summaryrefslogtreecommitdiffstats
path: root/webapp/components/admin_console/mfa_settings.jsx
blob: df6346fe40ce203930c1b8aa7eec7bee26d71d1f (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
// Copyright (c) 2016 Mattermost, Inc. All Rights Reserved.
// See License.txt for license information.

import AdminSettings from './admin_settings.jsx';
import SettingsGroup from './settings_group.jsx';
import BooleanSetting from './boolean_setting.jsx';

import React from 'react';
import {FormattedMessage, FormattedHTMLMessage} from 'react-intl';

export default class MfaSettings extends AdminSettings {
    constructor(props) {
        super(props);

        this.getConfigFromState = this.getConfigFromState.bind(this);

        this.renderSettings = this.renderSettings.bind(this);

        this.state = Object.assign(this.state, {
            enableMultifactorAuthentication: props.config.ServiceSettings.EnableMultifactorAuthentication,
            enforceMultifactorAuthentication: props.config.ServiceSettings.EnforceMultifactorAuthentication
        });
    }

    getConfigFromState(config) {
        config.ServiceSettings.EnableMultifactorAuthentication = this.state.enableMultifactorAuthentication;
        config.ServiceSettings.EnforceMultifactorAuthentication = this.state.enableMultifactorAuthentication && this.state.enforceMultifactorAuthentication;

        return config;
    }

    getStateFromConfig(config) {
        return {
            enableMultifactorAuthentication: config.ServiceSettings.EnableMultifactorAuthentication,
            enforceMultifactorAuthentication: config.ServiceSettings.EnableMultifactorAuthentication && config.ServiceSettings.EnforceMultifactorAuthentication
        };
    }

    renderTitle() {
        return (
            <h3>
                <FormattedMessage
                    id='admin.mfa.title'
                    defaultMessage='Multi-factor Authentication'
                />
            </h3>
        );
    }

    renderSettings() {
        return (
            <SettingsGroup>
                <div className='banner'>
                    <div className='banner__content'>
                        <FormattedMessage
                            id='admin.mfa.bannerDesc'
                            defaultMessage='Multi-factor authentication is only available for accounts with LDAP and email login methods. If there are users on your system with other login methods, it is recommended you set up multi-factor authentication directly with the SSO or SAML provider.'
                        />
                    </div>
                </div>
                <BooleanSetting
                    id='enableMultifactorAuthentication'
                    label={
                        <FormattedMessage
                            id='admin.service.mfaTitle'
                            defaultMessage='Enable Multi-factor Authentication:'
                        />
                    }
                    helpText={
                        <FormattedMessage
                            id='admin.service.mfaDesc'
                            defaultMessage='When true, users will be given the option to add multi-factor authentication to their account. They will need a smartphone and an authenticator app such as Google Authenticator.'
                        />
                    }
                    value={this.state.enableMultifactorAuthentication}
                    onChange={this.handleChange}
                />
                <BooleanSetting
                    id='enforceMultifactorAuthentication'
                    label={
                        <FormattedMessage
                            id='admin.service.enforceMfaTitle'
                            defaultMessage='Enforce Multi-factor Authentication:'
                        />
                    }
                    helpText={
                        <FormattedHTMLMessage
                            id='admin.service.enforceMfaDesc'
                            defaultMessage='When true, users on the system will be required to set up [multi-factor authentication]. Any logged in users will be redirected to the multi-factor authentication setup page until they successfully add MFA to their account.<br/><br/>It is recommended you turn on enforcement during non-peak hours, when people are less likely to be using the system. New users will be required to set up multi-factor authentication when they first sign up. After set up, users will not be able to remove multi-factor authentication unless enforcement is disabled.<br/><br/>Please note that multi-factor authentication is only available for accounts with LDAP and email login methods. Mattermost will not enforce multi-factor authentication for other login methods. If there are users on your system using other login methods, it is recommended you set up and enforce multi-factor authentication directly with the SSO or SAML provider.'
                        />
                    }
                    disabled={!this.state.enableMultifactorAuthentication}
                    value={this.state.enforceMultifactorAuthentication}
                    onChange={this.handleChange}
                />
            </SettingsGroup>
        );
    }
}