summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorRobert Speicher <robert@gitlab.com>2015-12-21 17:53:20 +0000
committerRobert Speicher <robert@gitlab.com>2015-12-21 17:53:20 +0000
commit9570495e75f90d1011531753dd41f0c06e8fcf99 (patch)
treed3326bfcba348788103a5298ab9d4475bc22b773
parent17ed42e362032e3594ae1cf34e6a970be826bdca (diff)
parentbe41d84fb078667694ecbf5f2729175fbf8b0343 (diff)
downloadgitlab-ce-9570495e75f90d1011531753dd41f0c06e8fcf99.tar.gz
Merge branch 'add_email_unlock' into 'master'
Allow account unlock via email We see a lot of users get confused about what it means when your account gets locked. Many try to reset their password and are still faced with a lockout. With this change, users receive an email that allows them to unlock their account immediately. The previous behavior where the account is auto-unlocked after a time also still works. See merge request !2049
-rw-r--r--CHANGELOG1
-rw-r--r--app/models/user.rb1
-rw-r--r--app/views/devise/mailer/unlock_instructions.html.erb7
-rw-r--r--app/views/devise/mailer/unlock_instructions.html.haml10
-rw-r--r--app/views/devise/unlocks/new.html.erb12
-rw-r--r--app/views/devise/unlocks/new.html.haml14
-rw-r--r--config/initializers/devise.rb4
-rw-r--r--db/migrate/20151210030143_add_unlock_token_to_user.rb5
-rw-r--r--db/schema.rb1
-rw-r--r--spec/models/user_spec.rb1
10 files changed, 35 insertions, 21 deletions
diff --git a/CHANGELOG b/CHANGELOG
index 121cf1b1933..828c0a5e7fc 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -24,6 +24,7 @@ v 8.3.0 (unreleased)
- Backport JIRA features from EE to CE
- Add ignore whitespace change option to commit view
- Fire update hook from GitLab
+ - Allow account unlock via email
- Style warning about mentioning many people in a comment
- Fix: sort milestones by due date once again (Greg Smethells)
- Migrate all CI::Services and CI::WebHooks to Services and WebHooks
diff --git a/app/models/user.rb b/app/models/user.rb
index e0ce091c54e..df87f3b79bd 100644
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -26,6 +26,7 @@
# bio :string(255)
# failed_attempts :integer default(0)
# locked_at :datetime
+# unlock_token :string(255)
# username :string(255)
# can_create_group :boolean default(TRUE), not null
# can_create_team :boolean default(TRUE), not null
diff --git a/app/views/devise/mailer/unlock_instructions.html.erb b/app/views/devise/mailer/unlock_instructions.html.erb
deleted file mode 100644
index 79d6c761d8f..00000000000
--- a/app/views/devise/mailer/unlock_instructions.html.erb
+++ /dev/null
@@ -1,7 +0,0 @@
-<p>Hello <%= @resource.email %>!</p>
-
-<p>Your account has been locked due to an excessive amount of unsuccessful sign in attempts.</p>
-
-<p>Click the link below to unlock your account:</p>
-
-<p><%= link_to 'Unlock your account', unlock_url(@resource, unlock_token: @token) %></p>
diff --git a/app/views/devise/mailer/unlock_instructions.html.haml b/app/views/devise/mailer/unlock_instructions.html.haml
new file mode 100644
index 00000000000..52b327e20c5
--- /dev/null
+++ b/app/views/devise/mailer/unlock_instructions.html.haml
@@ -0,0 +1,10 @@
+%p
+Hello #{@resource.name}!
+
+%p
+ Your GitLab account has been locked due to an excessive amount of unsuccessful
+ sign in attempts. Your account will automatically unlock in
+ = time_ago_in_words(Devise.unlock_in.from_now)
+ or you may click the link below to unlock now.
+
+%p= link_to 'Unlock your account', unlock_url(@resource, unlock_token: @token)
diff --git a/app/views/devise/unlocks/new.html.erb b/app/views/devise/unlocks/new.html.erb
deleted file mode 100644
index f9277d1673f..00000000000
--- a/app/views/devise/unlocks/new.html.erb
+++ /dev/null
@@ -1,12 +0,0 @@
-<h2>Resend unlock instructions</h2>
-
-<%= form_for(resource, as: resource_name, url: unlock_path(resource_name), html: { method: :post }) do |f| %>
- <%= devise_error_messages! %>
-
- <div><%= f.label :email %><br />
- <%= f.email_field :email %></div>
-
- <div><%= f.submit "Resend unlock instructions" %></div>
-<% end %>
-
-<%= render partial: "devise/shared/links" %>
diff --git a/app/views/devise/unlocks/new.html.haml b/app/views/devise/unlocks/new.html.haml
new file mode 100644
index 00000000000..49c087c0646
--- /dev/null
+++ b/app/views/devise/unlocks/new.html.haml
@@ -0,0 +1,14 @@
+.login-box
+ .login-heading
+ %h3 Resend unlock email
+ .login-body
+ = form_for(resource, as: resource_name, url: unlock_path(resource_name), html: { method: :post }) do |f|
+ .devise-errors
+ = devise_error_messages!
+ .clearfix.append-bottom-20
+ = f.email_field :email, class: 'form-control', placeholder: 'Email', autofocus: 'autofocus', autocapitalize: 'off', autocorrect: 'off'
+ .clearfix
+ = f.submit 'Resend unlock instructions', class: 'btn btn-success'
+
+.clearfix.prepend-top-20
+ = render 'devise/shared/sign_in_link'
diff --git a/config/initializers/devise.rb b/config/initializers/devise.rb
index 92149826da7..d82cfb3ec0c 100644
--- a/config/initializers/devise.rb
+++ b/config/initializers/devise.rb
@@ -121,14 +121,14 @@ Devise.setup do |config|
config.lock_strategy = :failed_attempts
# Defines which key will be used when locking and unlocking an account
- # config.unlock_keys = [ :email ]
+ config.unlock_keys = [ :email ]
# Defines which strategy will be used to unlock an account.
# :email = Sends an unlock link to the user email
# :time = Re-enables login after a certain amount of time (see :unlock_in below)
# :both = Enables both strategies
# :none = No unlock strategy. You should handle unlocking by yourself.
- config.unlock_strategy = :time
+ config.unlock_strategy = :both
# Number of authentication tries before locking an account if lock_strategy
# is failed attempts.
diff --git a/db/migrate/20151210030143_add_unlock_token_to_user.rb b/db/migrate/20151210030143_add_unlock_token_to_user.rb
new file mode 100644
index 00000000000..0ea66ba65df
--- /dev/null
+++ b/db/migrate/20151210030143_add_unlock_token_to_user.rb
@@ -0,0 +1,5 @@
+class AddUnlockTokenToUser < ActiveRecord::Migration
+ def change
+ add_column :users, :unlock_token, :string
+ end
+end
diff --git a/db/schema.rb b/db/schema.rb
index 0167e30ff8b..60b42f7a473 100644
--- a/db/schema.rb
+++ b/db/schema.rb
@@ -837,6 +837,7 @@ ActiveRecord::Schema.define(version: 20151210125932) do
t.integer "consumed_timestep"
t.integer "layout", default: 0
t.boolean "hide_project_limit", default: false
+ t.string "unlock_token"
end
add_index "users", ["admin"], name: "index_users_on_admin", using: :btree
diff --git a/spec/models/user_spec.rb b/spec/models/user_spec.rb
index 376266c0955..2f184bbaf92 100644
--- a/spec/models/user_spec.rb
+++ b/spec/models/user_spec.rb
@@ -26,6 +26,7 @@
# bio :string(255)
# failed_attempts :integer default(0)
# locked_at :datetime
+# unlock_token :string(255)
# username :string(255)
# can_create_group :boolean default(TRUE), not null
# can_create_team :boolean default(TRUE), not null