mirror of
https://gerrit.wikimedia.org/r/mediawiki/extensions/OATHAuth
synced 2024-12-01 03:16:24 +00:00
329c3133d6
Notify users when 2FA is disabled on their account in case something was fishy about it. This notification is a "system" notification that will be displayed in the web UI and sent over email. It can't be opted out of as a preference. The notification links to Special:Preferences, where users can see their 2FA status and re-enable it if they want. A secondary help link goes to [[mw:Help:Two-factor authentication]], but can be overridden by adjusting the "oathauth-notifications-disable-helplink" message. The notification text is different based on whether the user disabled 2FA on their own, or an admin used the special page or a maint script to do it. On Wikimedia wikis, we'll use the WikimediaMessages extension to customize the messages. The Echo (Notifications) extension is not required, this will gracefully do nothing if it's not enabled. Bug: T210075 Bug: T210963 Change-Id: I99077ea082b8483cc4fd77573a0d00fa98201f15
95 lines
7.9 KiB
JSON
95 lines
7.9 KiB
JSON
{
|
|
"@metadata": {
|
|
"authors": [
|
|
"Ryan Lane <rlane@wikimedia.org>",
|
|
"Tyler Romeo <tylerromeo@gmail.com>"
|
|
]
|
|
},
|
|
"oathauth-desc": "Provides authentication support using HMAC based one-time passwords",
|
|
"disableoathforuser": "Disable user's two-factor authentication",
|
|
"verifyoathforuser": "Verify two-factor authentication status",
|
|
"oath": "OATHAuth",
|
|
"specialpages-group-oath": "Two-factor authentication",
|
|
"oathauth-account": "Account name:",
|
|
"oathauth-secret": "Two-factor authentication secret key:",
|
|
"oathauth-enable": "Enable two-factor authentication",
|
|
"oathauth-scratchtokens": "The following list is a list of one-time use scratch tokens. These tokens can only be used once, and are for emergency use. Please write these down and keep them in a secure location. If you lose your phone, these tokens are the only way to rescue your account. '''These tokens will never be shown again'''.",
|
|
"oathauth-token": "Token",
|
|
"oathauth-disable": "Disable two-factor authentication",
|
|
"oathauth-validatedoath": "Validated two-factor credentials. Two-factor authentication will now be enforced.",
|
|
"oathauth-noscratchforvalidation": "You cannot use a scratch code to confirm two-factor authentication. Scratch codes are for backup and incidental use only. Please use a verification code from your code generator.",
|
|
"oathauth-failedtovalidateoath": "Failed to validate two-factor credentials",
|
|
"oathauth-disabledoath": "Disabled two-factor authentication.",
|
|
"oathauth-prefs-label": "Two-factor authentication:",
|
|
"oathauth-step1": "Step 1: Download a two-factor authentication program",
|
|
"oathauth-step1-test": "Download a program for two-factor authentication. That can be a mobile application (such as Google Authenticator) or a desktop application.",
|
|
"oathauth-step2": "Step 2: Scan the QR code",
|
|
"oathauth-step2alt": "Or enter the secret manually:",
|
|
"oathauth-step3": "Step 3: Write down the scratch codes",
|
|
"oathauth-step4": "Step 4: Verification",
|
|
"oathauth-entertoken": "Enter a code from your authentication device to verify:",
|
|
"oathauth-disable-for-user": "Disable two-factor authentication for a user",
|
|
"oathauth-verify-for-user": "Verify if a user has two-factor authentication enabled",
|
|
"right-oathauth-disable-for-user": "Disable two-factor authentication for a user",
|
|
"action-oathauth-disable-for-user": "disable two-factor authentication for a user",
|
|
"right-oathauth-verify-user": "Verify whether a user has two-factor authentication enabled",
|
|
"action-oathauth-verify-user": "verify whether a user has two-factor authentication enabled",
|
|
"right-oathauth-view-log": "Access to log of two-factor authentication changes",
|
|
"action-oathauth-view-log": "access to log of two-factor authentication changes",
|
|
"oathauth-disable-intro": "With great power, comes great responsibility",
|
|
"oathauth-enteruser": "Username:",
|
|
"oathauth-enterdisablereason": "Reason for disabling:",
|
|
"oathauth-enterverifyreason": "Reason for checking:",
|
|
"oathauth-user-not-does-not-have-oath-enabled": "User doesn't have two-factor authentication enabled, so nothing to disable",
|
|
"right-oathauth-enable": "Enable two-factor authentication",
|
|
"action-oathauth-enable": "enable two-factor authentication",
|
|
"oathauth-auth-token-label": "Token",
|
|
"oathauth-auth-token-help": "The one-time password used as the second factor of two-factor authentication.",
|
|
"oathauth-auth-ui": "Please enter a verification code from your authentication device.",
|
|
"oathauth-throttled": "Too many verification attempts! Please wait $1.",
|
|
"oathauth-login-failed": "Verification failed.",
|
|
"oathauth-describe-provider": "Two-factor authentication (OATH).",
|
|
"grant-group-authentication": "Perform authentication actions for self and others",
|
|
"grant-oath": "Access two-factor authentication (OATH) information for self and others",
|
|
"right-oathauth-api-all": "Query and validate OATH information for self and others",
|
|
"action-oathauth-api-all": "check OATH status",
|
|
"oathauth-user-not-found": "No user account was found with that name",
|
|
"oath-log-name": "Two-factor authentication log",
|
|
"oath-log-header": "These events track changes to users' two-factor authentication status.",
|
|
"logentry-oath-disable-other": "$1 {{GENDER:$2|disabled}} the two-factor authentication of $3",
|
|
"logentry-oath-verify": "$1 {{GENDER:$2|checked}} if $3 had two-factor authentication enabled",
|
|
"oauthauth-ui-no-module": "None enabled",
|
|
"oathauth-module-invalid": "The OATHAuth module that the user has registered is invalid.",
|
|
"oathauth-module-totp-label": "TOTP (one-time token)",
|
|
"oathauth-ui-manage": "Manage",
|
|
"oathmanage": "Manage Two-factor authentication",
|
|
"oathauth-ui-not-enabled-modules": "Switch to an alternative method",
|
|
"oathauth-ui-enabled-module": "Enabled authentication method",
|
|
"oathauth-enable-generic": "Enable",
|
|
"oathauth-disable-generic": "Disable",
|
|
"oathauth-invalid-data-format": "Data provider is invalid to create a key for the selected auth method",
|
|
"oathauth-invalid-key-type": "Key set on the user does not match the required type for selected auth method",
|
|
"oathauth-disable-page-title": "Disable $1",
|
|
"oathauth-enable-page-title": "Enable $1",
|
|
"oathauth-action-exclusive-to-2fa": "This action can only be performed by users with Two-factor authentication enabled.",
|
|
"oathauth-ui-available-modules": "Available methods",
|
|
"oathauth-ui-general-help": "'''Multi-factor authentication''' ('''MFA''') is an authentication method in which a computer user is granted access only after successfully presenting two or more pieces of evidence (or factors) to an authentication mechanism: knowledge (something the user and only the user knows), possession (something the user and only the user has), and inherence (something the user and only the user is). [https://en.wikipedia.org/wiki/Multi-factor_authentication Read more]",
|
|
"oathauth-totp-description": "The Time-based One-Time Password algorithm (TOTP) is an extension of the HMAC-based One-time Password algorithm (HOTP) generating a one-time password by instead taking uniqueness from the current time.",
|
|
"oathauth-disable-method-warning-header": "Confirm disabling of an authentication method",
|
|
"oathauth-disable-method-warning-button-label": "Confirm and continue",
|
|
"oathauth-disable-method-warning": "If you disable $1 two-factor authentication method, you will no longer be able to use this method when logging in, and all the data associated with this authentication method will be deleted.",
|
|
"oathauth-switch-method-warning-header": "Confirm switching to a different authentication method",
|
|
"oathauth-switch-method-warning": "By switching to $2 two-factor authentication method, current method ($1) will be disabled, and all the data associated with the current authentication method will be deleted",
|
|
"oathauth-totp-disable-warning": "You will no longer be able to use the authentication device registered with this account. All scratch-tokens associated with this account will be invalidated.",
|
|
"oathauth-invalidrequest": "Invalid request",
|
|
"notification-header-oathauth-disable": "Two-factor authentication has been disabled on {{GENDER:$2|your account}}.",
|
|
"notification-body-oathauth-disable": "If {{GENDER:$2|you}} did not do this, {{GENDER:$2|your account}} may have been compromised.",
|
|
"notification-body-oathauth-disable-other": "If {{GENDER:$2|you}} did not request this, {{GENDER:$2|you}} should contact an administrator.",
|
|
"oathauth-notifications-disable-help": "Help",
|
|
"oathauth-notifications-disable-helplink": "mw:Special:MyLanguage/Help:Two-factor authentication",
|
|
"oathauth-verify-enabled": "{{GENDER:$1|$1}} has two-factor authentication enabled.",
|
|
"oathauth-verify-disabled": "{{GENDER:$1|$1}} does not have two-factor authentication enabled.",
|
|
"oathauth-prefs-disabledgroups": "Disabled {{PLURAL:$1|group|groups}}:",
|
|
"oathauth-prefs-disabledgroups-help": "{{GENDER:$2|Your membership}} in {{PLURAL:$1|this group|these groups}} is disabled until you enable [[Special:Manage Two-factor authentication|two-factor authentication]]."
|
|
}
|