diff options
| author | Drew Blessing <drew@gitlab.com> | 2016-10-17 09:39:14 -0500 |
|---|---|---|
| committer | Drew Blessing <drew@gitlab.com> | 2016-12-16 08:37:40 -0600 |
| commit | 55f224e4e785d0e1515ac4a840e689cb6d9c7d24 (patch) | |
| tree | fc30685f84f5cc6a8b143a799ed7d4a4687dc4d8 | |
| parent | bdb5e6771856c280fa1cf92b19a47fb83a4988ec (diff) | |
| download | gitlab-ce-55f224e4e785d0e1515ac4a840e689cb6d9c7d24.tar.gz | |
Add GitLab host to 2FA QR and manual info
The two factor authentication account string only had the user's
email address. This led to ambiguous entries in two factor
code generating apps. This adds the GitLab host to the account
string in the standard format (according to Google). No matter
the code generator this change disambiguates the entry.
| -rw-r--r-- | app/controllers/profiles/two_factor_auths_controller.rb | 8 | ||||
| -rw-r--r-- | app/views/profiles/two_factor_auths/show.html.haml | 2 | ||||
| -rw-r--r-- | changelogs/unreleased/add_info_to_qr.yml | 4 |
3 files changed, 11 insertions, 3 deletions
diff --git a/app/controllers/profiles/two_factor_auths_controller.rb b/app/controllers/profiles/two_factor_auths_controller.rb index 9eb75bb3891..18044ca78e2 100644 --- a/app/controllers/profiles/two_factor_auths_controller.rb +++ b/app/controllers/profiles/two_factor_auths_controller.rb @@ -22,6 +22,7 @@ class Profiles::TwoFactorAuthsController < Profiles::ApplicationController end @qr_code = build_qr_code + @account_string = account_string setup_u2f_registration end @@ -78,11 +79,14 @@ class Profiles::TwoFactorAuthsController < Profiles::ApplicationController private def build_qr_code - issuer = "#{issuer_host} | #{current_user.email}" - uri = current_user.otp_provisioning_uri(current_user.email, issuer: issuer) + uri = current_user.otp_provisioning_uri(account_string, issuer: issuer_host) RQRCode::render_qrcode(uri, :svg, level: :m, unit: 3) end + def account_string + "#{issuer_host}:#{current_user.email}" + end + def issuer_host Gitlab.config.gitlab.host end diff --git a/app/views/profiles/two_factor_auths/show.html.haml b/app/views/profiles/two_factor_auths/show.html.haml index 03ac739ade5..558a1d56151 100644 --- a/app/views/profiles/two_factor_auths/show.html.haml +++ b/app/views/profiles/two_factor_auths/show.html.haml @@ -30,7 +30,7 @@ To add the entry manually, provide the following details to the application on your phone. %p.prepend-top-0.append-bottom-0 Account: - = current_user.email + = @account_string %p.prepend-top-0.append-bottom-0 Key: = current_user.otp_secret.scan(/.{4}/).join(' ') diff --git a/changelogs/unreleased/add_info_to_qr.yml b/changelogs/unreleased/add_info_to_qr.yml new file mode 100644 index 00000000000..a4b0354a9c9 --- /dev/null +++ b/changelogs/unreleased/add_info_to_qr.yml @@ -0,0 +1,4 @@ +--- +title: Add GitLab host to 2FA QR code and manual info +merge_request: 6941 +author: |