@sgiehl opened this Pull Request on July 13th 2022 Member

Description:

Our UI and API currently requires a password confirmation for certain (critical) actions. Currently that is done in each vue component and API in a similar way (but own implementations).

This PR introduces a new PasswordConfirmation vue component, that can be easily reused in other components. This also helps to let them look similar across Matomo. All existing password confirmations were replaced with the new component.

The password confirmation check in the API also was done in each class, but will now be available in each API, as it's part of the abstract class.

As confirming passwords introduced issues with other login plugins (that simply don't use passwords), a new event Login.userRequiresPasswordConfirmation was introduced, that allows to disable password confirmation for certain users.
If it's disabled, the API won't perform password checks and in UI the password confirm will still be displayed, but with password input disabled and an enabled submit button, so it can be submitted without entering a password.

Additionally this PR introduces password confirmations for this critical actions:

On Privacy > Anonymize data page it is possible to change the settings for purging old log data and reports as well as directly purging such data. As this is a critical action, that can cause data loss, we will now require the password to be confirmed.

fixes #19335
fixes #19169
fixes https://github.com/matomo-org/matomo-security/issues/209

Review

@sgiehl commented on July 14th 2022 Member

Will also implement some changes so we can fix https://github.com/matomo-org/matomo/issues/19169

@sgiehl commented on July 20th 2022 Member

@tsteur would you mind having a quick look at that one? Just want to make sure the implementation with this new event is a solid solution for other login plugins to circumvent the issue, that they don't have a password the user can enter.

This Pull Request was closed on July 25th 2022
Powered by GitHub Issue Mirror