summaryrefslogtreecommitdiff
path: root/app/controllers/profiles
diff options
context:
space:
mode:
authorDrew Blessing <drew@gitlab.com>2016-10-17 09:39:14 -0500
committerDrew Blessing <drew@gitlab.com>2016-12-16 08:37:40 -0600
commit55f224e4e785d0e1515ac4a840e689cb6d9c7d24 (patch)
treefc30685f84f5cc6a8b143a799ed7d4a4687dc4d8 /app/controllers/profiles
parentbdb5e6771856c280fa1cf92b19a47fb83a4988ec (diff)
downloadgitlab-ce-55f224e4e785d0e1515ac4a840e689cb6d9c7d24.tar.gz
Add GitLab host to 2FA QR and manual info
The two factor authentication account string only had the user's email address. This led to ambiguous entries in two factor code generating apps. This adds the GitLab host to the account string in the standard format (according to Google). No matter the code generator this change disambiguates the entry.
Diffstat (limited to 'app/controllers/profiles')
-rw-r--r--app/controllers/profiles/two_factor_auths_controller.rb8
1 files changed, 6 insertions, 2 deletions
diff --git a/app/controllers/profiles/two_factor_auths_controller.rb b/app/controllers/profiles/two_factor_auths_controller.rb
index 9eb75bb3891..18044ca78e2 100644
--- a/app/controllers/profiles/two_factor_auths_controller.rb
+++ b/app/controllers/profiles/two_factor_auths_controller.rb
@@ -22,6 +22,7 @@ class Profiles::TwoFactorAuthsController < Profiles::ApplicationController
end
@qr_code = build_qr_code
+ @account_string = account_string
setup_u2f_registration
end
@@ -78,11 +79,14 @@ class Profiles::TwoFactorAuthsController < Profiles::ApplicationController
private
def build_qr_code
- issuer = "#{issuer_host} | #{current_user.email}"
- uri = current_user.otp_provisioning_uri(current_user.email, issuer: issuer)
+ uri = current_user.otp_provisioning_uri(account_string, issuer: issuer_host)
RQRCode::render_qrcode(uri, :svg, level: :m, unit: 3)
end
+ def account_string
+ "#{issuer_host}:#{current_user.email}"
+ end
+
def issuer_host
Gitlab.config.gitlab.host
end