summaryrefslogtreecommitdiff
path: root/app/controllers
diff options
context:
space:
mode:
authorDmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>2015-03-27 17:53:08 -0700
committerRobert Speicher <rspeicher@gmail.com>2015-05-09 17:31:10 -0400
commitcde474a49f0ff44350d813aba83b6880df960f15 (patch)
treef2c403f49391f49d61a2dc473f3ded8b9a61b061 /app/controllers
parentba7e2fd946ba94a9c0b3b18c3f7fc91f63fc652a (diff)
downloadgitlab-ce-cde474a49f0ff44350d813aba83b6880df960f15.tar.gz
Make 2 factor authentication work
Diffstat (limited to 'app/controllers')
-rw-r--r--app/controllers/profiles/two_factor_auths_controller.rb31
1 files changed, 24 insertions, 7 deletions
diff --git a/app/controllers/profiles/two_factor_auths_controller.rb b/app/controllers/profiles/two_factor_auths_controller.rb
index 92ba842fac4..ac14d5ca75b 100644
--- a/app/controllers/profiles/two_factor_auths_controller.rb
+++ b/app/controllers/profiles/two_factor_auths_controller.rb
@@ -1,16 +1,25 @@
class Profiles::TwoFactorAuthsController < ApplicationController
def new
- issuer = "GitLab | #{current_user.email}"
- uri = current_user.otp_provisioning_uri(current_user.email, issuer: issuer)
- @qr_code = RQRCode::render_qrcode(uri, :svg, level: :l, unit: 2)
+ unless current_user.otp_secret
+ current_user.otp_secret = User.generate_otp_secret
+ current_user.save!
+ end
+
+ @qr_code = build_qr_code
end
def create
- current_user.otp_required_for_login = true
- current_user.otp_secret = User.generate_otp_secret
- current_user.save!
+ if current_user.valid_otp?(params[:pin_code])
+ current_user.otp_required_for_login = true
+ #current_user.otp_secret = User.generate_otp_secret
+ current_user.save!
- redirect_to profile_account_path
+ redirect_to profile_account_path
+ else
+ @error = 'Invalid pin code'
+ @qr_code = build_qr_code
+ render 'new'
+ end
end
def destroy
@@ -19,4 +28,12 @@ class Profiles::TwoFactorAuthsController < ApplicationController
redirect_to profile_account_path
end
+
+ private
+
+ def build_qr_code
+ issuer = "GitLab | #{current_user.email}"
+ uri = current_user.otp_provisioning_uri(current_user.email, issuer: issuer)
+ RQRCode::render_qrcode(uri, :svg, level: :m, unit: 3)
+ end
end