index.tsx 8.1 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257
  1. import type {RouteComponentProps} from 'react-router';
  2. import styled from '@emotion/styled';
  3. import {addErrorMessage} from 'sentry/actionCreators/indicator';
  4. import {openEmailVerification} from 'sentry/actionCreators/modal';
  5. import {Button} from 'sentry/components/button';
  6. import CircleIndicator from 'sentry/components/circleIndicator';
  7. import EmptyMessage from 'sentry/components/emptyMessage';
  8. import FieldGroup from 'sentry/components/forms/fieldGroup';
  9. import ListLink from 'sentry/components/links/listLink';
  10. import NavTabs from 'sentry/components/navTabs';
  11. import Panel from 'sentry/components/panels/panel';
  12. import PanelBody from 'sentry/components/panels/panelBody';
  13. import PanelHeader from 'sentry/components/panels/panelHeader';
  14. import PanelItem from 'sentry/components/panels/panelItem';
  15. import SentryDocumentTitle from 'sentry/components/sentryDocumentTitle';
  16. import {Tooltip} from 'sentry/components/tooltip';
  17. import {IconDelete} from 'sentry/icons';
  18. import {t} from 'sentry/locale';
  19. import {space} from 'sentry/styles/space';
  20. import type {Authenticator} from 'sentry/types/auth';
  21. import type {OrganizationSummary} from 'sentry/types/organization';
  22. import oxfordizeArray from 'sentry/utils/oxfordizeArray';
  23. import recreateRoute from 'sentry/utils/recreateRoute';
  24. import useApi from 'sentry/utils/useApi';
  25. import RemoveConfirm from 'sentry/views/settings/account/accountSecurity/components/removeConfirm';
  26. import TwoFactorRequired from 'sentry/views/settings/account/accountSecurity/components/twoFactorRequired';
  27. import PasswordForm from 'sentry/views/settings/account/passwordForm';
  28. import SettingsPageHeader from 'sentry/views/settings/components/settingsPageHeader';
  29. import TextBlock from 'sentry/views/settings/components/text/textBlock';
  30. type Props = {
  31. authenticators: Authenticator[] | null;
  32. countEnrolled: number;
  33. deleteDisabled: boolean;
  34. handleRefresh: () => void;
  35. hasVerifiedEmail: boolean;
  36. onDisable: (auth: Authenticator) => void;
  37. orgsRequire2fa: OrganizationSummary[];
  38. } & RouteComponentProps<{}, {}>;
  39. /**
  40. * Lists 2fa devices + password change form
  41. */
  42. function AccountSecurity({
  43. authenticators,
  44. countEnrolled,
  45. deleteDisabled,
  46. onDisable,
  47. hasVerifiedEmail,
  48. orgsRequire2fa,
  49. handleRefresh,
  50. params,
  51. routes,
  52. }: Props) {
  53. const api = useApi();
  54. async function handleSessionClose() {
  55. try {
  56. await api.requestPromise('/auth/', {
  57. method: 'DELETE',
  58. data: {all: true},
  59. });
  60. window.location.assign('/auth/login/');
  61. } catch (err) {
  62. addErrorMessage(t('There was a problem closing all sessions'));
  63. throw err;
  64. }
  65. }
  66. const formatOrgSlugs = () => {
  67. const slugs = orgsRequire2fa.map(({slug}) => slug);
  68. return oxfordizeArray(slugs);
  69. };
  70. const handleAdd2FAClicked = () => {
  71. openEmailVerification({
  72. onClose: () => {
  73. handleRefresh();
  74. },
  75. actionMessage: 'enrolling a 2FA device',
  76. });
  77. };
  78. const isEmpty = !authenticators?.length;
  79. return (
  80. <SentryDocumentTitle title={t('Security')}>
  81. <SettingsPageHeader
  82. title={t('Security')}
  83. tabs={
  84. <NavTabs underlined>
  85. <ListLink to={recreateRoute('', {params, routes})} index>
  86. {t('Settings')}
  87. </ListLink>
  88. <ListLink to={recreateRoute('session-history/', {params, routes})}>
  89. {t('Session History')}
  90. </ListLink>
  91. </NavTabs>
  92. }
  93. />
  94. {!isEmpty && countEnrolled === 0 && <TwoFactorRequired />}
  95. <PasswordForm />
  96. <Panel>
  97. <PanelHeader>{t('Sessions')}</PanelHeader>
  98. <PanelBody>
  99. <FieldGroup
  100. alignRight
  101. flexibleControlStateSize
  102. label={t('Sign out of all devices')}
  103. help={t(
  104. 'Signing out of all devices will sign you out of this device as well.'
  105. )}
  106. >
  107. <Button onClick={handleSessionClose}>{t('Sign out of all devices')}</Button>
  108. </FieldGroup>
  109. </PanelBody>
  110. </Panel>
  111. <Panel>
  112. <PanelHeader>{t('Two-Factor Authentication')}</PanelHeader>
  113. {isEmpty && (
  114. <EmptyMessage>{t('No available authenticators to add')}</EmptyMessage>
  115. )}
  116. <PanelBody>
  117. {!isEmpty &&
  118. authenticators?.map(auth => {
  119. const {
  120. id,
  121. authId,
  122. description,
  123. isBackupInterface,
  124. isEnrolled,
  125. disallowNewEnrollment,
  126. configureButton,
  127. name,
  128. } = auth;
  129. if (disallowNewEnrollment && !isEnrolled) {
  130. return null;
  131. }
  132. return (
  133. <AuthenticatorPanelItem key={id}>
  134. <AuthenticatorHeader>
  135. <AuthenticatorTitle>
  136. <AuthenticatorStatus
  137. role="status"
  138. aria-label={
  139. isEnrolled
  140. ? t('Authentication Method Active')
  141. : t('Authentication Method Inactive')
  142. }
  143. enabled={isEnrolled}
  144. />
  145. <AuthenticatorName>{name}</AuthenticatorName>
  146. </AuthenticatorTitle>
  147. <Actions>
  148. {!isBackupInterface && !isEnrolled && hasVerifiedEmail && (
  149. <Button
  150. to={`/settings/account/security/mfa/${id}/enroll/`}
  151. size="sm"
  152. priority="primary"
  153. >
  154. {t('Add')}
  155. </Button>
  156. )}
  157. {!isBackupInterface && !isEnrolled && !hasVerifiedEmail && (
  158. <Button
  159. onClick={handleAdd2FAClicked}
  160. size="sm"
  161. priority="primary"
  162. >
  163. {t('Add')}
  164. </Button>
  165. )}
  166. {isEnrolled && authId && (
  167. <Button
  168. to={`/settings/account/security/mfa/${authId}/`}
  169. size="sm"
  170. >
  171. {configureButton}
  172. </Button>
  173. )}
  174. {!isBackupInterface && isEnrolled && (
  175. <Tooltip
  176. title={t(
  177. `Two-factor authentication is required for organization(s): %s.`,
  178. formatOrgSlugs()
  179. )}
  180. disabled={!deleteDisabled}
  181. >
  182. <RemoveConfirm
  183. onConfirm={() => onDisable(auth)}
  184. disabled={deleteDisabled}
  185. >
  186. <Button
  187. size="sm"
  188. aria-label={t('Delete')}
  189. icon={<IconDelete />}
  190. />
  191. </RemoveConfirm>
  192. </Tooltip>
  193. )}
  194. </Actions>
  195. {isBackupInterface && !isEnrolled ? t('requires 2FA') : null}
  196. </AuthenticatorHeader>
  197. <Description>{description}</Description>
  198. </AuthenticatorPanelItem>
  199. );
  200. })}
  201. </PanelBody>
  202. </Panel>
  203. </SentryDocumentTitle>
  204. );
  205. }
  206. const AuthenticatorName = styled('span')`
  207. font-size: 1.2em;
  208. `;
  209. const AuthenticatorPanelItem = styled(PanelItem)`
  210. flex-direction: column;
  211. `;
  212. const AuthenticatorHeader = styled('div')`
  213. display: flex;
  214. flex: 1;
  215. align-items: center;
  216. `;
  217. const AuthenticatorTitle = styled('div')`
  218. flex: 1;
  219. `;
  220. const Actions = styled('div')`
  221. display: grid;
  222. grid-auto-flow: column;
  223. gap: ${space(1)};
  224. `;
  225. const AuthenticatorStatus = styled(CircleIndicator)`
  226. margin-right: ${space(1)};
  227. `;
  228. const Description = styled(TextBlock)`
  229. margin-top: ${space(2)};
  230. margin-bottom: 0;
  231. `;
  232. export default AccountSecurity;