Fixed GH-5

Author: Rafael Grigorian

src/app/code/community/JetRails/TwoFactor/Model/Adminhtml/Auth.php

@@ -35,10 +35,8 @@ protected function _construct () {
 		 * @return      void
 		 */
 		public function registerAttempt ( $increment = true ) {
-
 			$data = Mage::helper ("twofactor/data");
 			$state = Mage::getModel ("twofactor/state");
-
 			// Get the current timestamp and client IP address
 			$timestamp = ( new Zend_Date () )->toString ("YYYY-MM-dd HH:mm:ss");
 			$address = Mage::helper ("core/http")->getRemoteAddr ();

src/app/code/community/JetRails/TwoFactor/Model/Adminhtml/Observer.php

@@ -92,7 +92,7 @@ public function preAdminHtml ( Varien_Event_Observer $observer ) {
 				// Session is not authenticated, or is authenticated but not in verify state
 				if ( $admin->getTwoFactorAllow () !== true || $userState != $state::VERIFY ) {
 					// Allow state based routes to allow for state based pages
-					if ( $page->isRouteAllowed ( $route, $userState ) ) return;
+					if ( $page->isRouteAllowed ( "adminhtml/$controller/$action", $userState ) ) return;
 					// If the state is not verify, then unset session flag
 					if ( $userState != $state::VERIFY ) $admin->unsTwoFactorAllow ();
 					// If there is a cookie and it is valid, then allow access to admin area

src/app/code/community/JetRails/TwoFactor/Model/Adminhtml/Page.php

@@ -17,21 +17,21 @@ class JetRails_TwoFactor_Model_Adminhtml_Page extends Mage_Core_Model_Abstract {
 		 * also includes all the controller routes that are defined for the manage and configure
 		 * controllers that only super admins have access to.
 		 */
-		const PAGE_SETUP_SCAN       = "twofactor/setup/scan";
-		const PAGE_SETUP_BACKUP     = "twofactor/setup/backup";
-		const PAGE_SETUP_RESET      = "twofactor/setup/reset";
-		const PAGE_SETUP_ENABLE     = "twofactor/setup/enable";
-		const PAGE_SETUP_DISABLE    = "twofactor/setup/disable";
-		const PAGE_LOGIN_BANNED     = "twofactor/login/banned";
-		const PAGE_LOGIN_VERIFY     = "twofactor/login/verify";
-		const PAGE_MANAGE_INDEX     = "twofactor/manage/index";
-		const PAGE_MANAGE_GRID      = "twofactor/manage/grid";
-		const PAGE_MANAGE_UNBAN     = "twofactor/manage/unban";
-		const PAGE_MANAGE_ENABLE    = "twofactor/manage/enable";
-		const PAGE_MANAGE_DISABLE   = "twofactor/manage/disable";
-		const PAGE_MANAGE_RESET     = "twofactor/manage/reset";
-		const PAGE_CONFIGURE_INDEX  = "twofactor/configure/index";
-		const PAGE_CONFIGURE_SAVE   = "twofactor/configure/save";
+		const PAGE_SETUP_SCAN       = "adminhtml/twofactor_setup/scan";
+		const PAGE_SETUP_BACKUP     = "adminhtml/twofactor_setup/backup";
+		const PAGE_SETUP_RESET      = "adminhtml/twofactor_setup/reset";
+		const PAGE_SETUP_ENABLE     = "adminhtml/twofactor_setup/enable";
+		const PAGE_SETUP_DISABLE    = "adminhtml/twofactor_setup/disable";
+		const PAGE_LOGIN_BANNED     = "adminhtml/twofactor_login/banned";
+		const PAGE_LOGIN_VERIFY     = "adminhtml/twofactor_login/verify";
+		const PAGE_MANAGE_INDEX     = "adminhtml/twofactor_manage/index";
+		const PAGE_MANAGE_GRID      = "adminhtml/twofactor_manage/grid";
+		const PAGE_MANAGE_UNBAN     = "adminhtml/twofactor_manage/unban";
+		const PAGE_MANAGE_ENABLE    = "adminhtml/twofactor_manage/enable";
+		const PAGE_MANAGE_DISABLE   = "adminhtml/twofactor_manage/disable";
+		const PAGE_MANAGE_RESET     = "adminhtml/twofactor_manage/reset";
+		const PAGE_CONFIGURE_INDEX  = "adminhtml/twofactor_configure/index";
+		const PAGE_CONFIGURE_SAVE   = "adminhtml/twofactor_configure/save";
 
 		/**
 		 * This method takes in a controller route and an authorization state, which is defined in
@@ -82,9 +82,12 @@ public function getPageFromState ( $targetState ) {
 		 * @return      boolean                                 Is the route forbidden?
 		 */
 		public function isForbiddenRoutesAfterAuth ( $frontname, $controller ) {
+			// Get current admin front name
+			$adminFrontName = Mage::getConfig ()
+				->getNode ("admin/routers/adminhtml/args/frontName");
 			// Return if the controller is forbidden
-			$allowed = array ( "setup", "login" );
-			return $frontname === "twofactor" && in_array ( $controller, $allowed );
+			$allowed = array ( "twofactor_setup", "twofactor_login" );
+			return $frontname === "$adminFrontName" && in_array ( $controller, $allowed );
 		}
 
-	}
+	}

src/app/code/community/JetRails/TwoFactor/controllers/ConfigureController.php renamed to src/app/code/community/JetRails/TwoFactor/controllers/Twofactor/ConfigureController.php

@@ -11,7 +11,7 @@
 	 * @author          Rafael Grigorian - JetRails®
 	 * @copyright       JetRails®, all rights reserved
 	 */
-	class JetRails_TwoFactor_ConfigureController extends Mage_Adminhtml_Controller_Action {
+	class JetRails_TwoFactor_Twofactor_ConfigureController extends Mage_Adminhtml_Controller_Action {
 
 		/**
 		 * This method simply asks Magento's ACL if the logged in user is allowed to see the
@@ -92,6 +92,8 @@ public function saveAction () {
 				Mage::getSingleton ("admin/session")->addSuccess (
 					Mage::helper ("twofactor")->__("Successfully saved settings")
 				);
+				// Invalidate config cache
+				Mage::app ()->getCacheInstance ()->cleanType ("config");
 			}
 			else {
 				// Attach an error message to the session
@@ -103,4 +105,4 @@ public function saveAction () {
 			$this->getResponse ()->setRedirect ( $this->getUrl ( $page::PAGE_CONFIGURE_INDEX ) );
 		}
 
-	}
+	}

src/app/code/community/JetRails/TwoFactor/controllers/LoginController.php renamed to src/app/code/community/JetRails/TwoFactor/controllers/Twofactor/LoginController.php

@@ -11,7 +11,7 @@
 	 * @author          Rafael Grigorian - JetRails®
 	 * @copyright       JetRails®, all rights reserved
 	 */
-	class JetRails_TwoFactor_LoginController extends Mage_Adminhtml_Controller_Action {
+	class JetRails_TwoFactor_Twofactor_LoginController extends Mage_Adminhtml_Controller_Action {
 
 		/**
 		 * This method asks the data helper to determine if the logged in admin user is allowed to
@@ -178,4 +178,4 @@ public function verifyAction () {
 			$this->renderLayout ();
 		}
 
-	}
+	}

src/app/code/community/JetRails/TwoFactor/controllers/ManageController.php renamed to src/app/code/community/JetRails/TwoFactor/controllers/Twofactor/ManageController.php

@@ -11,7 +11,7 @@
 	 * @author          Rafael Grigorian - JetRails®
 	 * @copyright       JetRails®, all rights reserved
 	 */
-	class JetRails_TwoFactor_ManageController extends Mage_Adminhtml_Controller_Action {
+	class JetRails_TwoFactor_Twofactor_ManageController extends Mage_Adminhtml_Controller_Action {
 
 		/**
 		 * This method simply asks Magento's ACL if the logged in user is allowed to see the
@@ -243,4 +243,4 @@ public function resetAction () {
 			$this->_redirect ( $page::PAGE_MANAGE_INDEX );
 		}
 
-	}
+	}

src/app/code/community/JetRails/TwoFactor/controllers/SetupController.php renamed to src/app/code/community/JetRails/TwoFactor/controllers/Twofactor/SetupController.php

@@ -10,7 +10,7 @@
 	 * @author          Rafael Grigorian - JetRails®
 	 * @copyright       JetRails®, all rights reserved
 	 */
-	class JetRails_TwoFactor_SetupController extends Mage_Adminhtml_Controller_Action {
+	class JetRails_TwoFactor_Twofactor_SetupController extends Mage_Adminhtml_Controller_Action {
 
 		/**
 		 * This method asks the data helper to determine if the logged in admin user is allowed to
@@ -97,4 +97,4 @@ public function backupAction () {
 			$this->renderLayout ();
 		}
 
-	}
+	}

src/app/code/community/JetRails/TwoFactor/etc/adminhtml.xml

@@ -41,16 +41,16 @@
 						<configure translate="title" module="twofactor" >
 							<title>Configure 2FA Settings</title>
 							<sort_order>10</sort_order>
-							<action>twofactor/configure/index</action>
+							<action>adminhtml/twofactor_configure/index</action>
 						</configure>
 						<manage translate="title" module="twofactor" >
 							<title>Manage 2FA Accounts</title>
 							<sort_order>20</sort_order>
-							<action>twofactor/manage/index</action>
+							<action>adminhtml/twofactor_manage/index</action>
 						</manage>
 					</children>
 				</twofactor>
 			</children>
 		</jetrails>
 	</menu>
-</config>
+</config>

src/app/code/community/JetRails/TwoFactor/etc/config.xml

@@ -8,13 +8,13 @@
 	</modules>
 	<admin>
 		<routers>
-			<jetrails_twofactor>
-				<use>admin</use>
+			<adminhtml>
 				<args>
-					<module>JetRails_TwoFactor</module>
-					<frontName>twofactor</frontName>
+					<modules>
+						<JetRails_TwoFactor before="Mage_Adminhtml" >JetRails_TwoFactor</JetRails_TwoFactor>
+					</modules>
 				</args>
-			</jetrails_twofactor>
+			</adminhtml>
 		</routers>
 	</admin>
 	<global>
@@ -105,4 +105,4 @@
 			</general>
 		</twofactor>
 	</default>
-</config>
+</config>

src/app/design/adminhtml/base/default/layout/twofactor.xml

@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="UTF-8" ?>
 
 <layout>
-	<jetrails_twofactor_login_verify>
+	<adminhtml_twofactor_login_verify>
 		<block
 			name="root"
 			type="core/template"
@@ -19,8 +19,8 @@
 				type="twofactor/template_verify"
 				template="twofactor/verify.phtml" />
 		</block>
-	</jetrails_twofactor_login_verify>
-	<jetrails_twofactor_login_banned>
+	</adminhtml_twofactor_login_verify>
+	<adminhtml_twofactor_login_banned>
 		<block
 			name="root"
 			type="core/template"
@@ -34,8 +34,8 @@
 				type="twofactor/template_banned"
 				template="twofactor/banned.phtml" />
 		</block>
-	</jetrails_twofactor_login_banned>
-	<jetrails_twofactor_setup_scan>
+	</adminhtml_twofactor_login_banned>
+	<adminhtml_twofactor_setup_scan>
 		<block
 			name="root"
 			type="core/template"
@@ -53,8 +53,8 @@
 				type="twofactor/template_scan"
 				template="twofactor/scan.phtml" />
 		</block>
-	</jetrails_twofactor_setup_scan>
-	<jetrails_twofactor_setup_backup>
+	</adminhtml_twofactor_setup_scan>
+	<adminhtml_twofactor_setup_backup>
 		<block
 			name="root"
 			type="core/template"
@@ -68,5 +68,5 @@
 				type="twofactor/template_backup"
 				template="twofactor/backup.phtml" />
 		</block>
-	</jetrails_twofactor_setup_backup>
-</layout>
+	</adminhtml_twofactor_setup_backup>
+</layout>