resp.Data3 = user.NeedUpdatePassword
|
||||
}
|
||||
} else if form.Type == ResponseTypeDevice {
|
||||
authCache, ok := object.DeviceAuthMap.LoadAndDelete(form.UserCode)
|
||||
@ -195,14 +195,14 @@ func (c *ApiController) HandleLoggedIn(application *object.Application, user *ob
|
||||
|
||||
object.DeviceAuthMap.Store(authCacheCast.UserName, deviceAuthCacheDeviceCodeCast)
|
||||
|
||||
resp = &Response{Status: "ok", Msg: "", Data: userId, Data2: user.NeedUpdatePassword}
|
||||
resp = &Response{Status: "ok", Msg: "", Data: userId, Data3: user.NeedUpdatePassword}
|
||||
} else if form.Type == ResponseTypeSaml { // saml flow
|
||||
res, redirectUrl, method, err := object.GetSamlResponse(application, user, form.SamlRequest, c.Ctx.Request.Host)
|
||||
if err != nil {
|
||||
c.ResponseError(err.Error(), nil)
|
||||
return
|
||||
}
|
||||
resp = &Response{Status: "ok", Msg: "", Data: res, Data2: map[string]interface{}{"redirectUrl": redirectUrl, "method": method, "needUpdatePassword": user.NeedUpdatePassword}}
|
||||
resp = &Response{Status: "ok", Msg: "", Data: res, Data2: map[string]interface{}{"redirectUrl": redirectUrl, "method": method}, Data3: user.NeedUpdatePassword}
|
||||
|
||||
if application.EnableSigninSession || application.HasPromptPage() {
|
||||
// The prompt page needs the user to be signed in
|
||||
@ -555,8 +555,11 @@ func (c *ApiController) Login() {
|
||||
c.ResponseError(c.T("auth:The login method: login with LDAP is not enabled for the application"))
|
||||
return
|
||||
}
|
||||
|
||||
clientIp := util.GetClientIpFromRequest(c.Ctx.Request)
|
||||
|
||||
var enableCaptcha bool
|
||||
if enableCaptcha, err = object.CheckToEnableCaptcha(application, authForm.Organization, authForm.Username); err != nil {
|
||||
if enableCaptcha, err = object.CheckToEnableCaptcha(application, authForm.Organization, authForm.Username, clientIp); err != nil {
|
||||
c.ResponseError(err.Error())
|
||||
return
|
||||
} else if enableCaptcha {
|
||||
@ -1222,27 +1225,26 @@ func (c *ApiController) GetQRCode() {
|
||||
func (c *ApiController) GetCaptchaStatus() {
|
||||
organization := c.Input().Get("organization")
|
||||
userId := c.Input().Get("userId")
|
||||
user, err := object.GetUserByFields(organization, userId)
|
||||
applicationName := c.Input().Get("application")
|
||||
|
||||
application, err := object.GetApplication(fmt.Sprintf("admin/%s", applicationName))
|
||||
if err != nil {
|
||||
c.ResponseError(err.Error())
|
||||
return
|
||||
}
|
||||
if application == nil {
|
||||
c.ResponseError("application not found")
|
||||
return
|
||||
}
|
||||
|
||||
captchaEnabled := false
|
||||
if user != nil {
|
||||
var failedSigninLimit int
|
||||
failedSigninLimit, _, err = object.GetFailedSigninConfigByUser(user)
|
||||
clientIp := util.GetClientIpFromRequest(c.Ctx.Request)
|
||||
captchaEnabled, err := object.CheckToEnableCaptcha(application, organization, userId, clientIp)
|
||||
if err != nil {
|
||||
c.ResponseError(err.Error())
|
||||
return
|
||||
}
|
||||
|
||||
if user.SigninWrongTimes >= failedSigninLimit {
|
||||
captchaEnabled = true
|
||||
}
|
||||
}
|
||||
|
||||
c.ResponseOk(captchaEnabled)
|
||||
return
|
||||
}
|
||||
|
||||
// Callback
|
||||
|
||||
@ -574,7 +574,7 @@ func (c *ApiController) SetPassword() {
|
||||
targetUser.LastChangePasswordTime = util.GetCurrentTime()
|
||||
|
||||
if user.Ldap == "" {
|
||||
_, err = object.UpdateUser(userId, targetUser, []string{"password", "need_update_password", "password_type", "last_change_password_time"}, false)
|
||||
_, err = object.UpdateUser(userId, targetUser, []string{"password", "password_salt", "need_update_password", "password_type", "last_change_password_time"}, false)
|
||||
} else {
|
||||
if isAdmin {
|
||||
err = object.ResetLdapPassword(targetUser, "", newPassword, c.GetAcceptLanguage())
|
||||
|
||||
@ -23,7 +23,7 @@ func NewArgon2idCredManager() *Argon2idCredManager {
|
||||
return cm
|
||||
}
|
||||
|
||||
func (cm *Argon2idCredManager) GetHashedPassword(password string, userSalt string, organizationSalt string) string {
|
||||
func (cm *Argon2idCredManager) GetHashedPassword(password string, salt string) string {
|
||||
hash, err := argon2id.CreateHash(password, argon2id.DefaultParams)
|
||||
if err != nil {
|
||||
return ""
|
||||
@ -31,7 +31,7 @@ func (cm *Argon2idCredManager) GetHashedPassword(password string, userSalt strin
|
||||
return hash
|
||||
}
|
||||
|
||||
func (cm *Argon2idCredManager) IsPasswordCorrect(plainPwd string, hashedPwd string, userSalt string, organizationSalt string) bool {
|
||||
func (cm *Argon2idCredManager) IsPasswordCorrect(plainPwd string, hashedPwd string, salt string) bool {
|
||||
match, _ := argon2id.ComparePasswordAndHash(plainPwd, hashedPwd)
|
||||
return match
|
||||
}
|
||||
|
||||
@ -9,7 +9,7 @@ func NewBcryptCredManager() *BcryptCredManager {
|
||||
return cm
|
||||
}
|
||||
|
||||
func (cm *BcryptCredManager) GetHashedPassword(password string, userSalt string, organizationSalt string) string {
|
||||
func (cm *BcryptCredManager) GetHashedPassword(password string, salt string) string {
|
||||
bytes, err := bcrypt.GenerateFromPassword([]byte(password), bcrypt.DefaultCost)
|
||||
if err != nil {
|
||||
return ""
|
||||
@ -17,7 +17,7 @@ func (cm *BcryptCredManager) GetHashedPassword(password string, userSalt string,
|
||||
return string(bytes)
|
||||
}
|
||||
|
||||
func (cm *BcryptCredManager) IsPasswordCorrect(plainPwd string, hashedPwd string, userSalt string, organizationSalt string) bool {
|
||||
func (cm *BcryptCredManager) IsPasswordCorrect(plainPwd string, hashedPwd string, salt string) bool {
|
||||
err := bcrypt.CompareHashAndPassword([]byte(hashedPwd), []byte(plainPwd))
|
||||
return err == nil
|
||||
}
|
||||
|
||||
@ -15,8 +15,8 @@
|
||||
package cred
|
||||
|
||||
type CredManager interface {
|
||||
GetHashedPassword(password string, userSalt string, organizationSalt string) string
|
||||
IsPasswordCorrect(password string, passwordHash string, userSalt string, organizationSalt string) bool
|
||||
GetHashedPassword(password string, salt string) string
|
||||
IsPasswordCorrect(password string, passwordHash string, salt string) bool
|
||||
}
|
||||
|
||||
func GetCredManager(passwordType string) CredManager {
|
||||
|
||||
@ -37,14 +37,10 @@ func NewMd5UserSaltCredManager() *Md5UserSaltCredManager {
|
||||
return cm
|
||||
}
|
||||
|
||||
func (cm *Md5UserSaltCredManager) GetHashedPassword(password string, userSalt string, organizationSalt string) string {
|
||||
res := getMd5HexDigest(password)
|
||||
if userSalt != "" {
|
||||
res = getMd5HexDigest(res + userSalt)
|
||||
}
|
||||
return res
|
||||
func (cm *Md5UserSaltCredManager) GetHashedPassword(password string, salt string) string {
|
||||
return getMd5HexDigest(getMd5HexDigest(password) + salt)
|
||||
}
|
||||
|
||||
func (cm *Md5UserSaltCredManager) IsPasswordCorrect(plainPwd string, hashedPwd string, userSalt string, organizationSalt string) bool {
|
||||
return hashedPwd == cm.GetHashedPassword(plainPwd, userSalt, organizationSalt)
|
||||
func (cm *Md5UserSaltCredManager) IsPasswordCorrect(plainPwd string, hashedPwd string, salt string) bool {
|
||||
return hashedPwd == cm.GetHashedPassword(plainPwd, salt)
|
||||
}
|
||||
|
||||
@ -28,13 +28,13 @@ func NewPbkdf2SaltCredManager() *Pbkdf2SaltCredManager {
|
||||
return cm
|
||||
}
|
||||
|
||||
func (cm *Pbkdf2SaltCredManager) GetHashedPassword(password string, userSalt string, organizationSalt string) string {
|
||||
func (cm *Pbkdf2SaltCredManager) GetHashedPassword(password string, salt string) string {
|
||||
// https://www.keycloak.org/docs/latest/server_admin/index.html#password-database-compromised
|
||||
decodedSalt, _ := base64.StdEncoding.DecodeString(userSalt)
|
||||
decodedSalt, _ := base64.StdEncoding.DecodeString(salt)
|
||||
res := pbkdf2.Key([]byte(password), decodedSalt, 27500, 64, sha256.New)
|
||||
return base64.StdEncoding.EncodeToString(res)
|
||||
}
|
||||
|
||||
func (cm *Pbkdf2SaltCredManager) IsPasswordCorrect(plainPwd string, hashedPwd string, userSalt string, organizationSalt string) bool {
|
||||
return hashedPwd == cm.GetHashedPassword(plainPwd, userSalt, organizationSalt)
|
||||
func (cm *Pbkdf2SaltCredManager) IsPasswordCorrect(plainPwd string, hashedPwd string, salt string) bool {
|
||||
return hashedPwd == cm.GetHashedPassword(plainPwd, salt)
|
||||
}
|
||||
|
||||
@ -32,12 +32,8 @@ func NewPbkdf2DjangoCredManager() *Pbkdf2DjangoCredManager {
|
||||
return cm
|
||||
}
|
||||
|
||||
func (m *Pbkdf2DjangoCredManager) GetHashedPassword(password string, userSalt string, organizationSalt string) string {
|
||||
func (m *Pbkdf2DjangoCredManager) GetHashedPassword(password string, salt string) string {
|
||||
iterations := 260000
|
||||
salt := userSalt
|
||||
if salt == "" {
|
||||
salt = organizationSalt
|
||||
}
|
||||
|
||||
saltBytes := []byte(salt)
|
||||
passwordBytes := []byte(password)
|
||||
@ -46,7 +42,7 @@ func (m *Pbkdf2DjangoCredManager) GetHashedPassword(password string, userSalt st
|
||||
return "pbkdf2_sha256$" + strconv.Itoa(iterations) + "$" + salt + "$" + hashBase64
|
||||
}
|
||||
|
||||
func (m *Pbkdf2DjangoCredManager) IsPasswordCorrect(password string, passwordHash string, userSalt string, organizationSalt string) bool {
|
||||
func (m *Pbkdf2DjangoCredManager) IsPasswordCorrect(password string, passwordHash string, _salt string) bool {
|
||||
parts := strings.Split(passwordHash, "$")
|
||||
if len(parts) != 4 {
|
||||
return false
|
||||
|
||||
@ -21,10 +21,10 @@ func NewPlainCredManager() *PlainCredManager {
|
||||
return cm
|
||||
}
|
||||
|
||||
func (cm *PlainCredManager) GetHashedPassword(password string, userSalt string, organizationSalt string) string {
|
||||
func (cm *PlainCredManager) GetHashedPassword(password string, salt string) string {
|
||||
return password
|
||||
}
|
||||
|
||||
func (cm *PlainCredManager) IsPasswordCorrect(plainPwd string, hashedPwd string, userSalt string, organizationSalt string) bool {
|
||||
func (cm *PlainCredManager) IsPasswordCorrect(plainPwd string, hashedPwd string, salt string) bool {
|
||||
return hashedPwd == plainPwd
|
||||
}
|
||||
|
||||
@ -37,14 +37,10 @@ func NewSha256SaltCredManager() *Sha256SaltCredManager {
|
||||
return cm
|
||||
}
|
||||
|
||||
func (cm *Sha256SaltCredManager) GetHashedPassword(password string, userSalt string, organizationSalt string) string {
|
||||
res := getSha256HexDigest(password)
|
||||
if organizationSalt != "" {
|
||||
res = getSha256HexDigest(res + organizationSalt)
|
||||
}
|
||||
return res
|
||||
func (cm *Sha256SaltCredManager) GetHashedPassword(password string, salt string) string {
|
||||
return getSha256HexDigest(getSha256HexDigest(password) + salt)
|
||||
}
|
||||
|
||||
func (cm *Sha256SaltCredManager) IsPasswordCorrect(plainPwd string, hashedPwd string, userSalt string, organizationSalt string) bool {
|
||||
return hashedPwd == cm.GetHashedPassword(plainPwd, userSalt, organizationSalt)
|
||||
func (cm *Sha256SaltCredManager) IsPasswordCorrect(plainPwd string, hashedPwd string, salt string) bool {
|
||||
return hashedPwd == cm.GetHashedPassword(plainPwd, salt)
|
||||
}
|
||||
|
||||
@ -23,12 +23,12 @@ func TestGetSaltedPassword(t *testing.T) {
|
||||
password := "123456"
|
||||
salt := "123"
|
||||
cm := NewSha256SaltCredManager()
|
||||
fmt.Printf("%s -> %s\n", password, cm.GetHashedPassword(password, "", salt))
|
||||
fmt.Printf("%s -> %s\n", password, cm.GetHashedPassword(password, salt))
|
||||
}
|
||||
|
||||
func TestGetPassword(t *testing.T) {
|
||||
password := "123456"
|
||||
cm := NewSha256SaltCredManager()
|
||||
// https://passwordsgenerator.net/sha256-hash-generator/
|
||||
fmt.Printf("%s -> %s\n", "8d969eef6ecad3c29a3a629280e686cf0c3f5d5a86aff3ca12020c923adc6c92", cm.GetHashedPassword(password, "", ""))
|
||||
fmt.Printf("%s -> %s\n", "8d969eef6ecad3c29a3a629280e686cf0c3f5d5a86aff3ca12020c923adc6c92", cm.GetHashedPassword(password, ""))
|
||||
}
|
||||
|
||||
@ -37,14 +37,10 @@ func NewSha512SaltCredManager() *Sha512SaltCredManager {
|
||||
return cm
|
||||
}
|
||||
|
||||
func (cm *Sha512SaltCredManager) GetHashedPassword(password string, userSalt string, organizationSalt string) string {
|
||||
res := getSha512HexDigest(password)
|
||||
if organizationSalt != "" {
|
||||
res = getSha512HexDigest(res + organizationSalt)
|
||||
}
|
||||
return res
|
||||
func (cm *Sha512SaltCredManager) GetHashedPassword(password string, salt string) string {
|
||||
return getSha512HexDigest(getSha512HexDigest(password) + salt)
|
||||
}
|
||||
|
||||
func (cm *Sha512SaltCredManager) IsPasswordCorrect(plainPwd string, hashedPwd string, userSalt string, organizationSalt string) bool {
|
||||
return hashedPwd == cm.GetHashedPassword(plainPwd, userSalt, organizationSalt)
|
||||
func (cm *Sha512SaltCredManager) IsPasswordCorrect(plainPwd string, hashedPwd string, salt string) bool {
|
||||
return hashedPwd == cm.GetHashedPassword(plainPwd, salt)
|
||||
}
|
||||
|
||||
@ -190,7 +190,7 @@ func (idp *DouyinIdProvider) GetUserInfo(token *oauth2.Token) (*UserInfo, error)
|
||||
|
||||
userInfo := UserInfo{
|
||||
Id: douyinUserInfo.Data.OpenId,
|
||||
Username: douyinUserInfo.Data.Nickname,
|
||||
Username: douyinUserInfo.Data.OpenId,
|
||||
DisplayName: douyinUserInfo.Data.Nickname,
|
||||
AvatarUrl: douyinUserInfo.Data.Avatar,
|
||||
}
|
||||
|
||||
@ -252,12 +252,12 @@ func CheckPassword(user *User, password string, lang string, options ...bool) er
|
||||
credManager := cred.GetCredManager(passwordType)
|
||||
if credManager != nil {
|
||||
if organization.MasterPassword != "" {
|
||||
if password == organization.MasterPassword || credManager.IsPasswordCorrect(password, organization.MasterPassword, "", organization.PasswordSalt) {
|
||||
if password == organization.MasterPassword || credManager.IsPasswordCorrect(password, organization.MasterPassword, organization.PasswordSalt) {
|
||||
return resetUserSigninErrorTimes(user)
|
||||
}
|
||||
}
|
||||
|
||||
if credManager.IsPasswordCorrect(password, user.Password, user.PasswordSalt, organization.PasswordSalt) {
|
||||
if credManager.IsPasswordCorrect(password, user.Password, organization.PasswordSalt) || credManager.IsPasswordCorrect(password, user.Password, user.PasswordSalt) {
|
||||
return resetUserSigninErrorTimes(user)
|
||||
}
|
||||
|
||||
@ -593,32 +593,42 @@ func CheckUpdateUser(oldUser, user *User, lang string) string {
|
||||
return ""
|
||||
}
|
||||
|
||||
func CheckToEnableCaptcha(application *Application, organization, username string) (bool, error) {
|
||||
func CheckToEnableCaptcha(application *Application, organization, username string, clientIp string) (bool, error) {
|
||||
if len(application.Providers) == 0 {
|
||||
return false, nil
|
||||
}
|
||||
|
||||
for _, providerItem := range application.Providers {
|
||||
if providerItem.Provider == nil {
|
||||
if providerItem.Provider == nil || providerItem.Provider.Category != "Captcha" {
|
||||
continue
|
||||
}
|
||||
if providerItem.Provider.Category == "Captcha" {
|
||||
|
||||
if providerItem.Rule == "Internet-Only" {
|
||||
if util.IsInternetIp(clientIp) {
|
||||
return true, nil
|
||||
}
|
||||
}
|
||||
|
||||
if providerItem.Rule == "Dynamic" {
|
||||
user, err := GetUserByFields(organization, username)
|
||||
if err != nil {
|
||||
return false, err
|
||||
}
|
||||
|
||||
failedSigninLimit := application.FailedSigninLimit
|
||||
if failedSigninLimit == 0 {
|
||||
failedSigninLimit = DefaultFailedSigninLimit
|
||||
if user != nil {
|
||||
failedSigninLimit, _, err := GetFailedSigninConfigByUser(user)
|
||||
if err != nil {
|
||||
return false, err
|
||||
}
|
||||
|
||||
return user != nil && user.SigninWrongTimes >= failedSigninLimit, nil
|
||||
return user.SigninWrongTimes >= failedSigninLimit, nil
|
||||
}
|
||||
|
||||
return false, nil
|
||||
}
|
||||
|
||||
return providerItem.Rule == "Always", nil
|
||||
}
|
||||
}
|
||||
|
||||
return false, nil
|
||||
}
|
||||
|
||||
@ -20,6 +20,7 @@ package object
|
||||
import "testing"
|
||||
|
||||
func TestDumpToFile(t *testing.T) {
|
||||
createDatabase = false
|
||||
InitConfig()
|
||||
|
||||
err := DumpToFile("./init_data_dump.json")
|
||||
|
||||
@ -222,7 +222,7 @@ func UpdateOrganization(id string, organization *Organization, isGlobalAdmin boo
|
||||
if organization.MasterPassword != "" && organization.MasterPassword != "***" {
|
||||
credManager := cred.GetCredManager(organization.PasswordType)
|
||||
if credManager != nil {
|
||||
hashedPassword := credManager.GetHashedPassword(organization.MasterPassword, "", organization.PasswordSalt)
|
||||
hashedPassword := credManager.GetHashedPassword(organization.MasterPassword, organization.PasswordSalt)
|
||||
organization.MasterPassword = hashedPassword
|
||||
}
|
||||
}
|
||||
@ -536,7 +536,13 @@ func IsNeedPromptMfa(org *Organization, user *User) bool {
|
||||
if org == nil || user == nil {
|
||||
return false
|
||||
}
|
||||
for _, item := range org.MfaItems {
|
||||
|
||||
mfaItems := org.MfaItems
|
||||
|
||||
if len(user.MfaItems) > 0 {
|
||||
mfaItems = user.MfaItems
|
||||
}
|
||||
for _, item := range mfaItems {
|
||||
if item.Rule == "Required" {
|
||||
if item.Name == EmailType && !user.MfaEmailEnabled {
|
||||
return true
|
||||
|
||||
@ -212,6 +212,7 @@ type User struct {
|
||||
|
||||
ManagedAccounts []ManagedAccount `xorm:"managedAccounts blob" json:"managedAccounts"`
|
||||
MfaAccounts []MfaAccount `xorm:"mfaAccounts blob" json:"mfaAccounts"`
|
||||
MfaItems []*MfaItem `xorm:"varchar(300)" json:"mfaItems"`
|
||||
NeedUpdatePassword bool `json:"needUpdatePassword"`
|
||||
IpWhitelist string `xorm:"varchar(200)" json:"ipWhitelist"`
|
||||
}
|
||||
@ -795,7 +796,7 @@ func UpdateUser(id string, user *User, columns []string, isAdmin bool) (bool, er
|
||||
}
|
||||
}
|
||||
if isAdmin {
|
||||
columns = append(columns, "name", "id", "email", "phone", "country_code", "type", "balance")
|
||||
columns = append(columns, "name", "id", "email", "phone", "country_code", "type", "balance", "mfa_items")
|
||||
}
|
||||
|
||||
columns = append(columns, "updated_time")
|
||||
|
||||
@ -42,8 +42,9 @@ func (user *User) UpdateUserHash() error {
|
||||
func (user *User) UpdateUserPassword(organization *Organization) {
|
||||
credManager := cred.GetCredManager(organization.PasswordType)
|
||||
if credManager != nil {
|
||||
hashedPassword := credManager.GetHashedPassword(user.Password, user.PasswordSalt, organization.PasswordSalt)
|
||||
hashedPassword := credManager.GetHashedPassword(user.Password, organization.PasswordSalt)
|
||||
user.Password = hashedPassword
|
||||
user.PasswordType = organization.PasswordType
|
||||
user.PasswordSalt = organization.PasswordSalt
|
||||
}
|
||||
}
|
||||
|
||||
@ -185,17 +185,3 @@ func removePort(s string) string {
|
||||
}
|
||||
return ipStr
|
||||
}
|
||||
|
||||
func isHostIntranet(s string) bool {
|
||||
ipStr, _, err := net.SplitHostPort(s)
|
||||
if err != nil {
|
||||
ipStr = s
|
||||
}
|
||||
|
||||
ip := net.ParseIP(ipStr)
|
||||
if ip == nil {
|
||||
return false
|
||||
}
|
||||
|
||||
return ip.IsPrivate() || ip.IsLoopback() || ip.IsLinkLocalUnicast() || ip.IsLinkLocalMulticast()
|
||||
}
|
||||
|
||||
@ -83,7 +83,7 @@ func CorsFilter(ctx *context.Context) {
|
||||
setCorsHeaders(ctx, origin)
|
||||
} else if originHostname == host {
|
||||
setCorsHeaders(ctx, origin)
|
||||
} else if isHostIntranet(host) {
|
||||
} else if util.IsHostIntranet(host) {
|
||||
setCorsHeaders(ctx, origin)
|
||||
} else {
|
||||
ok, err := object.IsOriginAllowed(origin)
|
||||
|
||||
47
util/network.go
Normal file
47
util/network.go
Normal file
@ -0,0 +1,47 @@
|
||||
// Copyright 2025 The Casdoor Authors. All Rights Reserved.
|
||||
//
|
||||
// Licensed under the Apache License, Version 2.0 (the "License");
|
||||
// you may not use this file except in compliance with the License.
|
||||
// You may obtain a copy of the License at
|
||||
//
|
||||
// http://www.apache.org/licenses/LICENSE-2.0
|
||||
//
|
||||
// Unless required by applicable law or agreed to in writing, software
|
||||
// distributed under the License is distributed on an "AS IS" BASIS,
|
||||
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
// See the License for the specific language governing permissions and
|
||||
// limitations under the License.
|
||||
|
||||
package util
|
||||
|
||||
import (
|
||||
"net"
|
||||
)
|
||||
|
||||
func IsInternetIp(ip string) bool {
|
||||
ipStr, _, err := net.SplitHostPort(ip)
|
||||
if err != nil {
|
||||
ipStr = ip
|
||||
}
|
||||
|
||||
parsedIP := net.ParseIP(ipStr)
|
||||
if parsedIP == nil {
|
||||
return false
|
||||
}
|
||||
|
||||
return !parsedIP.IsPrivate() && !parsedIP.IsLoopback() && !parsedIP.IsMulticast() && !parsedIP.IsUnspecified()
|
||||
}
|
||||
|
||||
func IsHostIntranet(ip string) bool {
|
||||
ipStr, _, err := net.SplitHostPort(ip)
|
||||
if err != nil {
|
||||
ipStr = ip
|
||||
}
|
||||
|
||||
parsedIP := net.ParseIP(ipStr)
|
||||
if parsedIP == nil {
|
||||
return false
|
||||
}
|
||||
|
||||
return parsedIP.IsPrivate() || parsedIP.IsLoopback() || parsedIP.IsLinkLocalUnicast() || parsedIP.IsLinkLocalMulticast()
|
||||
}
|
||||
@ -696,18 +696,27 @@ export const MfaRulePrompted = "Prompted";
|
||||
export const MfaRuleOptional = "Optional";
|
||||
|
||||
export function isRequiredEnableMfa(user, organization) {
|
||||
if (!user || !organization || !organization.mfaItems) {
|
||||
if (!user || !organization || (!organization.mfaItems && !user.mfaItems)) {
|
||||
return false;
|
||||
}
|
||||
return getMfaItemsByRules(user, organization, [MfaRuleRequired]).length > 0;
|
||||
}
|
||||
|
||||
export function getMfaItemsByRules(user, organization, mfaRules = []) {
|
||||
if (!user || !organization || !organization.mfaItems) {
|
||||
if (!user || !organization || (!organization.mfaItems && !user.mfaItems)) {
|
||||
return [];
|
||||
}
|
||||
|
||||
return organization.mfaItems.filter((mfaItem) => mfaRules.includes(mfaItem.rule))
|
||||
let mfaItems = organization.mfaItems;
|
||||
if (user.mfaItems && user.mfaItems.length !== 0) {
|
||||
mfaItems = user.mfaItems;
|
||||
}
|
||||
|
||||
if (mfaItems === null) {
|
||||
return [];
|
||||
}
|
||||
|
||||
return mfaItems.filter((mfaItem) => mfaRules.includes(mfaItem.rule))
|
||||
.filter((mfaItem) => user.multiFactorAuths.some((mfa) => mfa.mfaType === mfaItem.name && !mfa.enabled));
|
||||
}
|
||||
|
||||
|
||||
@ -42,6 +42,7 @@ import * as MfaBackend from "./backend/MfaBackend";
|
||||
import AccountAvatar from "./account/AccountAvatar";
|
||||
import FaceIdTable from "./table/FaceIdTable";
|
||||
import MfaAccountTable from "./table/MfaAccountTable";
|
||||
import MfaTable from "./table/MfaTable";
|
||||
|
||||
const {Option} = Select;
|
||||
|
||||
@ -926,6 +927,19 @@ class UserEditPage extends React.Component {
|
||||
</Col>
|
||||
</Row>
|
||||
);
|
||||
} else if (accountItem.name === "MFA items") {
|
||||
return (<Row style={{marginTop: "20px"}} >
|
||||
<Col style={{marginTop: "5px"}} span={(Setting.isMobile()) ? 22 : 2}>
|
||||
{Setting.getLabel(i18next.t("general:MFA items"), i18next.t("general:MFA items - Tooltip"))} :
|
||||
</Col>
|
||||
<Col span={22} >
|
||||
<MfaTable
|
||||
title={i18next.t("general:MFA items")}
|
||||
table={this.state.user.mfaItems ?? []}
|
||||
onUpdateTable={(value) => {this.updateUserField("mfaItems", value);}}
|
||||
/>
|
||||
</Col>
|
||||
</Row>);
|
||||
} else if (accountItem.name === "Multi-factor authentication") {
|
||||
return (
|
||||
!this.isSelfOrAdmin() ? null : (
|
||||
|
||||
@ -163,7 +163,7 @@ export function getWechatQRCode(providerId) {
|
||||
}
|
||||
|
||||
export function getCaptchaStatus(values) {
|
||||
return fetch(`${Setting.ServerUrl}/api/get-captcha-status?organization=${values["organization"]}&userId=${values["username"]}`, {
|
||||
return fetch(`${Setting.ServerUrl}/api/get-captcha-status?organization=${values["organization"]}&userId=${values["username"]}&application=${values["application"]}`, {
|
||||
method: "GET",
|
||||
credentials: "include",
|
||||
headers: {
|
||||
|
||||
@ -166,7 +166,7 @@ class AuthCallback extends React.Component {
|
||||
const responseType = this.getResponseType();
|
||||
const handleLogin = (res) => {
|
||||
if (responseType === "login") {
|
||||
if (res.data2) {
|
||||
if (res.data3) {
|
||||
sessionStorage.setItem("signinUrl", signinUrl);
|
||||
Setting.goToLinkSoft(this, `/forget/${applicationName}`);
|
||||
return;
|
||||
@ -176,7 +176,7 @@ class AuthCallback extends React.Component {
|
||||
const link = Setting.getFromLink();
|
||||
Setting.goToLink(link);
|
||||
} else if (responseType === "code") {
|
||||
if (res.data2) {
|
||||
if (res.data3) {
|
||||
sessionStorage.setItem("signinUrl", signinUrl);
|
||||
Setting.goToLinkSoft(this, `/forget/${applicationName}`);
|
||||
return;
|
||||
@ -185,7 +185,7 @@ class AuthCallback extends React.Component {
|
||||
Setting.goToLink(`${oAuthParams.redirectUri}${concatChar}code=${code}&state=${oAuthParams.state}`);
|
||||
// Setting.showMessage("success", `Authorization code: ${res.data}`);
|
||||
} else if (responseType === "token" || responseType === "id_token") {
|
||||
if (res.data2) {
|
||||
if (res.data3) {
|
||||
sessionStorage.setItem("signinUrl", signinUrl);
|
||||
Setting.goToLinkSoft(this, `/forget/${applicationName}`);
|
||||
return;
|
||||
@ -207,7 +207,7 @@ class AuthCallback extends React.Component {
|
||||
relayState: oAuthParams.relayState,
|
||||
});
|
||||
} else {
|
||||
if (res.data2.needUpdatePassword) {
|
||||
if (res.data3) {
|
||||
sessionStorage.setItem("signinUrl", signinUrl);
|
||||
Setting.goToLinkSoft(this, `/forget/${applicationName}`);
|
||||
return;
|
||||
|
||||
@ -13,7 +13,7 @@
|
||||
// limitations under the License.
|
||||
|
||||
import React from "react";
|
||||
import {Button, Col, Form, Input, Row, Select, Steps} from "antd";
|
||||
import {Button, Col, Form, Input, Popover, Row, Select, Steps} from "antd";
|
||||
import * as AuthBackend from "./AuthBackend";
|
||||
import * as ApplicationBackend from "../backend/ApplicationBackend";
|
||||
import * as Util from "./Util";
|
||||
@ -385,6 +385,7 @@ class ForgetPage extends React.Component {
|
||||
},
|
||||
]}
|
||||
/>
|
||||
<Popover placement="right" content={this.state.passwordPopover} open={this.state.passwordPopoverOpen}>
|
||||
<Form.Item
|
||||
name="newPassword"
|
||||
hidden={this.state.current !== 2}
|
||||
@ -407,8 +408,25 @@ class ForgetPage extends React.Component {
|
||||
<Input.Password
|
||||
prefix={<LockOutlined />}
|
||||
placeholder={i18next.t("general:Password")}
|
||||
onChange={(e) => {
|
||||
this.setState({
|
||||
passwordPopover: PasswordChecker.renderPasswordPopover(application.organizationObj.passwordOptions, e.target.value),
|
||||
});
|
||||
}}
|
||||
onFocus={() => {
|
||||
this.setState({
|
||||
passwordPopoverOpen: true,
|
||||
passwordPopover: PasswordChecker.renderPasswordPopover(application.organizationObj.passwordOptions, this.form.current?.getFieldValue("newPassword") ?? ""),
|
||||
});
|
||||
}}
|
||||
onBlur={() => {
|
||||
this.setState({
|
||||
passwordPopoverOpen: false,
|
||||
});
|
||||
}}
|
||||
/>
|
||||
</Form.Item>
|
||||
</Popover>
|
||||
<Form.Item
|
||||
name="confirm"
|
||||
dependencies={["newPassword"]}
|
||||
|
||||
@ -134,6 +134,8 @@ class LoginPage extends React.Component {
|
||||
return CaptchaRule.Always;
|
||||
} else if (captchaProviderItems.some(providerItem => providerItem.rule === "Dynamic")) {
|
||||
return CaptchaRule.Dynamic;
|
||||
} else if (captchaProviderItems.some(providerItem => providerItem.rule === "Internet-Only")) {
|
||||
return CaptchaRule.InternetOnly;
|
||||
} else {
|
||||
return CaptchaRule.Never;
|
||||
}
|
||||
@ -443,6 +445,9 @@ class LoginPage extends React.Component {
|
||||
} else if (captchaRule === CaptchaRule.Dynamic) {
|
||||
this.checkCaptchaStatus(values);
|
||||
return;
|
||||
} else if (captchaRule === CaptchaRule.InternetOnly) {
|
||||
this.checkCaptchaStatus(values);
|
||||
return;
|
||||
}
|
||||
}
|
||||
this.login(values);
|
||||
@ -491,9 +496,9 @@ class LoginPage extends React.Component {
|
||||
const responseType = values["type"];
|
||||
|
||||
if (responseType === "login") {
|
||||
if (res.data2) {
|
||||
if (res.data3) {
|
||||
sessionStorage.setItem("signinUrl", window.location.pathname + window.location.search);
|
||||
Setting.goToLink(this, `/forget/${this.state.applicationName}`);
|
||||
Setting.goToLinkSoft(this, `/forget/${this.state.applicationName}`);
|
||||
}
|
||||
Setting.showMessage("success", i18next.t("application:Logged in successfully"));
|
||||
this.props.onLoginSuccess();
|
||||
@ -505,9 +510,9 @@ class LoginPage extends React.Component {
|
||||
userCodeStatus: "success",
|
||||
});
|
||||
} else if (responseType === "token" || responseType === "id_token") {
|
||||
if (res.data2) {
|
||||
if (res.data3) {
|
||||
sessionStorage.setItem("signinUrl", window.location.pathname + window.location.search);
|
||||
Setting.goToLink(this, `/forget/${this.state.applicationName}`);
|
||||
Setting.goToLinkSoft(this, `/forget/${this.state.applicationName}`);
|
||||
}
|
||||
const amendatoryResponseType = responseType === "token" ? "access_token" : responseType;
|
||||
const accessToken = res.data;
|
||||
@ -517,9 +522,9 @@ class LoginPage extends React.Component {
|
||||
this.props.onLoginSuccess(window.location.href);
|
||||
return;
|
||||
}
|
||||
if (res.data2.needUpdatePassword) {
|
||||
if (res.data3) {
|
||||
sessionStorage.setItem("signinUrl", window.location.pathname + window.location.search);
|
||||
Setting.goToLink(this, `/forget/${this.state.applicationName}`);
|
||||
Setting.goToLinkSoft(this, `/forget/${this.state.applicationName}`);
|
||||
}
|
||||
if (res.data2.method === "POST") {
|
||||
this.setState({
|
||||
@ -961,9 +966,23 @@ class LoginPage extends React.Component {
|
||||
const captchaProviderItems = this.getCaptchaProviderItems(application);
|
||||
const alwaysProviderItems = captchaProviderItems.filter(providerItem => providerItem.rule === "Always");
|
||||
const dynamicProviderItems = captchaProviderItems.filter(providerItem => providerItem.rule === "Dynamic");
|
||||
const provider = alwaysProviderItems.length > 0
|
||||
? alwaysProviderItems[0].provider
|
||||
: dynamicProviderItems[0].provider;
|
||||
const internetOnlyProviderItems = captchaProviderItems.filter(providerItem => providerItem.rule === "Internet-Only");
|
||||
|
||||
// Select provider based on the active captcha rule, not fixed priority
|
||||
const captchaRule = this.getCaptchaRule(this.getApplicationObj());
|
||||
let provider = null;
|
||||
|
||||
if (captchaRule === CaptchaRule.Always && alwaysProviderItems.length > 0) {
|
||||
provider = alwaysProviderItems[0].provider;
|
||||
} else if (captchaRule === CaptchaRule.Dynamic && dynamicProviderItems.length > 0) {
|
||||
provider = dynamicProviderItems[0].provider;
|
||||
} else if (captchaRule === CaptchaRule.InternetOnly && internetOnlyProviderItems.length > 0) {
|
||||
provider = internetOnlyProviderItems[0].provider;
|
||||
}
|
||||
|
||||
if (!provider) {
|
||||
return null;
|
||||
}
|
||||
|
||||
return <CaptchaModal
|
||||
owner={provider.owner}
|
||||
|
||||
@ -13,7 +13,7 @@
|
||||
// limitations under the License.
|
||||
|
||||
import React from "react";
|
||||
import {Button, Form, Input, Radio, Result, Row, Select, message} from "antd";
|
||||
import {Button, Form, Input, Popover, Radio, Result, Row, Select, message} from "antd";
|
||||
import * as Setting from "../Setting";
|
||||
import * as AuthBackend from "./AuthBackend";
|
||||
import * as ProviderButton from "./ProviderButton";
|
||||
@ -607,6 +607,7 @@ class SignupPage extends React.Component {
|
||||
}
|
||||
} else if (signupItem.name === "Password") {
|
||||
return (
|
||||
<Popover placement="right" content={this.state.passwordPopover} open={this.state.passwordPopoverOpen}>
|
||||
<Form.Item
|
||||
name="password"
|
||||
className="signup-password"
|
||||
@ -627,8 +628,24 @@ class SignupPage extends React.Component {
|
||||
]}
|
||||
hasFeedback
|
||||
>
|
||||
<Input.Password className="signup-password-input" placeholder={signupItem.placeholder} />
|
||||
<Input.Password className="signup-password-input" placeholder={signupItem.placeholder} onChange={(e) => {
|
||||
this.setState({
|
||||
passwordPopover: PasswordChecker.renderPasswordPopover(application.organizationObj.passwordOptions, e.target.value),
|
||||
});
|
||||
}}
|
||||
onFocus={() => {
|
||||
this.setState({
|
||||
passwordPopoverOpen: true,
|
||||
passwordPopover: PasswordChecker.renderPasswordPopover(application.organizationObj.passwordOptions, this.form.current?.getFieldValue("password") ?? ""),
|
||||
});
|
||||
}}
|
||||
onBlur={() => {
|
||||
this.setState({
|
||||
passwordPopoverOpen: false,
|
||||
});
|
||||
}} />
|
||||
</Form.Item>
|
||||
</Popover>
|
||||
);
|
||||
} else if (signupItem.name === "Confirm password") {
|
||||
return (
|
||||
|
||||
@ -1,4 +1,4 @@
|
||||
import {CopyOutlined, UserOutlined} from "@ant-design/icons";
|
||||
import {CopyOutlined} from "@ant-design/icons";
|
||||
import {Button, Col, Form, Input, QRCode, Space} from "antd";
|
||||
import copy from "copy-to-clipboard";
|
||||
import i18next from "i18next";
|
||||
@ -47,11 +47,11 @@ export const MfaVerifyTotpForm = ({mfaProps, onFinish}) => {
|
||||
name="passcode"
|
||||
rules={[{required: true, message: "Please input your passcode"}]}
|
||||
>
|
||||
<Input
|
||||
<Input.OTP
|
||||
style={{marginTop: 24}}
|
||||
prefix={<UserOutlined />}
|
||||
placeholder={i18next.t("mfa:Passcode")}
|
||||
autoComplete="off"
|
||||
onChange={() => {
|
||||
form.submit();
|
||||
}}
|
||||
/>
|
||||
</Form.Item>
|
||||
<Form.Item>
|
||||
|
||||
@ -13,6 +13,8 @@
|
||||
// limitations under the License.
|
||||
|
||||
import i18next from "i18next";
|
||||
import React from "react";
|
||||
import {CheckCircleTwoTone, CloseCircleTwoTone} from "@ant-design/icons";
|
||||
|
||||
function isValidOption_AtLeast6(password) {
|
||||
if (password.length < 6) {
|
||||
@ -52,6 +54,33 @@ function isValidOption_NoRepeat(password) {
|
||||
return "";
|
||||
}
|
||||
|
||||
const checkers = {
|
||||
AtLeast6: isValidOption_AtLeast6,
|
||||
AtLeast8: isValidOption_AtLeast8,
|
||||
Aa123: isValidOption_Aa123,
|
||||
SpecialChar: isValidOption_SpecialChar,
|
||||
NoRepeat: isValidOption_NoRepeat,
|
||||
};
|
||||
|
||||
function getOptionDescription(option, password) {
|
||||
switch (option) {
|
||||
case "AtLeast6": return i18next.t("user:The password must have at least 6 characters");
|
||||
case "AtLeast8": return i18next.t("user:The password must have at least 8 characters");
|
||||
case "Aa123": return i18next.t("user:The password must contain at least one uppercase letter, one lowercase letter and one digit");
|
||||
case "SpecialChar": return i18next.t("user:The password must contain at least one special character");
|
||||
case "NoRepeat": return i18next.t("user:The password must not contain any repeated characters");
|
||||
}
|
||||
}
|
||||
|
||||
export function renderPasswordPopover(options, password) {
|
||||
return <div style={{width: 240}} >
|
||||
{options.map((option, idx) => {
|
||||
return <div key={idx}>{checkers[option](password) === "" ? <CheckCircleTwoTone twoToneColor={"#52c41a"} /> :
|
||||
<CloseCircleTwoTone twoToneColor={"#ff4d4f"} />} {getOptionDescription(option, password)}</div>;
|
||||
})}
|
||||
</div>;
|
||||
}
|
||||
|
||||
export function checkPasswordComplexity(password, options) {
|
||||
if (password.length === 0) {
|
||||
return i18next.t("login:Please input your password!");
|
||||
@ -61,14 +90,6 @@ export function checkPasswordComplexity(password, options) {
|
||||
return "";
|
||||
}
|
||||
|
||||
const checkers = {
|
||||
AtLeast6: isValidOption_AtLeast6,
|
||||
AtLeast8: isValidOption_AtLeast8,
|
||||
Aa123: isValidOption_Aa123,
|
||||
SpecialChar: isValidOption_SpecialChar,
|
||||
NoRepeat: isValidOption_NoRepeat,
|
||||
};
|
||||
|
||||
for (const option of options) {
|
||||
const checkerFunc = checkers[option];
|
||||
if (checkerFunc) {
|
||||
|
||||
@ -181,4 +181,5 @@ export const CaptchaRule = {
|
||||
Always: "Always",
|
||||
Never: "Never",
|
||||
Dynamic: "Dynamic",
|
||||
InternetOnly: "Internet-Only",
|
||||
};
|
||||
|
||||
@ -12,7 +12,7 @@
|
||||
// See the License for the specific language governing permissions and
|
||||
// limitations under the License.
|
||||
|
||||
import {Button, Col, Input, Modal, Row} from "antd";
|
||||
import {Button, Col, Input, Modal, Popover, Row} from "antd";
|
||||
import i18next from "i18next";
|
||||
import React from "react";
|
||||
import * as UserBackend from "../../backend/UserBackend";
|
||||
@ -35,6 +35,8 @@ export const PasswordModal = (props) => {
|
||||
const [rePasswordValid, setRePasswordValid] = React.useState(false);
|
||||
const [newPasswordErrorMessage, setNewPasswordErrorMessage] = React.useState("");
|
||||
const [rePasswordErrorMessage, setRePasswordErrorMessage] = React.useState("");
|
||||
const [passwordPopoverOpen, setPasswordPopoverOpen] = React.useState(false);
|
||||
const [passwordPopover, setPasswordPopover] = React.useState();
|
||||
|
||||
React.useEffect(() => {
|
||||
if (organization) {
|
||||
@ -130,12 +132,26 @@ export const PasswordModal = (props) => {
|
||||
</Row>
|
||||
) : null}
|
||||
<Row style={{width: "100%", marginBottom: "20px"}}>
|
||||
<Popover placement="right" content={passwordPopover} open={passwordPopoverOpen}>
|
||||
<Input.Password
|
||||
addonBefore={i18next.t("user:New Password")}
|
||||
placeholder={i18next.t("user:input password")}
|
||||
onChange={(e) => {handleNewPassword(e.target.value);}}
|
||||
onChange={(e) => {
|
||||
handleNewPassword(e.target.value);
|
||||
setPasswordPopoverOpen(true);
|
||||
setPasswordPopover(PasswordChecker.renderPasswordPopover(passwordOptions, e.target.value));
|
||||
|
||||
}}
|
||||
onFocus={() => {
|
||||
setPasswordPopoverOpen(true);
|
||||
setPasswordPopover(PasswordChecker.renderPasswordPopover(passwordOptions, newPassword));
|
||||
}}
|
||||
onBlur={() => {
|
||||
setPasswordPopoverOpen(false);
|
||||
}}
|
||||
status={(!newPasswordValid && newPasswordErrorMessage) ? "error" : undefined}
|
||||
/>
|
||||
</Popover>
|
||||
</Row>
|
||||
{!newPasswordValid && newPasswordErrorMessage && <div style={{color: "red", marginTop: "-20px"}}>{newPasswordErrorMessage}</div>}
|
||||
<Row style={{width: "100%", marginBottom: "20px"}}>
|
||||
|
||||
@ -76,6 +76,7 @@
|
||||
"Header HTML - Tooltip": "Custom the head tag of your application entry page",
|
||||
"Incremental": "Incremental",
|
||||
"Input": "Input",
|
||||
"Internet-Only": "Internet-Only",
|
||||
"Invalid characters in application name": "Invalid characters in application name",
|
||||
"Invitation code": "Invitation code",
|
||||
"Left": "Left",
|
||||
|
||||
@ -76,6 +76,7 @@
|
||||
"Header HTML - Tooltip": "Přizpůsobit hlavičku vstupní stránky vaší aplikace",
|
||||
"Incremental": "Inkrementální",
|
||||
"Input": "Vstup",
|
||||
"Internet-Only": "Internet-Only",
|
||||
"Invalid characters in application name": "Invalid characters in application name",
|
||||
"Invitation code": "Kód pozvánky",
|
||||
"Left": "Vlevo",
|
||||
|
||||
@ -76,6 +76,7 @@
|
||||
"Header HTML - Tooltip": "Custom the head tag of your application entry page",
|
||||
"Incremental": "Incremental",
|
||||
"Input": "Input",
|
||||
"Internet-Only": "Internet-Only",
|
||||
"Invalid characters in application name": "Invalid characters in application name",
|
||||
"Invitation code": "Invitation code",
|
||||
"Left": "Links",
|
||||
|
||||
@ -76,6 +76,7 @@
|
||||
"Header HTML - Tooltip": "Custom the head tag of your application entry page",
|
||||
"Incremental": "Incremental",
|
||||
"Input": "Input",
|
||||
"Internet-Only": "Internet-Only",
|
||||
"Invalid characters in application name": "Invalid characters in application name",
|
||||
"Invitation code": "Invitation code",
|
||||
"Left": "Left",
|
||||
|
||||
@ -76,6 +76,7 @@
|
||||
"Header HTML - Tooltip": "Custom the head tag of your application entry page",
|
||||
"Incremental": "Incremental",
|
||||
"Input": "Input",
|
||||
"Internet-Only": "Internet-Only",
|
||||
"Invalid characters in application name": "Invalid characters in application name",
|
||||
"Invitation code": "Invitation code",
|
||||
"Left": "Izquierda",
|
||||
|
||||
@ -76,6 +76,7 @@
|
||||
"Header HTML - Tooltip": "کد head صفحه ورود برنامه خود را سفارشی کنید",
|
||||
"Incremental": "افزایشی",
|
||||
"Input": "ورودی",
|
||||
"Internet-Only": "Internet-Only",
|
||||
"Invalid characters in application name": "Invalid characters in application name",
|
||||
"Invitation code": "کد دعوت",
|
||||
"Left": "چپ",
|
||||
|
||||
@ -76,6 +76,7 @@
|
||||
"Header HTML - Tooltip": "Custom the head tag of your application entry page",
|
||||
"Incremental": "Incremental",
|
||||
"Input": "Input",
|
||||
"Internet-Only": "Internet-Only",
|
||||
"Invalid characters in application name": "Invalid characters in application name",
|
||||
"Invitation code": "Invitation code",
|
||||
"Left": "Left",
|
||||
|
||||
@ -76,6 +76,7 @@
|
||||
"Header HTML - Tooltip": "Custom the head tag of your application entry page",
|
||||
"Incremental": "Incrémentale",
|
||||
"Input": "Saisie",
|
||||
"Internet-Only": "Internet-Only",
|
||||
"Invalid characters in application name": "Invalid characters in application name",
|
||||
"Invitation code": "Code d'invitation",
|
||||
"Left": "Gauche",
|
||||
|
||||
@ -76,6 +76,7 @@
|
||||
"Header HTML - Tooltip": "Custom the head tag of your application entry page",
|
||||
"Incremental": "Incremental",
|
||||
"Input": "Input",
|
||||
"Internet-Only": "Internet-Only",
|
||||
"Invalid characters in application name": "Invalid characters in application name",
|
||||
"Invitation code": "Invitation code",
|
||||
"Left": "Left",
|
||||
|
||||
@ -76,6 +76,7 @@
|
||||
"Header HTML - Tooltip": "Custom the head tag of your application entry page",
|
||||
"Incremental": "Incremental",
|
||||
"Input": "Input",
|
||||
"Internet-Only": "Internet-Only",
|
||||
"Invalid characters in application name": "Invalid characters in application name",
|
||||
"Invitation code": "Invitation code",
|
||||
"Left": "Kiri",
|
||||
|
||||
@ -76,6 +76,7 @@
|
||||
"Header HTML - Tooltip": "Custom the head tag of your application entry page",
|
||||
"Incremental": "Incremental",
|
||||
"Input": "Input",
|
||||
"Internet-Only": "Internet-Only",
|
||||
"Invalid characters in application name": "Invalid characters in application name",
|
||||
"Invitation code": "Invitation code",
|
||||
"Left": "Left",
|
||||
|
||||
@ -76,6 +76,7 @@
|
||||
"Header HTML - Tooltip": "Custom the head tag of your application entry page",
|
||||
"Incremental": "Incremental",
|
||||
"Input": "Input",
|
||||
"Internet-Only": "Internet-Only",
|
||||
"Invalid characters in application name": "Invalid characters in application name",
|
||||
"Invitation code": "Invitation code",
|
||||
"Left": "左",
|
||||
|
||||
@ -76,6 +76,7 @@
|
||||
"Header HTML - Tooltip": "Custom the head tag of your application entry page",
|
||||
"Incremental": "Incremental",
|
||||
"Input": "Input",
|
||||
"Internet-Only": "Internet-Only",
|
||||
"Invalid characters in application name": "Invalid characters in application name",
|
||||
"Invitation code": "Invitation code",
|
||||
"Left": "Left",
|
||||
|
||||
@ -76,6 +76,7 @@
|
||||
"Header HTML - Tooltip": "Custom the head tag of your application entry page",
|
||||
"Incremental": "Incremental",
|
||||
"Input": "Input",
|
||||
"Internet-Only": "Internet-Only",
|
||||
"Invalid characters in application name": "Invalid characters in application name",
|
||||
"Invitation code": "Invitation code",
|
||||
"Left": "왼쪽",
|
||||
|
||||
@ -76,6 +76,7 @@
|
||||
"Header HTML - Tooltip": "Custom the head tag of your application entry page",
|
||||
"Incremental": "Incremental",
|
||||
"Input": "Input",
|
||||
"Internet-Only": "Internet-Only",
|
||||
"Invalid characters in application name": "Invalid characters in application name",
|
||||
"Invitation code": "Invitation code",
|
||||
"Left": "Left",
|
||||
|
||||
@ -76,6 +76,7 @@
|
||||
"Header HTML - Tooltip": "Custom the head tag of your application entry page",
|
||||
"Incremental": "Incremental",
|
||||
"Input": "Input",
|
||||
"Internet-Only": "Internet-Only",
|
||||
"Invalid characters in application name": "Invalid characters in application name",
|
||||
"Invitation code": "Invitation code",
|
||||
"Left": "Left",
|
||||
|
||||
@ -76,6 +76,7 @@
|
||||
"Header HTML - Tooltip": "Custom the head tag of your application entry page",
|
||||
"Incremental": "Incremental",
|
||||
"Input": "Input",
|
||||
"Internet-Only": "Internet-Only",
|
||||
"Invalid characters in application name": "Invalid characters in application name",
|
||||
"Invitation code": "Invitation code",
|
||||
"Left": "Left",
|
||||
|
||||
@ -76,6 +76,7 @@
|
||||
"Header HTML - Tooltip": "Custom the head tag of your application entry page",
|
||||
"Incremental": "Incremental",
|
||||
"Input": "Input",
|
||||
"Internet-Only": "Internet-Only",
|
||||
"Invalid characters in application name": "Invalid characters in application name",
|
||||
"Invitation code": "Código de convite",
|
||||
"Left": "Esquerda",
|
||||
|
||||
@ -76,6 +76,7 @@
|
||||
"Header HTML - Tooltip": "Custom the head tag of your application entry page",
|
||||
"Incremental": "Последовательный",
|
||||
"Input": "Input",
|
||||
"Internet-Only": "Internet-Only",
|
||||
"Invalid characters in application name": "Invalid characters in application name",
|
||||
"Invitation code": "Код приглашения",
|
||||
"Left": "Левый",
|
||||
|
||||
@ -76,6 +76,7 @@
|
||||
"Header HTML - Tooltip": "Vlastný HTML kód pre hlavičku vašej vstupnej stránky aplikácie",
|
||||
"Incremental": "Postupný",
|
||||
"Input": "Vstup",
|
||||
"Internet-Only": "Internet-Only",
|
||||
"Invalid characters in application name": "Invalid characters in application name",
|
||||
"Invitation code": "Kód pozvania",
|
||||
"Left": "Vľavo",
|
||||
|
||||
@ -76,6 +76,7 @@
|
||||
"Header HTML - Tooltip": "Custom the head tag of your application entry page",
|
||||
"Incremental": "Incremental",
|
||||
"Input": "Input",
|
||||
"Internet-Only": "Internet-Only",
|
||||
"Invalid characters in application name": "Invalid characters in application name",
|
||||
"Invitation code": "Invitation code",
|
||||
"Left": "Left",
|
||||
|
||||
@ -76,6 +76,7 @@
|
||||
"Header HTML - Tooltip": "Custom the head tag of your application entry page",
|
||||
"Incremental": "Incremental",
|
||||
"Input": "Input",
|
||||
"Internet-Only": "Internet-Only",
|
||||
"Invalid characters in application name": "Invalid characters in application name",
|
||||
"Invitation code": "Davet Kodu",
|
||||
"Left": "Sol",
|
||||
|
||||
@ -76,6 +76,7 @@
|
||||
"Header HTML - Tooltip": "Налаштуйте тег head на сторінці входу до програми",
|
||||
"Incremental": "Інкрементний",
|
||||
"Input": "Введення",
|
||||
"Internet-Only": "Internet-Only",
|
||||
"Invalid characters in application name": "Invalid characters in application name",
|
||||
"Invitation code": "Код запрошення",
|
||||
"Left": "Ліворуч",
|
||||
|
||||
@ -76,6 +76,7 @@
|
||||
"Header HTML - Tooltip": "Custom the head tag of your application entry page",
|
||||
"Incremental": "Tăng",
|
||||
"Input": "Input",
|
||||
"Internet-Only": "Internet-Only",
|
||||
"Invalid characters in application name": "Invalid characters in application name",
|
||||
"Invitation code": "Invitation code",
|
||||
"Left": "Trái",
|
||||
|
||||
@ -76,6 +76,7 @@
|
||||
"Header HTML - Tooltip": "自定义应用页面的head标签",
|
||||
"Incremental": "递增",
|
||||
"Input": "输入",
|
||||
"Internet-Only": "外网启用",
|
||||
"Invalid characters in application name": "应用名称内有非法字符",
|
||||
"Invitation code": "邀请码",
|
||||
"Left": "居左",
|
||||
|
||||
@ -110,6 +110,7 @@ class AccountTable extends React.Component {
|
||||
{name: "Managed accounts", label: i18next.t("user:Managed accounts")},
|
||||
{name: "Face ID", label: i18next.t("user:Face ID")},
|
||||
{name: "MFA accounts", label: i18next.t("user:MFA accounts")},
|
||||
{name: "MFA items", label: i18next.t("general:MFA items")},
|
||||
];
|
||||
};
|
||||
|
||||
|
||||
@ -255,6 +255,7 @@ class ProviderTable extends React.Component {
|
||||
<Option key="None" value="None">{i18next.t("general:None")}</Option>
|
||||
<Option key="Dynamic" value="Dynamic">{i18next.t("application:Dynamic")}</Option>
|
||||
<Option key="Always" value="Always">{i18next.t("application:Always")}</Option>
|
||||
<Option key="Internet-Only" value="Internet-Only">{i18next.t("application:Internet-Only")}</Option>
|
||||
</Select>
|
||||
);
|
||||
} else if (record.provider?.category === "SMS" || record.provider?.category === "Email") {
|
||||
|
||||
Reference in New Issue
Block a user