diff options
author | Drew Blessing <drew@gitlab.com> | 2016-07-26 16:48:51 -0500 |
---|---|---|
committer | Drew Blessing <drew@gitlab.com> | 2016-08-24 17:50:57 -0500 |
commit | bba85773519e972d036a933b1f054b6c76050c5f (patch) | |
tree | af569948abbcba0e206c33b4114c5b22f024746a /lib | |
parent | f52cf56e90b2be3edb405fe588c94b637cf5088b (diff) | |
download | gitlab-ce-bba85773519e972d036a933b1f054b6c76050c5f.tar.gz |
Add two factor recovery endpoint to internal API
Diffstat (limited to 'lib')
-rw-r--r-- | lib/api/internal.rb | 25 |
1 files changed, 25 insertions, 0 deletions
diff --git a/lib/api/internal.rb b/lib/api/internal.rb index d8e9ac406c4..5b54c11ef62 100644 --- a/lib/api/internal.rb +++ b/lib/api/internal.rb @@ -101,6 +101,31 @@ module API {} end end + + post '/two_factor_recovery_codes' do + status 200 + + key = Key.find(params[:key_id]) + user = key.user + + # Make sure this isn't a deploy key + unless key.type.nil? + return { success: false, message: 'Deploy keys cannot be used to retrieve recovery codes' } + end + + unless user.present? + return { success: false, message: 'Could not find a user for the given key' } + end + + unless user.two_factor_enabled? + return { success: false, message: 'Two-factor authentication is not enabled for this user' } + end + + codes = user.generate_otp_backup_codes! + user.save! + + { success: true, recovery_codes: codes } + end end end end |