diff options
author | Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> | 2015-03-27 17:53:08 -0700 |
---|---|---|
committer | Robert Speicher <rspeicher@gmail.com> | 2015-05-09 17:31:10 -0400 |
commit | cde474a49f0ff44350d813aba83b6880df960f15 (patch) | |
tree | f2c403f49391f49d61a2dc473f3ded8b9a61b061 /app | |
parent | ba7e2fd946ba94a9c0b3b18c3f7fc91f63fc652a (diff) | |
download | gitlab-ce-cde474a49f0ff44350d813aba83b6880df960f15.tar.gz |
Make 2 factor authentication work
Diffstat (limited to 'app')
-rw-r--r-- | app/controllers/profiles/two_factor_auths_controller.rb | 31 | ||||
-rw-r--r-- | app/views/profiles/accounts/show.html.haml | 10 | ||||
-rw-r--r-- | app/views/profiles/two_factor_auths/new.html.haml | 5 |
3 files changed, 37 insertions, 9 deletions
diff --git a/app/controllers/profiles/two_factor_auths_controller.rb b/app/controllers/profiles/two_factor_auths_controller.rb index 92ba842fac4..ac14d5ca75b 100644 --- a/app/controllers/profiles/two_factor_auths_controller.rb +++ b/app/controllers/profiles/two_factor_auths_controller.rb @@ -1,16 +1,25 @@ class Profiles::TwoFactorAuthsController < ApplicationController def new - issuer = "GitLab | #{current_user.email}" - uri = current_user.otp_provisioning_uri(current_user.email, issuer: issuer) - @qr_code = RQRCode::render_qrcode(uri, :svg, level: :l, unit: 2) + unless current_user.otp_secret + current_user.otp_secret = User.generate_otp_secret + current_user.save! + end + + @qr_code = build_qr_code end def create - current_user.otp_required_for_login = true - current_user.otp_secret = User.generate_otp_secret - current_user.save! + if current_user.valid_otp?(params[:pin_code]) + current_user.otp_required_for_login = true + #current_user.otp_secret = User.generate_otp_secret + current_user.save! - redirect_to profile_account_path + redirect_to profile_account_path + else + @error = 'Invalid pin code' + @qr_code = build_qr_code + render 'new' + end end def destroy @@ -19,4 +28,12 @@ class Profiles::TwoFactorAuthsController < ApplicationController redirect_to profile_account_path end + + private + + def build_qr_code + issuer = "GitLab | #{current_user.email}" + uri = current_user.otp_provisioning_uri(current_user.email, issuer: issuer) + RQRCode::render_qrcode(uri, :svg, level: :m, unit: 3) + end end diff --git a/app/views/profiles/accounts/show.html.haml b/app/views/profiles/accounts/show.html.haml index bbcd3baf61b..19b0c5bcb41 100644 --- a/app/views/profiles/accounts/show.html.haml +++ b/app/views/profiles/accounts/show.html.haml @@ -30,9 +30,17 @@ %legend Two-Factor Authentication %p Keep your account secure by enabling two-factor authentication. + %br Each time you log in, you’ll be required to provide your password plus a randomly generated access code. %div - = link_to "Enable 2-Factor Authentication", new_profile_two_factor_auth_path, class: 'btn btn-success' + - if current_user.otp_required_for_login + %strong.text-success + %i.fa.fa-check + 2-Factor Authentication enabled + .pull-right + = link_to "Disable 2-Factor Authentication", profile_two_factor_auth_path, method: :delete, class: 'btn btn-close btn-sm' + - else + = link_to "Enable 2-Factor Authentication", new_profile_two_factor_auth_path, class: 'btn btn-success' - if show_profile_social_tab? %fieldset diff --git a/app/views/profiles/two_factor_auths/new.html.haml b/app/views/profiles/two_factor_auths/new.html.haml index 77329de2e01..8332fc6b8b8 100644 --- a/app/views/profiles/two_factor_auths/new.html.haml +++ b/app/views/profiles/two_factor_auths/new.html.haml @@ -5,7 +5,10 @@ %hr -= form_tag new_profile_two_factor_auth_path, method: :post, class: 'form-horizontal' do |f| += form_tag profile_two_factor_auth_path, method: :post, class: 'form-horizontal' do |f| + - if @error + .alert.alert-danger + = @error .form-group .col-sm-2 .col-sm-10 |