System: temporarily disable MFA in preferences

CHANGELOG.txt

@@ -30,6 +30,7 @@ v29.0.00
 
     Tweaks & Additions
         System: added Chilean Peso (CLP $) as an available currency
+        System: temporarily disabled MFA toggle in Preferences page
         Attendance: prevent setting partial future absence if a full-day absence already exists
         Behaviour: added level and descriptor details to behaviour notification events
         Messenger: updated the check-all option in Send Report to only select required recipients

preferences.php

@@ -56,16 +56,16 @@
     if ($result->rowCount() == 1) {
         $values = $result->fetch();
     }
-    $tfa = new RobThree\Auth\TwoFactorAuth('Gibbon'); //TODO: change the name to be based on the actual value of the school's gibbon name or similar...
-
-    //Check if there is an existing MFA Secret, so that we don't create a new one accidentally, and to have the correct values load below...
-    if (!empty($values['mfaSecret'])) {
-        $secret = $values['mfaSecret'];
-        $secretcheck = !empty($secret) ? 'Y' : 'N';
-    } else {
-        $secret = $tfa->createSecret();
-        $secretcheck = 'N';
-    }
+    // $tfa = new RobThree\Auth\TwoFactorAuth('Gibbon'); //TODO: change the name to be based on the actual value of the school's gibbon name or similar...
+
+    // //Check if there is an existing MFA Secret, so that we don't create a new one accidentally, and to have the correct values load below...
+    // if (!empty($values['mfaSecret'])) {
+    //     $secret = $values['mfaSecret'];
+    //     $secretcheck = !empty($secret) ? 'Y' : 'N';
+    // } else {
+    //     $secret = $tfa->createSecret();
+    //     $secretcheck = 'N';
+    // }
 
     $form = Form::create('resetPassword', $session->get('absoluteURL').'/preferencesPasswordProcess.php');
 
@@ -92,14 +92,14 @@
             ->required()
             ->maxLength(30);
 
-    if ($secretcheck == 'Y') {
-        $row = $form->addRow();
-            $row->addLabel('mfaCode', __('Multi Factor Authentication Code'))->description(__('In order to change your password, please input the current 6 digit token'));
-            $row->addNumber('mfaCode')->isRequired(); //TODO: Add visual validation that it's a 6 digit number, bit finnicky because there's the possibility of leading 0s this can't be done with max/min values... also not required for it to work.
-    }
+    // if ($secretcheck == 'Y') {
+    //     $row = $form->addRow();
+    //         $row->addLabel('mfaCode', __('Multi Factor Authentication Code'))->description(__('In order to change your password, please input the current 6 digit token'));
+    //         $row->addNumber('mfaCode')->isRequired(); //TODO: Add visual validation that it's a 6 digit number, bit finnicky because there's the possibility of leading 0s this can't be done with max/min values... also not required for it to work.
+    // }
 
-    $form->addHiddenValue('mfaSecret', $secret);
-    $form->addHiddenValue('mfaEnable', $secretcheck);
+    // $form->addHiddenValue('mfaSecret', $secret);
+    // $form->addHiddenValue('mfaEnable', $secretcheck);
 
     $row = $form->addRow();
         $row->addFooter();
@@ -148,28 +148,27 @@
             $row->addYesNo('receiveNotificationEmails');
 
 
-        $form->addHiddenValue('mfaSecret', $secret);
+        // $form->addHiddenValue('mfaSecret', $secret);
 
-
-        $row = $form->addRow();
-            $row->addLabel('mfaEnable', __('Enable Multi Factor Authentication?'))->description(__('Enhance the security of your account login.'));
-            $row->addYesNo('mfaEnable')->selected($secretcheck);
+    //     $row = $form->addRow();
+    //         $row->addLabel('mfaEnable', __('Enable Multi Factor Authentication?'))->description(__('Enhance the security of your account login.'));
+    //         $row->addYesNo('mfaEnable')->selected($secretcheck);
 
 
-       //If MFA wasn't previously set, show the MFA QR code.
-        if ($secretcheck == 'N') {
-            $form->toggleVisibilityByClass('toggle')->onSelect('mfaEnable')->when('Y');
-            $row = $form->addRow()->addClass('toggle');
-                $row->addLabel('mfaCode', __('Multi Factor Authentication Code'))->description(__('Scan the below QR code in your relevant authenticator app and input the code it provides, ensuring it doesn\'t expire before you submit the form.').'<br><img src='. $tfa->getQRCodeImageAsDataUri('Login', $secret) .'>');
-                $row->addNumber('mfaCode'); //TODO: Add visual validation that it's a 6 digit number, bit finnicky because there's the possibility of leading 0s this can't be done with max/min values... also not required for it to work.
-        }
-        //If MFA was previously set, and is being disabled
-        if ($secretcheck == 'Y' && !empty($values['mfaSecret'])) {
-            $form->toggleVisibilityByClass('toggle')->onSelect('mfaEnable')->when('N');
-            $row = $form->addRow()->addClass('toggle');
-                $row->addLabel('mfaCode', __('Multi Factor Authentication Code'))->description(__('In order to disable your Multi Factor Authentication, please input the current 6 digit token'));
-                $row->addNumber('mfaCode'); //TODO: Add visual validation that it's a 6 digit number, bit finnicky because there's the possibility of leading 0s this can't be done with max/min values... also not required for it to work.
-        }
+    //    //If MFA wasn't previously set, show the MFA QR code.
+    //     if ($secretcheck == 'N') {
+    //         $form->toggleVisibilityByClass('toggle')->onSelect('mfaEnable')->when('Y');
+    //         $row = $form->addRow()->addClass('toggle');
+    //             $row->addLabel('mfaCode', __('Multi Factor Authentication Code'))->description(__('Scan the below QR code in your relevant authenticator app and input the code it provides, ensuring it doesn\'t expire before you submit the form.').'<br><img src='. $tfa->getQRCodeImageAsDataUri('Login', $secret) .'>');
+    //             $row->addNumber('mfaCode'); //TODO: Add visual validation that it's a 6 digit number, bit finnicky because there's the possibility of leading 0s this can't be done with max/min values... also not required for it to work.
+    //     }
+    //     //If MFA was previously set, and is being disabled
+    //     if ($secretcheck == 'Y' && !empty($values['mfaSecret'])) {
+    //         $form->toggleVisibilityByClass('toggle')->onSelect('mfaEnable')->when('N');
+    //         $row = $form->addRow()->addClass('toggle');
+    //             $row->addLabel('mfaCode', __('Multi Factor Authentication Code'))->description(__('In order to disable your Multi Factor Authentication, please input the current 6 digit token'));
+    //             $row->addNumber('mfaCode'); //TODO: Add visual validation that it's a 6 digit number, bit finnicky because there's the possibility of leading 0s this can't be done with max/min values... also not required for it to work.
+    //     }
 
         //TODO: Allow for easy reset of MFA secret, currently would need to disable and then re-enable MFA to do so