diff options
| author | Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> | 2015-05-12 09:41:27 +0000 |
|---|---|---|
| committer | Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> | 2015-05-12 09:41:27 +0000 |
| commit | 4a373be8617814f74fa1bfa99740daecc4fe8278 (patch) | |
| tree | a84b923215c43efa5a82eed984e00c4e7d318493 /db | |
| parent | 8e4dcbb8fb4823a464dfdd8b62075df124ca5bc6 (diff) | |
| parent | 22badc13136369e202dc6df06a62456110879ee4 (diff) | |
| download | gitlab-ce-4a373be8617814f74fa1bfa99740daecc4fe8278.tar.gz | |
Merge branch '2fa' into 'master'
Two-factor authentication
Implement's Two-factor authentication using tokens.
- [X] Authentication logic
- [X] Enable/disable 2FA feature
- [x] Make 2-step login process if 2FA enabled
- [x] Backup codes
- [x] Backup code removed after being used
- [x] Check backup codes for mysql db (mention mysql limitation if applied)
- [x] Add tests
- [x] Test if https://github.com/tinfoil/devise-two-factor#disabling-automatic-login-after-password-resets applies, and address if so
- [x] Wait for fixed version of `attr_encrypted` or fork and use forked version - https://github.com/attr-encrypted/attr_encrypted/issues/155
Fixes http://feedback.gitlab.com/forums/176466-general/suggestions/4516817-implement-two-factor-authentication-2fa
See merge request !474
Diffstat (limited to 'db')
| -rw-r--r-- | db/migrate/20150327223628_add_devise_two_factor_to_users.rb | 8 | ||||
| -rw-r--r-- | db/migrate/20150331183602_add_devise_two_factor_backupable_to_users.rb | 5 | ||||
| -rw-r--r-- | db/schema.rb | 5 |
3 files changed, 18 insertions, 0 deletions
diff --git a/db/migrate/20150327223628_add_devise_two_factor_to_users.rb b/db/migrate/20150327223628_add_devise_two_factor_to_users.rb new file mode 100644 index 00000000000..11b026ee8f3 --- /dev/null +++ b/db/migrate/20150327223628_add_devise_two_factor_to_users.rb @@ -0,0 +1,8 @@ +class AddDeviseTwoFactorToUsers < ActiveRecord::Migration + def change + add_column :users, :encrypted_otp_secret, :string + add_column :users, :encrypted_otp_secret_iv, :string + add_column :users, :encrypted_otp_secret_salt, :string + add_column :users, :otp_required_for_login, :boolean + end +end diff --git a/db/migrate/20150331183602_add_devise_two_factor_backupable_to_users.rb b/db/migrate/20150331183602_add_devise_two_factor_backupable_to_users.rb new file mode 100644 index 00000000000..913958db7c5 --- /dev/null +++ b/db/migrate/20150331183602_add_devise_two_factor_backupable_to_users.rb @@ -0,0 +1,5 @@ +class AddDeviseTwoFactorBackupableToUsers < ActiveRecord::Migration + def change + add_column :users, :otp_backup_codes, :text + end +end diff --git a/db/schema.rb b/db/schema.rb index 04abf9bb9a6..3e5810d7408 100644 --- a/db/schema.rb +++ b/db/schema.rb @@ -492,6 +492,11 @@ ActiveRecord::Schema.define(version: 20150502064022) do t.string "bitbucket_access_token" t.string "bitbucket_access_token_secret" t.string "location" + t.string "encrypted_otp_secret" + t.string "encrypted_otp_secret_iv" + t.string "encrypted_otp_secret_salt" + t.boolean "otp_required_for_login" + t.text "otp_backup_codes" t.string "public_email", default: "", null: false end |