Tools/Notes
1
0
Fork 0
mirror of https://github.com/TriliumNext/Notes.git synced 2025-07-27 18:12:29 +08:00
Code Issues Packages Projects Releases Wiki Activity

feat: 🎸 Disable MFA on electron instance

Browse Source
This commit is contained in:
Jin 2025-03-26 11:04:04 +01:00
parent 0741c8546f
commit 647226858d
3 changed files with 71 additions and 56 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

125
src/public/app/widgets/type_widgets/options/multi_factor_authentication.ts
View File

@ -3,8 +3,9 @@ import toastService from "../../../services/toast.js";
import OptionsWidget from "./options_widget.js"; import OptionsWidget from "./options_widget.js";
import type { OptionMap } from "../../../../../services/options_interface.js"; import type { OptionMap } from "../../../../../services/options_interface.js";
import { t } from "../../../services/i18n.js"; import { t } from "../../../services/i18n.js";
import utils from "../../../services/utils.js";
const TPL = ` const TPL_WEB = `
<div class="options-section"> <div class="options-section">
<h4>${t("multi_factor_authentication.title")}</h4> <h4>${t("multi_factor_authentication.title")}</h4>
<p class="form-text">${t("multi_factor_authentication.description")}</p> <p class="form-text">${t("multi_factor_authentication.description")}</p>
@ -102,6 +103,13 @@ const TPL = `
</div> </div>
`; `;
const TPL_ELECTRON = `
<div class="options-section">
<h4>${t("multi_factor_authentication.title")}</h4>
<p class="form-text">${t("multi_factor_authentication.electron_disabled")}</p>
</div>
`;
interface OAuthStatus { interface OAuthStatus {
enabled: boolean; enabled: boolean;
name?: string; name?: string;
@ -134,37 +142,40 @@ export default class MultiFactorAuthenticationOptions extends OptionsWidget {
private $protectedSessionTimeout!: JQuery<HTMLElement>; private $protectedSessionTimeout!: JQuery<HTMLElement>;
doRender() { doRender() {
this.$widget = $(TPL); const template = utils.isElectron() ? TPL_ELECTRON : TPL_WEB;
this.$widget = $(template);
this.$generateTotpButton = this.$widget.find(".generate-totp"); if (!utils.isElectron()) {
this.$totpEnabled = this.$widget.find(".totp-enabled"); this.$generateTotpButton = this.$widget.find(".generate-totp");
this.$totpSecret = this.$widget.find(".totp-secret"); this.$totpEnabled = this.$widget.find(".totp-enabled");
this.$generateRecoveryCodeButton = this.$widget.find(".generate-recovery-code"); this.$totpSecret = this.$widget.find(".totp-secret");
this.$oAuthEnabledCheckbox = this.$widget.find(".oauth-enabled-checkbox"); this.$generateRecoveryCodeButton = this.$widget.find(".generate-recovery-code");
this.$UserAccountName = this.$widget.find(".user-account-name"); this.$oAuthEnabledCheckbox = this.$widget.find(".oauth-enabled-checkbox");
this.$UserAccountEmail = this.$widget.find(".user-account-email"); this.$UserAccountName = this.$widget.find(".user-account-name");
this.$envEnabledTOTP = this.$widget.find(".env-totp-enabled"); this.$UserAccountEmail = this.$widget.find(".user-account-email");
this.$envEnabledOAuth = this.$widget.find(".env-oauth-enabled"); this.$envEnabledTOTP = this.$widget.find(".env-totp-enabled");
this.$envEnabledOAuth = this.$widget.find(".env-oauth-enabled");
this.$recoveryKeys = []; this.$recoveryKeys = [];
for (let i = 0; i < 8; i++) { for (let i = 0; i < 8; i++) {
this.$recoveryKeys.push(this.$widget.find(".key_" + i)); this.$recoveryKeys.push(this.$widget.find(".key_" + i));
}
this.$generateRecoveryCodeButton.on("click", async () => {
await this.setRecoveryKeys();
});
this.$generateTotpButton.on("click", async () => {
await this.generateKey();
});
this.$protectedSessionTimeout = this.$widget.find(".protected-session-timeout-in-seconds");
this.$protectedSessionTimeout.on("change", () => {
this.updateOption("protectedSessionTimeout", this.$protectedSessionTimeout.val());
});
this.displayRecoveryKeys();
} }
this.$generateRecoveryCodeButton.on("click", async () => {
await this.setRecoveryKeys();
});
this.$generateTotpButton.on("click", async () => {
await this.generateKey();
});
this.$protectedSessionTimeout = this.$widget.find(".protected-session-timeout-in-seconds");
this.$protectedSessionTimeout.on("change", () => {
this.updateOption("protectedSessionTimeout", this.$protectedSessionTimeout.val());
});
this.displayRecoveryKeys();
} }
async setRecoveryKeys() { async setRecoveryKeys() {
@ -231,36 +242,38 @@ export default class MultiFactorAuthenticationOptions extends OptionsWidget {
} }
optionsLoaded(options: OptionMap) { optionsLoaded(options: OptionMap) {
server.get<OAuthStatus>("oauth/status").then((result) => { if (!utils.isElectron()) {
if (result.enabled) { server.get<OAuthStatus>("oauth/status").then((result) => {
this.$oAuthEnabledCheckbox.prop("checked", result.enabled); if (result.enabled) {
if (result.name) this.$UserAccountName.text(result.name); this.$oAuthEnabledCheckbox.prop("checked", result.enabled);
if (result.email) this.$UserAccountEmail.text(result.email); if (result.name) this.$UserAccountName.text(result.name);
if (result.email) this.$UserAccountEmail.text(result.email);
this.$envEnabledOAuth.hide(); this.$envEnabledOAuth.hide();
} else { } else {
this.$envEnabledOAuth.text(t("multi_factor_authentication.oauth_enable_description")); this.$envEnabledOAuth.text(t("multi_factor_authentication.oauth_enable_description"));
this.$envEnabledOAuth.show(); this.$envEnabledOAuth.show();
} }
}); });
server.get<TOTPStatus>("totp/status").then((result) => { server.get<TOTPStatus>("totp/status").then((result) => {
if (result.enabled) { if (result.enabled) {
this.$totpEnabled.prop("checked", result.message); this.$totpEnabled.prop("checked", result.message);
this.$generateTotpButton.prop("disabled", !result.message); this.$generateTotpButton.prop("disabled", !result.message);
this.$generateRecoveryCodeButton.prop("disabled", !result.message); this.$generateRecoveryCodeButton.prop("disabled", !result.message);
this.$envEnabledTOTP.hide(); this.$envEnabledTOTP.hide();
} else { } else {
this.$totpEnabled.prop("checked", false); this.$totpEnabled.prop("checked", false);
this.$totpEnabled.prop("disabled", true); this.$totpEnabled.prop("disabled", true);
this.$generateTotpButton.prop("disabled", true); this.$generateTotpButton.prop("disabled", true);
this.$generateRecoveryCodeButton.prop("disabled", true); this.$generateRecoveryCodeButton.prop("disabled", true);
this.$envEnabledTOTP.text(t("multi_factor_authentication.totp_enable_description")); this.$envEnabledTOTP.text(t("multi_factor_authentication.totp_enable_description"));
this.$envEnabledTOTP.show(); this.$envEnabledTOTP.show();
} }
}); });
this.$protectedSessionTimeout.val(Number(options.protectedSessionTimeout)); this.$protectedSessionTimeout.val(Number(options.protectedSessionTimeout));
}
} }
} }

1
src/public/translations/cn/translation.json
View File

@ -1302,6 +1302,7 @@
"multi_factor_authentication": { "multi_factor_authentication": {
"title": "多因素认证", "title": "多因素认证",
"description": "多因素认证MFA为您的账户添加了额外的安全层。除了输入密码登录外MFA还要求您提供一个或多个额外的验证信息来验证您的身份。这样即使有人获得了您的密码没有第二个验证信息他们也无法访问您的账户。这就像给您的门添加了一把额外的锁让他人更难闯入。", "description": "多因素认证MFA为您的账户添加了额外的安全层。除了输入密码登录外MFA还要求您提供一个或多个额外的验证信息来验证您的身份。这样即使有人获得了您的密码没有第二个验证信息他们也无法访问您的账户。这就像给您的门添加了一把额外的锁让他人更难闯入。",
"electron_disabled": "当前桌面版本不支持多因素认证。",
"oauth_title": "OAuth/OpenID 认证", "oauth_title": "OAuth/OpenID 认证",
"oauth_enabled": "OAuth/OpenID 已启用", "oauth_enabled": "OAuth/OpenID 已启用",
"oauth_enable_description": "在配置文件中设置 ssoEnabled 或环境变量 TRILIUM_SSO_ENABLED 为 true 以启用(需要重启)", "oauth_enable_description": "在配置文件中设置 ssoEnabled 或环境变量 TRILIUM_SSO_ENABLED 为 true 以启用(需要重启)",

1
src/public/translations/en/translation.json
View File

@ -1313,6 +1313,7 @@
"multi_factor_authentication": { "multi_factor_authentication": {
"title": "Multi-Factor Authentication", "title": "Multi-Factor Authentication",
"description": "Multi-Factor Authentication (MFA) adds an extra layer of security to your account. Instead of just entering a password to log in, MFA requires you to provide one or more additional pieces of evidence to verify your identity. This way, even if someone gets hold of your password, they still can't access your account without the second piece of information. It's like adding an extra lock to your door, making it much harder for anyone else to break in.", "description": "Multi-Factor Authentication (MFA) adds an extra layer of security to your account. Instead of just entering a password to log in, MFA requires you to provide one or more additional pieces of evidence to verify your identity. This way, even if someone gets hold of your password, they still can't access your account without the second piece of information. It's like adding an extra lock to your door, making it much harder for anyone else to break in.",
"electron_disabled": "Multi-Factor Authentication is not supported in the desktop build currently.",
"oauth_title": "OAuth/OpenID", "oauth_title": "OAuth/OpenID",
"oauth_enabled": "OAuth/OpenID Enabled", "oauth_enabled": "OAuth/OpenID Enabled",
"oauth_enable_description": "Set ssoEnabled in config file or TRILIUM_SSO_ENABLED environment variable to true to enable (Requires restart)", "oauth_enable_description": "Set ssoEnabled in config file or TRILIUM_SSO_ENABLED environment variable to true to enable (Requires restart)",