+
\ No newline at end of file
diff --git a/appinfo/info.xml b/appinfo/info.xml
index c654d1e..dbb9158 100644
--- a/appinfo/info.xml
+++ b/appinfo/info.xml
@@ -7,6 +7,6 @@
Nextcloud1.0.0
-
+
diff --git a/appinfo/routes.php b/appinfo/routes.php
index f7d6cf8..3ce6eda 100644
--- a/appinfo/routes.php
+++ b/appinfo/routes.php
@@ -21,26 +21,36 @@
namespace OCA\User_SAML\AppInfo;
-(new \OCP\AppFramework\App('user_saml'))->registerRoutes($this, array('routes' => array(
+(new Application())->registerRoutes(
+ $this,
[
- 'name' => 'SAML#login',
- 'url' => '/saml/login',
- 'verb' => 'GET',
- ],
- [
- 'name' => 'SAML#getMetadata',
- 'url' => '/saml/metadata',
- 'verb' => 'GET',
- ],
- [
- 'name' => 'SAML#assertionConsumerService',
- 'url' => '/saml/acs',
- 'verb' => 'POST',
- ],
- [
- 'name' => 'SAML#singleLogoutService',
- 'url' => '/saml/sls',
- 'verb' => 'GET',
- ],
-)));
+ 'resources' => [
+ 'AuthSettings' => [
+ 'url' => '/authtokens'
+ ],
+ ],
+ 'routes' => [
+ [
+ 'name' => 'SAML#login',
+ 'url' => '/saml/login',
+ 'verb' => 'GET',
+ ],
+ [
+ 'name' => 'SAML#getMetadata',
+ 'url' => '/saml/metadata',
+ 'verb' => 'GET',
+ ],
+ [
+ 'name' => 'SAML#assertionConsumerService',
+ 'url' => '/saml/acs',
+ 'verb' => 'POST',
+ ],
+ [
+ 'name' => 'SAML#singleLogoutService',
+ 'url' => '/saml/sls',
+ 'verb' => 'GET',
+ ],
+ ]
+ ]
+);
diff --git a/css/settings.css b/css/admin.css
similarity index 100%
rename from css/settings.css
rename to css/admin.css
diff --git a/css/personal.css b/css/personal.css
new file mode 100644
index 0000000..7495c58
--- /dev/null
+++ b/css/personal.css
@@ -0,0 +1,30 @@
+#user-saml-apppasswords table {
+ width: 100%;
+ min-height: 150px;
+ padding-top: 25px;
+}
+#user-saml-appasswords table th {
+ font-weight: 800;
+}
+#user-saml-apppasswords table th,
+#user-saml-apppasswords table td {
+ padding: 10px;
+}
+
+#user-saml-apppasswords .token-list td {
+ border-top: 1px solid #DDD;
+ text-overflow: ellipsis;
+ max-width: 200px;
+ white-space: nowrap;
+ overflow: hidden;
+}
+#user-saml-apppasswords .token-list td a.icon-delete {
+ display: block;
+ opacity: 0.6;
+}
+
+#user-saml-new-app-password {
+ width: 186px;
+ font-family: monospace;
+ background-color: lightyellow;
+}
diff --git a/js/settings.js b/js/admin.js
similarity index 99%
rename from js/settings.js
rename to js/admin.js
index 8628616..9ee0ee4 100644
--- a/js/settings.js
+++ b/js/admin.js
@@ -1,4 +1,3 @@
-
function setSAMLConfigValue(category, setting, value) {
OC.msg.startSaving('#user-saml-save-indicator');
OC.AppConfig.setValue('user_saml', category+'-'+setting, value);
diff --git a/js/personal.js b/js/personal.js
new file mode 100644
index 0000000..4897e78
--- /dev/null
+++ b/js/personal.js
@@ -0,0 +1,9 @@
+$(function() {
+
+ // Show token views
+ var collection = new OCA.User_SAML.AuthTokenCollection();
+ var view = new OCA.User_SAML.AuthTokenView({
+ collection: collection
+ });
+ view.reload();
+});
\ No newline at end of file
diff --git a/js/personal/authtoken-collection.js b/js/personal/authtoken-collection.js
new file mode 100644
index 0000000..4c0cf38
--- /dev/null
+++ b/js/personal/authtoken-collection.js
@@ -0,0 +1,52 @@
+/* global Backbone */
+
+/**
+ * @author Christoph Wurst
+ *
+ * @copyright Copyright (c) 2016, ownCloud, Inc.
+ * @license AGPL-3.0
+ *
+ * This code is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License, version 3,
+ * as published by the Free Software Foundation.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License, version 3,
+ * along with this program. If not, see
+ *
+ */
+
+(function(OCA, Backbone) {
+ 'use strict';
+
+ OCA.User_SAML = OCA.User_SAML || {};
+
+ var AuthTokenCollection = Backbone.Collection.extend({
+
+ model: OCA.User_SAML.AuthToken,
+
+ /**
+ * Show recently used sessions/devices first
+ *
+ * @param {OCA.User_SAML.AuthToken} t1
+ * @param {OCA.User_SAML.AuthToken} t2
+ * @returns {Boolean}
+ */
+ comparator: function (t1, t2) {
+ var ts1 = parseInt(t1.get('lastActivity'), 10);
+ var ts2 = parseInt(t2.get('lastActivity'), 10);
+ return ts1 < ts2;
+ },
+
+ tokenType: null,
+
+ url: OC.generateUrl('/apps/user_saml/authtokens')
+ });
+
+ OCA.User_SAML.AuthTokenCollection = AuthTokenCollection;
+
+})(OCA, Backbone);
diff --git a/js/personal/authtoken.js b/js/personal/authtoken.js
new file mode 100644
index 0000000..3271713
--- /dev/null
+++ b/js/personal/authtoken.js
@@ -0,0 +1,33 @@
+/* global Backbone */
+
+/**
+ * @author Christoph Wurst
+ *
+ * @copyright Copyright (c) 2016, ownCloud, Inc.
+ * @license AGPL-3.0
+ *
+ * This code is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License, version 3,
+ * as published by the Free Software Foundation.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License, version 3,
+ * along with this program. If not, see
+ *
+ */
+
+(function(OCA, Backbone) {
+ 'use strict';
+
+ OCA.User_SAML = OCA.User_SAML || {};
+
+ var AuthToken = Backbone.Model.extend({
+ });
+
+ OCA.User_SAML.AuthToken = AuthToken;
+
+})(OCA, Backbone);
diff --git a/js/personal/authtoken_view.js b/js/personal/authtoken_view.js
new file mode 100644
index 0000000..dfe60bf
--- /dev/null
+++ b/js/personal/authtoken_view.js
@@ -0,0 +1,230 @@
+/* global Backbone, Handlebars, moment */
+
+/**
+ * @author Christoph Wurst
+ *
+ * @copyright Copyright (c) 2016, ownCloud, Inc.
+ * @license AGPL-3.0
+ *
+ * This code is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License, version 3,
+ * as published by the Free Software Foundation.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License, version 3,
+ * along with this program. If not, see
+ *
+ */
+
+(function(OCA, _, Backbone, $, Handlebars, moment) {
+ 'use strict';
+
+ OCA.User_SAML = OCA.User_SAML|| {};
+
+ var TEMPLATE_TOKEN =
+ '
'
+ + '
{{name}}
'
+ + '
'
+ + '
';
+
+ var SubView = Backbone.View.extend({
+ collection: null,
+ type: 0,
+ _template: undefined,
+
+ template: function(data) {
+ if (_.isUndefined(this._template)) {
+ this._template = Handlebars.compile(TEMPLATE_TOKEN);
+ }
+
+ return this._template(data);
+ },
+
+ initialize: function(options) {
+ this.type = options.type;
+ this.collection = options.collection;
+
+ this.on(this.collection, 'change', this.render);
+ },
+
+ render: function() {
+ var _this = this;
+
+ var list = this.$('.token-list');
+ var tokens = this.collection.filter(function(token) {
+ return parseInt(token.get('type'), 10) === _this.type;
+ });
+ list.html('');
+
+ // Show header only if there are tokens to show
+ this._toggleHeader(tokens.length > 0);
+
+ tokens.forEach(function(token) {
+ var viewData = token.toJSON();
+ var ts = viewData.lastActivity * 1000;
+ viewData.lastActivity = OC.Util.relativeModifiedDate(ts);
+ viewData.lastActivityTime = OC.Util.formatDate(ts, 'LLL');
+ var html = _this.template(viewData);
+ var $html = $(html);
+ $html.find('.has-tooltip').tooltip({container: 'body'});
+ list.append($html);
+ });
+ },
+
+ toggleLoading: function(state) {
+ this.$('.token-list').toggleClass('icon-loading', state);
+ },
+
+ _toggleHeader: function(show) {
+ this.$('.hidden-when-empty').toggleClass('hidden', !show);
+ }
+ });
+
+ var AuthTokenView = Backbone.View.extend({
+ collection: null,
+
+ _views: [],
+
+ _form: undefined,
+
+ _tokenName: undefined,
+
+ _addAppPasswordBtn: undefined,
+
+ _result: undefined,
+
+ _newAppPassword: undefined,
+
+ _hideAppPasswordBtn: undefined,
+
+ _addingToken: false,
+
+ initialize: function(options) {
+ this.collection = options.collection;
+
+ var tokenTypes = [0, 1];
+ var _this = this;
+ _.each(tokenTypes, function(type) {
+ var el = '#user-saml-apppasswords';
+ _this._views.push(new SubView({
+ el: el,
+ type: type,
+ collection: _this.collection
+ }));
+
+ var $el = $(el);
+ $el.on('click', 'a.icon-delete', _.bind(_this._onDeleteToken, _this));
+ });
+
+ this._form = $('#user-saml-app-password-form');
+ this._tokenName = $('#user-saml-app-password-name');
+ this._addAppPasswordBtn = $('#user-saml-add-app-password');
+ this._addAppPasswordBtn.click(_.bind(this._addAppPassword, this));
+
+ this._result = $('#user-saml-app-password-result');
+ this._newAppPassword = $('#user-saml-new-app-password');
+ this._newAppPassword.on('focus', _.bind(this._onNewTokenFocus, this));
+ this._hideAppPasswordBtn = $('#user-saml-app-password-hide');
+ this._hideAppPasswordBtn.click(_.bind(this._hideToken, this));
+ },
+
+ render: function() {
+ _.each(this._views, function(view) {
+ view.render();
+ view.toggleLoading(false);
+ });
+ },
+
+ reload: function() {
+ var _this = this;
+
+ _.each(this._views, function(view) {
+ view.toggleLoading(true);
+ });
+
+ var loadingTokens = this.collection.fetch();
+
+ $.when(loadingTokens).done(function() {
+ _this.render();
+ });
+ $.when(loadingTokens).fail(function() {
+ OC.Notification.showTemporary(t('core', 'Error while loading browser sessions and device tokens'));
+ });
+ },
+
+ _addAppPassword: function() {
+ var _this = this;
+ this._toggleAddingToken(true);
+
+ var deviceName = this._tokenName.val();
+ var creatingToken = $.ajax(OC.generateUrl('/apps/user_saml/authtokens'), {
+ method: 'POST',
+ data: {
+ name: deviceName
+ }
+ });
+
+ $.when(creatingToken).done(function(resp) {
+ _this.collection.add(resp.deviceToken);
+ _this.render();
+ _this._newAppPassword.val(resp.token);
+ _this._toggleFormResult(false);
+ _this._newAppPassword.select();
+ _this._tokenName.val('');
+ });
+ $.when(creatingToken).fail(function() {
+ OC.Notification.showTemporary(t('core', 'Error while creating device token'));
+ });
+ $.when(creatingToken).always(function() {
+ _this._toggleAddingToken(false);
+ });
+ },
+
+ _onNewTokenFocus: function() {
+ this._newAppPassword.select();
+ },
+
+ _hideToken: function() {
+ this._toggleFormResult(true);
+ },
+
+ _toggleAddingToken: function(state) {
+ this._addingToken = state;
+ this._addAppPasswordBtn.toggleClass('icon-loading-small', state);
+ },
+
+ _onDeleteToken: function(event) {
+ var $target = $(event.target);
+ var $row = $target.closest('tr');
+ var id = $row.data('id');
+
+ var token = this.collection.get(id);
+ if (_.isUndefined(token)) {
+ // Ignore event
+ return;
+ }
+
+ var destroyingToken = token.destroy();
+
+ var _this = this;
+ $.when(destroyingToken).fail(function() {
+ OC.Notification.showTemporary(t('core', 'Error while deleting the token'));
+ });
+ $.when(destroyingToken).always(function() {
+ _this.render();
+ });
+ },
+
+ _toggleFormResult: function(showForm) {
+ this._form.toggleClass('hidden', !showForm);
+ this._result.toggleClass('hidden', showForm);
+ }
+ });
+
+ OCA.User_SAML.AuthTokenView = AuthTokenView;
+
+})(OCA, _, Backbone, $, Handlebars, moment);
diff --git a/lib/appinfo/application.php b/lib/appinfo/application.php
index 9a3d630..4bc03c2 100644
--- a/lib/appinfo/application.php
+++ b/lib/appinfo/application.php
@@ -21,6 +21,7 @@
namespace OCA\User_SAML\AppInfo;
+use OCA\User_SAML\Controller\AuthSettingsController;
use OCA\User_SAML\Controller\SAMLController;
use OCA\User_SAML\Controller\SettingsController;
use OCA\User_SAML\SAMLSettings;
@@ -35,6 +36,19 @@ class Application extends App {
/**
* Controller
*/
+ $container->registerService('AuthSettingsController', function(IAppContainer $c) {
+ /** @var \OC\Server $server */
+ $server = $c->query('ServerContainer');
+ return new AuthSettingsController(
+ $c->getAppName(),
+ $server->getRequest(),
+ $server->getUserManager(),
+ $server->getSession(),
+ $server->getSecureRandom(),
+ $server->getDb(),
+ $server->getUserSession()->getUser()->getUID()
+ );
+ });
$container->registerService('SettingsController', function(IAppContainer $c) {
/** @var \OC\Server $server */
$server = $c->query('ServerContainer');
diff --git a/lib/controller/authsettingscontroller.php b/lib/controller/authsettingscontroller.php
new file mode 100644
index 0000000..ddc0fad
--- /dev/null
+++ b/lib/controller/authsettingscontroller.php
@@ -0,0 +1,167 @@
+
+ *
+ * @copyright Copyright (c) 2016, ownCloud, Inc.
+ * @license AGPL-3.0
+ *
+ * This code is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License, version 3,
+ * as published by the Free Software Foundation.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License, version 3,
+ * along with this program. If not, see
+ *
+ */
+namespace OCA\User_SAML\Controller;
+
+use OC\AppFramework\Http;
+use OCP\AppFramework\Controller;
+use OCP\AppFramework\Http\JSONResponse;
+use OCP\DB\QueryBuilder\IQueryBuilder;
+use OCP\IDb;
+use OCP\IRequest;
+use OCP\ISession;
+use OCP\IUserManager;
+use OCP\Security\ISecureRandom;
+
+class AuthSettingsController extends Controller {
+ /** @var IUserManager */
+ private $userManager;
+ /** @var ISession */
+ private $session;
+ /** @var string */
+ private $uid;
+ /** @var ISecureRandom */
+ private $random;
+ /** @var IDb */
+ private $db;
+
+ /**
+ * @param string $appName
+ * @param IRequest $request
+ * @param IUserManager $userManager
+ * @param ISession $session
+ * @param ISecureRandom $random
+ * @param IDb $db
+ * @param string $uid
+ */
+ public function __construct($appName,
+ IRequest $request,
+ IUserManager $userManager,
+ ISession $session,
+ ISecureRandom $random,
+ IDb $db,
+ $uid) {
+ parent::__construct($appName, $request);
+ $this->userManager = $userManager;
+ $this->uid = $uid;
+ $this->session = $session;
+ $this->random = $random;
+ $this->db = $db;
+ }
+ /**
+ * @NoAdminRequired
+ *
+ * @return JSONResponse
+ */
+ public function index() {
+ $user = $this->userManager->get($this->uid);
+ if (is_null($user)) {
+ return [];
+ }
+
+ /* @var $qb IQueryBuilder */
+ $qb = $this->db->getQueryBuilder();
+ $qb->select('id', 'uid', 'name', 'token')
+ ->from('user_saml_auth_token')
+ ->where($qb->expr()->eq('uid', $qb->createNamedParameter($user->getUID())))
+ ->setMaxResults(1000);
+ $result = $qb->execute();
+ $data = $result->fetchAll();
+ $result->closeCursor();
+
+ foreach($data as $key => $entry) {
+ unset($data[$key]['token']);
+ unset($data[$key]['uid']);
+ $data[$key]['id'] = (int)$data[$key]['id'];
+ $data[$key]['type'] = 1;
+ }
+
+ return $data;
+ }
+
+ /**
+ * @NoAdminRequired
+ *
+ * @param string $name
+ * @return JSONResponse
+ */
+ public function create($name) {
+ $token = $this->generateRandomDeviceToken();
+
+ $values = [
+ 'uid' => $this->uid,
+ 'name' => $name,
+ 'token' => password_hash($token, PASSWORD_DEFAULT),
+ ];
+
+ /* @var $qb IQueryBuilder */
+ $qb = $this->db->getQueryBuilder();
+ $qb->insert('user_saml_auth_token');
+ foreach($values as $column => $value) {
+ $qb->setValue($column, $qb->createNamedParameter($value));
+ }
+ $qb->execute();
+
+ return [
+ 'token' => $token,
+ 'loginName' => $name,
+ 'deviceToken' => [
+ 'id' => $qb->getLastInsertId(),
+ 'name' => $name,
+ 'type' => 1,
+ ],
+ ];
+ }
+ /**
+ * Return a 20 digit device password
+ *
+ * Example: ABCDE-FGHIJ-KLMNO-PQRST
+ *
+ * @return string
+ */
+ private function generateRandomDeviceToken() {
+ $groups = [];
+ for ($i = 0; $i < 4; $i++) {
+ $groups[] = $this->random->generate(5, implode('', range('A', 'Z')));
+ }
+ return implode('-', $groups);
+ }
+ /**
+ * @NoAdminRequired
+ *
+ * @param string $id
+ * @return JSONResponse
+ */
+ public function destroy($id) {
+ $user = $this->userManager->get($this->uid);
+ if (is_null($user)) {
+ return [];
+ }
+
+ /* @var $qb IQueryBuilder */
+ $qb = $this->db->getQueryBuilder();
+ $qb->delete('user_saml_auth_token')
+ ->where($qb->expr()->eq('id', $qb->createNamedParameter($id)))
+ ->andWhere($qb->expr()->eq('uid', $qb->createNamedParameter($user->getUID())));
+ $qb->execute();
+
+ return [];
+ }
+}
\ No newline at end of file
diff --git a/lib/controller/settingscontroller.php b/lib/controller/settingscontroller.php
index 5ccbeb8..333f6f7 100644
--- a/lib/controller/settingscontroller.php
+++ b/lib/controller/settingscontroller.php
@@ -45,7 +45,17 @@ class SettingsController extends Controller {
$this->l10n = $l10n;
}
- public function displayPanel() {
+ /**
+ * @return Http\TemplateResponse
+ */
+ public function displayPersonalPanel() {
+ return new Http\TemplateResponse($this->appName, 'personal', [], 'blank');
+ }
+
+ /**
+ * @return Http\TemplateResponse
+ */
+ public function displayAdminPanel() {
$serviceProviderFields = [
'x509cert' => $this->l10n->t('X.509 certificate of the Service Provider'),
'privateKey' => $this->l10n->t('Private key of the Service Provider'),
@@ -80,7 +90,7 @@ class SettingsController extends Controller {
'general' => $generalSettings,
];
- return new Http\TemplateResponse($this->appName, 'settings', $params, 'blank');
+ return new Http\TemplateResponse($this->appName, 'admin', $params, 'blank');
}
}
diff --git a/lib/userbackend.php b/lib/userbackend.php
index 4b286b3..7ef3b90 100644
--- a/lib/userbackend.php
+++ b/lib/userbackend.php
@@ -22,6 +22,8 @@
namespace OCA\User_SAML;
use OCP\Authentication\IApacheBackend;
+use OCP\DB\QueryBuilder\IQueryBuilder;
+use OCP\IDb;
use OCP\UserInterface;
use OCP\IUserBackend;
use OCP\IConfig;
@@ -38,21 +40,26 @@ class UserBackend implements IApacheBackend, UserInterface, IUserBackend {
private $urlGenerator;
/** @var ISession */
private $session;
+ /** @var IDb */
+ private $db;
/**
* @param IConfig $config
* @param ILogger $logger
* @param IURLGenerator $urlGenerator
* @param ISession $session
+ * @param IDb $db
*/
public function __construct(IConfig $config,
ILogger $logger,
IURLGenerator $urlGenerator,
- ISession $session) {
+ ISession $session,
+ IDb $db) {
$this->config = $config;
$this->logger = $logger;
$this->urlGenerator = $urlGenerator;
$this->session = $session;
+ $this->db = $db;
}
/**
@@ -65,9 +72,40 @@ class UserBackend implements IApacheBackend, UserInterface, IUserBackend {
* @since 4.5.0
*/
public function implementsActions($actions) {
+ return (bool)((\OC_User_Backend::CHECK_PASSWORD | \OC_User_Backend::GET_DISPLAYNAME)
+ & $actions);
+ }
+
+ /**
+ * Check if the provided token is correct
+ * @param string $uid The username
+ * @param string $password The password
+ * @return string
+ *
+ * Check if the password is correct without logging in the user
+ * returns the user id or false
+ */
+ public function checkPassword($uid, $password) {
+ /* @var $qb IQueryBuilder */
+ $qb = $this->db->getQueryBuilder();
+ $qb->select('token')
+ ->from('user_saml_auth_token')
+ ->where($qb->expr()->eq('uid', $qb->createNamedParameter($uid)))
+ ->setMaxResults(1000);
+ $result = $qb->execute();
+ $data = $result->fetchAll();
+ $result->closeCursor();
+
+ foreach($data as $passwords) {
+ if(password_verify($password, $passwords['token'])) {
+ return $uid;
+ }
+ }
+
return false;
}
+
/**
* delete a user
* @param string $uid The username of the user to delete
diff --git a/personal.php b/personal.php
new file mode 100644
index 0000000..6690e93
--- /dev/null
+++ b/personal.php
@@ -0,0 +1,25 @@
+
+ *
+ * @license GNU AGPL version 3 or any later version
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see .
+ *
+ */
+
+$app = new \OCA\User_SAML\AppInfo\Application();
+/** @var \OCA\User_SAML\Controller\SettingsController $controller */
+$controller = $app->getContainer()->query('SettingsController');
+return $controller->displayPersonalPanel()->render();
diff --git a/templates/settings.php b/templates/admin.php
similarity index 98%
rename from templates/settings.php
rename to templates/admin.php
index 7644a7e..2f751ae 100644
--- a/templates/settings.php
+++ b/templates/admin.php
@@ -1,6 +1,6 @@
diff --git a/templates/personal.php b/templates/personal.php
new file mode 100644
index 0000000..6471658
--- /dev/null
+++ b/templates/personal.php
@@ -0,0 +1,40 @@
+
+
+
+
t('App passwords'));?>
+ t("You've linked these apps."));?>
+
+
+
+
t('Name'));?>
+
+
+
+
+
+
+
t('An app password is a passcode that gives an app or device permissions to access your %s account.', [$theme->getName()]));?>
+
+
+
+
+
+ t('Use the credentials below to configure your app or device.')); ?>
+