mirror of
https://we.phorge.it/source/phorge.git
synced 2024-09-22 10:18:48 +02:00
3f5a55fa6e
Summary: Ref T4398. This adds a settings panel for account activity so users can review activity on their own account. Some goals are: - Make it easier for us to develop and support auth and credential information, see T4398. This is the primary driver. - Make it easier for users to understand and review auth and credential information (see T4842 for an example -- this isn't there yet, but builds toward it). - Improve user confidence in security by making logging more apparent and accessible. Minor corresponding changes: - Entering and exiting hisec mode is now logged. - This, sessions, and OAuth authorizations have moved to a new "Sessions and Logs" area, since "Authentication" was getting huge. Test Plan: - Viewed new panel. - Viewed old UI. - Entered/exited hisec and got prompted. Reviewers: btrahan Reviewed By: btrahan Subscribers: epriestley Maniphest Tasks: T4398 Differential Revision: https://secure.phabricator.com/D8871
49 lines
1.5 KiB
PHP
49 lines
1.5 KiB
PHP
<?php
|
|
|
|
final class PhabricatorAuthDowngradeSessionController
|
|
extends PhabricatorAuthController {
|
|
|
|
public function processRequest() {
|
|
$request = $this->getRequest();
|
|
$viewer = $request->getUser();
|
|
|
|
$panel_uri = '/settings/panel/sessions/';
|
|
|
|
$session = $viewer->getSession();
|
|
if ($session->getHighSecurityUntil() < time()) {
|
|
return $this->newDialog()
|
|
->setTitle(pht('Normal Security Restored'))
|
|
->appendParagraph(
|
|
pht('Your session is no longer in high security.'))
|
|
->addCancelButton($panel_uri, pht('Continue'));
|
|
}
|
|
|
|
if ($request->isFormPost()) {
|
|
|
|
id(new PhabricatorAuthSessionEngine())
|
|
->exitHighSecurity($viewer, $session);
|
|
|
|
return id(new AphrontRedirectResponse())
|
|
->setURI($this->getApplicationURI('session/downgrade/'));
|
|
}
|
|
|
|
return $this->newDialog()
|
|
->setTitle(pht('Leaving High Security'))
|
|
->appendParagraph(
|
|
pht(
|
|
'Leave high security and return your session to normal '.
|
|
'security levels?'))
|
|
->appendParagraph(
|
|
pht(
|
|
'If you leave high security, you will need to authenticate '.
|
|
'again the next time you try to take a high security action.'))
|
|
->appendParagraph(
|
|
pht(
|
|
'On the plus side, that purple notification bubble will '.
|
|
'disappear.'))
|
|
->addSubmitButton(pht('Leave High Security'))
|
|
->addCancelButton($panel_uri, pht('Stay in High Security'));
|
|
}
|
|
|
|
|
|
}
|