diff options
author | Robert Speicher <robert@gitlab.com> | 2015-12-21 17:53:20 +0000 |
---|---|---|
committer | Robert Speicher <robert@gitlab.com> | 2015-12-21 17:53:20 +0000 |
commit | 9570495e75f90d1011531753dd41f0c06e8fcf99 (patch) | |
tree | d3326bfcba348788103a5298ab9d4475bc22b773 | |
parent | 17ed42e362032e3594ae1cf34e6a970be826bdca (diff) | |
parent | be41d84fb078667694ecbf5f2729175fbf8b0343 (diff) | |
download | gitlab-ce-9570495e75f90d1011531753dd41f0c06e8fcf99.tar.gz |
Merge branch 'add_email_unlock' into 'master'
Allow account unlock via email
We see a lot of users get confused about what it means when your account gets
locked. Many try to reset their password and are still faced with a lockout.
With this change, users receive an email that allows them to unlock their
account immediately. The previous behavior where the account is auto-unlocked
after a time also still works.
See merge request !2049
-rw-r--r-- | CHANGELOG | 1 | ||||
-rw-r--r-- | app/models/user.rb | 1 | ||||
-rw-r--r-- | app/views/devise/mailer/unlock_instructions.html.erb | 7 | ||||
-rw-r--r-- | app/views/devise/mailer/unlock_instructions.html.haml | 10 | ||||
-rw-r--r-- | app/views/devise/unlocks/new.html.erb | 12 | ||||
-rw-r--r-- | app/views/devise/unlocks/new.html.haml | 14 | ||||
-rw-r--r-- | config/initializers/devise.rb | 4 | ||||
-rw-r--r-- | db/migrate/20151210030143_add_unlock_token_to_user.rb | 5 | ||||
-rw-r--r-- | db/schema.rb | 1 | ||||
-rw-r--r-- | spec/models/user_spec.rb | 1 |
10 files changed, 35 insertions, 21 deletions
diff --git a/CHANGELOG b/CHANGELOG index 121cf1b1933..828c0a5e7fc 100644 --- a/CHANGELOG +++ b/CHANGELOG @@ -24,6 +24,7 @@ v 8.3.0 (unreleased) - Backport JIRA features from EE to CE - Add ignore whitespace change option to commit view - Fire update hook from GitLab + - Allow account unlock via email - Style warning about mentioning many people in a comment - Fix: sort milestones by due date once again (Greg Smethells) - Migrate all CI::Services and CI::WebHooks to Services and WebHooks diff --git a/app/models/user.rb b/app/models/user.rb index e0ce091c54e..df87f3b79bd 100644 --- a/app/models/user.rb +++ b/app/models/user.rb @@ -26,6 +26,7 @@ # bio :string(255) # failed_attempts :integer default(0) # locked_at :datetime +# unlock_token :string(255) # username :string(255) # can_create_group :boolean default(TRUE), not null # can_create_team :boolean default(TRUE), not null diff --git a/app/views/devise/mailer/unlock_instructions.html.erb b/app/views/devise/mailer/unlock_instructions.html.erb deleted file mode 100644 index 79d6c761d8f..00000000000 --- a/app/views/devise/mailer/unlock_instructions.html.erb +++ /dev/null @@ -1,7 +0,0 @@ -<p>Hello <%= @resource.email %>!</p> - -<p>Your account has been locked due to an excessive amount of unsuccessful sign in attempts.</p> - -<p>Click the link below to unlock your account:</p> - -<p><%= link_to 'Unlock your account', unlock_url(@resource, unlock_token: @token) %></p> diff --git a/app/views/devise/mailer/unlock_instructions.html.haml b/app/views/devise/mailer/unlock_instructions.html.haml new file mode 100644 index 00000000000..52b327e20c5 --- /dev/null +++ b/app/views/devise/mailer/unlock_instructions.html.haml @@ -0,0 +1,10 @@ +%p +Hello #{@resource.name}! + +%p + Your GitLab account has been locked due to an excessive amount of unsuccessful + sign in attempts. Your account will automatically unlock in + = time_ago_in_words(Devise.unlock_in.from_now) + or you may click the link below to unlock now. + +%p= link_to 'Unlock your account', unlock_url(@resource, unlock_token: @token) diff --git a/app/views/devise/unlocks/new.html.erb b/app/views/devise/unlocks/new.html.erb deleted file mode 100644 index f9277d1673f..00000000000 --- a/app/views/devise/unlocks/new.html.erb +++ /dev/null @@ -1,12 +0,0 @@ -<h2>Resend unlock instructions</h2> - -<%= form_for(resource, as: resource_name, url: unlock_path(resource_name), html: { method: :post }) do |f| %> - <%= devise_error_messages! %> - - <div><%= f.label :email %><br /> - <%= f.email_field :email %></div> - - <div><%= f.submit "Resend unlock instructions" %></div> -<% end %> - -<%= render partial: "devise/shared/links" %> diff --git a/app/views/devise/unlocks/new.html.haml b/app/views/devise/unlocks/new.html.haml new file mode 100644 index 00000000000..49c087c0646 --- /dev/null +++ b/app/views/devise/unlocks/new.html.haml @@ -0,0 +1,14 @@ +.login-box + .login-heading + %h3 Resend unlock email + .login-body + = form_for(resource, as: resource_name, url: unlock_path(resource_name), html: { method: :post }) do |f| + .devise-errors + = devise_error_messages! + .clearfix.append-bottom-20 + = f.email_field :email, class: 'form-control', placeholder: 'Email', autofocus: 'autofocus', autocapitalize: 'off', autocorrect: 'off' + .clearfix + = f.submit 'Resend unlock instructions', class: 'btn btn-success' + +.clearfix.prepend-top-20 + = render 'devise/shared/sign_in_link' diff --git a/config/initializers/devise.rb b/config/initializers/devise.rb index 92149826da7..d82cfb3ec0c 100644 --- a/config/initializers/devise.rb +++ b/config/initializers/devise.rb @@ -121,14 +121,14 @@ Devise.setup do |config| config.lock_strategy = :failed_attempts # Defines which key will be used when locking and unlocking an account - # config.unlock_keys = [ :email ] + config.unlock_keys = [ :email ] # Defines which strategy will be used to unlock an account. # :email = Sends an unlock link to the user email # :time = Re-enables login after a certain amount of time (see :unlock_in below) # :both = Enables both strategies # :none = No unlock strategy. You should handle unlocking by yourself. - config.unlock_strategy = :time + config.unlock_strategy = :both # Number of authentication tries before locking an account if lock_strategy # is failed attempts. diff --git a/db/migrate/20151210030143_add_unlock_token_to_user.rb b/db/migrate/20151210030143_add_unlock_token_to_user.rb new file mode 100644 index 00000000000..0ea66ba65df --- /dev/null +++ b/db/migrate/20151210030143_add_unlock_token_to_user.rb @@ -0,0 +1,5 @@ +class AddUnlockTokenToUser < ActiveRecord::Migration + def change + add_column :users, :unlock_token, :string + end +end diff --git a/db/schema.rb b/db/schema.rb index 0167e30ff8b..60b42f7a473 100644 --- a/db/schema.rb +++ b/db/schema.rb @@ -837,6 +837,7 @@ ActiveRecord::Schema.define(version: 20151210125932) do t.integer "consumed_timestep" t.integer "layout", default: 0 t.boolean "hide_project_limit", default: false + t.string "unlock_token" end add_index "users", ["admin"], name: "index_users_on_admin", using: :btree diff --git a/spec/models/user_spec.rb b/spec/models/user_spec.rb index 376266c0955..2f184bbaf92 100644 --- a/spec/models/user_spec.rb +++ b/spec/models/user_spec.rb @@ -26,6 +26,7 @@ # bio :string(255) # failed_attempts :integer default(0) # locked_at :datetime +# unlock_token :string(255) # username :string(255) # can_create_group :boolean default(TRUE), not null # can_create_team :boolean default(TRUE), not null |