diff options
| author | Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> | 2015-03-27 16:23:33 -0700 |
|---|---|---|
| committer | Robert Speicher <rspeicher@gmail.com> | 2015-05-09 17:31:07 -0400 |
| commit | 7302395142dc93a45239c993b69958ca4a757c92 (patch) | |
| tree | 17dfc5014de431462f05c13bec35f14b5b90550e | |
| parent | fe75411df8d8ed41e89cfcae73d1ea34b8b339b9 (diff) | |
| download | gitlab-ce-7302395142dc93a45239c993b69958ca4a757c92.tar.gz | |
Init 2 factor authentication for user model
| -rw-r--r-- | app/models/user.rb | 5 | ||||
| -rw-r--r-- | app/views/devise/sessions/_new_base.html.haml | 3 | ||||
| -rw-r--r-- | config/initializers/devise.rb | 4 | ||||
| -rw-r--r-- | db/migrate/20150327223628_add_devise_two_factor_to_users.rb | 8 |
4 files changed, 18 insertions, 2 deletions
diff --git a/app/models/user.rb b/app/models/user.rb index 1cf7cfea974..b9e28900187 100644 --- a/app/models/user.rb +++ b/app/models/user.rb @@ -57,6 +57,9 @@ require 'carrierwave/orm/activerecord' require 'file_size_validator' class User < ActiveRecord::Base + devise :two_factor_authenticatable, + :otp_secret_encryption_key => File.read(Rails.root.join('.secret')).chomp + include Sortable include Gitlab::ConfigHelper include TokenAuthenticatable @@ -70,7 +73,7 @@ class User < ActiveRecord::Base default_value_for :hide_no_password, false default_value_for :theme_id, gitlab_config.default_theme - devise :database_authenticatable, :lockable, :async, + devise :lockable, :async, :recoverable, :rememberable, :trackable, :validatable, :omniauthable, :confirmable, :registerable attr_accessor :force_random_password diff --git a/app/views/devise/sessions/_new_base.html.haml b/app/views/devise/sessions/_new_base.html.haml index 54a39726771..4ecb74fb56e 100644 --- a/app/views/devise/sessions/_new_base.html.haml +++ b/app/views/devise/sessions/_new_base.html.haml @@ -1,6 +1,7 @@ = form_for(resource, as: resource_name, url: session_path(resource_name)) do |f| = f.text_field :login, class: "form-control top", placeholder: "Username or Email", autofocus: "autofocus" - = f.password_field :password, class: "form-control bottom", placeholder: "Password" + = f.password_field :password, class: "form-control middle", placeholder: "Password" + = f.text_field :otp_attempt, class: 'form-control bottom', placeholder: 'Two-factor authentication token' - if devise_mapping.rememberable? .remember-me.checkbox %label{for: "user_remember_me"} diff --git a/config/initializers/devise.rb b/config/initializers/devise.rb index 8f8c4169740..956bb048b2a 100644 --- a/config/initializers/devise.rb +++ b/config/initializers/devise.rb @@ -1,6 +1,10 @@ # Use this hook to configure devise mailer, warden hooks and so forth. The first # four configuration values can also be set straight in your models. Devise.setup do |config| + config.warden do |manager| + manager.default_strategies(:scope => :user).unshift :two_factor_authenticatable + end + # ==> Mailer Configuration # Configure the class responsible to send e-mails. config.mailer = "DeviseMailer" diff --git a/db/migrate/20150327223628_add_devise_two_factor_to_users.rb b/db/migrate/20150327223628_add_devise_two_factor_to_users.rb new file mode 100644 index 00000000000..11b026ee8f3 --- /dev/null +++ b/db/migrate/20150327223628_add_devise_two_factor_to_users.rb @@ -0,0 +1,8 @@ +class AddDeviseTwoFactorToUsers < ActiveRecord::Migration + def change + add_column :users, :encrypted_otp_secret, :string + add_column :users, :encrypted_otp_secret_iv, :string + add_column :users, :encrypted_otp_secret_salt, :string + add_column :users, :otp_required_for_login, :boolean + end +end |