From 42f36268629d2029e16b70f1b112e404e6439bd7 Mon Sep 17 00:00:00 2001 From: Robert Speicher Date: Tue, 2 Jun 2015 18:39:20 -0400 Subject: Add 2FA docs [ci skip] --- doc/workflow/README.md | 3 +- doc/workflow/two_factor_authentication.md | 65 +++++++++++++++++++++++++++++++ 2 files changed, 67 insertions(+), 1 deletion(-) create mode 100644 doc/workflow/two_factor_authentication.md diff --git a/doc/workflow/README.md b/doc/workflow/README.md index 0fca68f364e..89005e51958 100644 --- a/doc/workflow/README.md +++ b/doc/workflow/README.md @@ -11,7 +11,8 @@ - [Migrating from SVN to GitLab](migrating_from_svn.md) - [Project importing from GitHub to GitLab](import_projects_from_github.md) - [Project importing from GitLab.com to your private GitLab instance](import_projects_from_gitlab_com.md) +- [Two-factor Authentication (2FA)](two_factor_authentication.md) - [Protected branches](protected_branches.md) - [Change your time zone](timezone.md) - [Keyboard shortcuts](shortcuts.md) -- [Web Editor](web_editor.md) \ No newline at end of file +- [Web Editor](web_editor.md) diff --git a/doc/workflow/two_factor_authentication.md b/doc/workflow/two_factor_authentication.md new file mode 100644 index 00000000000..81f51042bff --- /dev/null +++ b/doc/workflow/two_factor_authentication.md @@ -0,0 +1,65 @@ +# Two-factor Authentication (2FA) + +Two-factor Authentication (2FA) provides an additional level of security to your +GitLab account. Once enabled, in addition to supplying your username and +password to login, you'll be prompted for a code generated by an application on +your phone. + +By enabling 2FA, the only way someone other than you can log into your account +is to know your username and password *and* have access to your phone. + +## Enabling 2FA + +**In GitLab:** + +1. Log in to your GitLab account. +1. Go to your **Profile Settings**. +1. Go to **Acount**. +1. Click **Enable Two-factor Authentication**. + +TODO: Insert screenshot of 2FA page (with the "Can't scan the code?" text) + +**On your phone:** + +1. Install a compatible application. We recommend [Google Authenticator]. +1. In the application, add a new entry in one of two ways: + * Scan the code with your phone's camera to add the entry automatically. + * Enter the details provided to add the entry manually. + +**In GitLab:** + +1. Enter the six-digit pin number from the entry on your phone into the **Pin + code** field. +1. Click **Submit**. + +If the pin you entered was correct, you'll see a message indicating that +Two-factor Authentication has been enabled, and you'll be presented with a list +of recovery codes. + +## Recovery Codes + +Should you ever lose access to your phone, you can use one of the ten provided +backup codes to login to your account. We suggest copying or printing them for +storage in a safe place. **Each code can be used only once** to log in to your +account. + +If you lose the recovery codes or just want to generate new ones, you can do so +from the **Profile Settings** > **Acount** page where you first enabled 2FA. + +## Logging in with 2FA Enabled + +Logging in with 2FA enabled is only slightly different than a normal login. +Enter your username and password credentials as you normally would, and you'll +be presented with a second prompt for an authentication code. Enter the pin from +your phone's application or a recovery code to log in. + +TODO: Insert screenshot of 2FA login prompt? + +## Disabling 2FA + +1. Log in to your GitLab account. +1. Go to your **Profile Settings**. +1. Go to **Acount**. +1. Click **Disable Two-factor Authentication**. + +[Google Authenticator]: https://support.google.com/accounts/answer/1066447?hl=en -- cgit v1.2.1 From 41ee2aa2d70ddb729904d90f12b0318f2ce58215 Mon Sep 17 00:00:00 2001 From: Job van der Voort Date: Wed, 3 Jun 2015 15:35:13 +0200 Subject: fix typo and add screenshots --- doc/workflow/2fa.png | Bin 0 -> 23415 bytes doc/workflow/2fa_auth.png | Bin 0 -> 15569 bytes doc/workflow/two_factor_authentication.md | 6 +++--- 3 files changed, 3 insertions(+), 3 deletions(-) create mode 100644 doc/workflow/2fa.png create mode 100644 doc/workflow/2fa_auth.png diff --git a/doc/workflow/2fa.png b/doc/workflow/2fa.png new file mode 100644 index 00000000000..bbf415210d5 Binary files /dev/null and b/doc/workflow/2fa.png differ diff --git a/doc/workflow/2fa_auth.png b/doc/workflow/2fa_auth.png new file mode 100644 index 00000000000..4a4fbe68984 Binary files /dev/null and b/doc/workflow/2fa_auth.png differ diff --git a/doc/workflow/two_factor_authentication.md b/doc/workflow/two_factor_authentication.md index 81f51042bff..8ac1ca4b351 100644 --- a/doc/workflow/two_factor_authentication.md +++ b/doc/workflow/two_factor_authentication.md @@ -14,10 +14,10 @@ is to know your username and password *and* have access to your phone. 1. Log in to your GitLab account. 1. Go to your **Profile Settings**. -1. Go to **Acount**. +1. Go to **Account**. 1. Click **Enable Two-factor Authentication**. -TODO: Insert screenshot of 2FA page (with the "Can't scan the code?" text) +![Two-factor setup](2fa.png) **On your phone:** @@ -53,7 +53,7 @@ Enter your username and password credentials as you normally would, and you'll be presented with a second prompt for an authentication code. Enter the pin from your phone's application or a recovery code to log in. -TODO: Insert screenshot of 2FA login prompt? +![Two-factor authentication on sign in](2fa_auth.png) ## Disabling 2FA -- cgit v1.2.1 From 6e5473f930c11be6719585b47c47d8552f6b41b5 Mon Sep 17 00:00:00 2001 From: Robert Speicher Date: Wed, 3 Jun 2015 17:27:23 -0400 Subject: Remove show actions from Admin and Project DeployKeys --- app/controllers/admin/deploy_keys_controller.rb | 7 +---- app/controllers/projects/deploy_keys_controller.rb | 4 --- app/views/admin/deploy_keys/show.html.haml | 35 ---------------------- app/views/projects/deploy_keys/show.html.haml | 14 --------- config/routes.rb | 4 +-- features/admin/deploy_keys.feature | 5 ---- features/steps/admin/deploy_keys.rb | 11 ------- spec/routing/project_routing_spec.rb | 2 +- 8 files changed, 4 insertions(+), 78 deletions(-) delete mode 100644 app/views/admin/deploy_keys/show.html.haml delete mode 100644 app/views/projects/deploy_keys/show.html.haml diff --git a/app/controllers/admin/deploy_keys_controller.rb b/app/controllers/admin/deploy_keys_controller.rb index c301e61d1c7..285e8495342 100644 --- a/app/controllers/admin/deploy_keys_controller.rb +++ b/app/controllers/admin/deploy_keys_controller.rb @@ -1,13 +1,8 @@ class Admin::DeployKeysController < Admin::ApplicationController before_action :deploy_keys, only: [:index] - before_action :deploy_key, only: [:show, :destroy] + before_action :deploy_key, only: [:destroy] def index - - end - - def show - end def new diff --git a/app/controllers/projects/deploy_keys_controller.rb b/app/controllers/projects/deploy_keys_controller.rb index 8c1bbf76917..40e2b37912b 100644 --- a/app/controllers/projects/deploy_keys_controller.rb +++ b/app/controllers/projects/deploy_keys_controller.rb @@ -18,10 +18,6 @@ class Projects::DeployKeysController < Projects::ApplicationController @available_public_keys -= @available_project_keys end - def show - @key = @project.deploy_keys.find(params[:id]) - end - def new @key = @project.deploy_keys.new diff --git a/app/views/admin/deploy_keys/show.html.haml b/app/views/admin/deploy_keys/show.html.haml deleted file mode 100644 index ea361ca4bdb..00000000000 --- a/app/views/admin/deploy_keys/show.html.haml +++ /dev/null @@ -1,35 +0,0 @@ -- page_title @deploy_key.title, "Deploy Keys" -.row - .col-md-4 - .panel.panel-default - .panel-heading - Deploy Key - %ul.well-list - %li - %span.light Title: - %strong= @deploy_key.title - %li - %span.light Created on: - %strong= @deploy_key.created_at.stamp("Aug 21, 2011") - - .panel.panel-default - .panel-heading Projects (#{@deploy_key.deploy_keys_projects.count}) - - if @deploy_key.deploy_keys_projects.any? - %ul.well-list - - @deploy_key.projects.each do |project| - %li - %span - %strong - = link_to project.name_with_namespace, [:admin, project.namespace.becomes(Namespace), project] - .pull-right - = link_to disable_namespace_project_deploy_key_path(project.namespace, project, @deploy_key), data: { confirm: "Are you sure?" }, method: :put, class: "btn-xs btn btn-remove", title: 'Remove deploy key from project' do - %i.fa.fa-times.fa-inverse - - .col-md-8 - %p - %span.light Fingerprint: - %strong= @deploy_key.fingerprint - %pre.well-pre - = @deploy_key.key - .pull-right - = link_to 'Remove', admin_deploy_key_path(@deploy_key), data: {confirm: 'Are you sure?'}, method: :delete, class: "btn btn-remove delete-key" diff --git a/app/views/projects/deploy_keys/show.html.haml b/app/views/projects/deploy_keys/show.html.haml deleted file mode 100644 index 7d44652af72..00000000000 --- a/app/views/projects/deploy_keys/show.html.haml +++ /dev/null @@ -1,14 +0,0 @@ -- page_title @key.title, "Deploy Keys" -%h3.page-title - Deploy key: - = @key.title - %small - created on - = @key.created_at.stamp("Aug 21, 2011") -.back-link - = link_to namespace_project_deploy_keys_path(@project.namespace, @project) do - ← To keys list -%hr -%pre= @key.key -.pull-right - = link_to 'Remove', namespace_project_deploy_key_path(@project.namespace, @project, @key), data: { confirm: 'Are you sure?'}, method: :delete, class: "btn-remove btn delete-key" diff --git a/config/routes.rb b/config/routes.rb index b7380254abb..f4a104664f3 100644 --- a/config/routes.rb +++ b/config/routes.rb @@ -165,7 +165,7 @@ Gitlab::Application.routes.draw do end end - resources :deploy_keys, only: [:index, :show, :new, :create, :destroy] + resources :deploy_keys, only: [:index, :new, :create, :destroy] resources :hooks, only: [:index, :create, :destroy] do get :test @@ -421,7 +421,7 @@ Gitlab::Application.routes.draw do end end - resources :deploy_keys, constraints: { id: /\d+/ }, only: [:index, :show, :new, :create] do + resources :deploy_keys, constraints: { id: /\d+/ }, only: [:index, :new, :create] do member do put :enable put :disable diff --git a/features/admin/deploy_keys.feature b/features/admin/deploy_keys.feature index 9df47eb51fd..33439cd1e85 100644 --- a/features/admin/deploy_keys.feature +++ b/features/admin/deploy_keys.feature @@ -8,11 +8,6 @@ Feature: Admin Deploy Keys When I visit admin deploy keys page Then I should see all public deploy keys - Scenario: Deploy Keys show - When I visit admin deploy keys page - And I click on first deploy key - Then I should see deploy key details - Scenario: Deploy Keys new When I visit admin deploy keys page And I click 'New Deploy Key' diff --git a/features/steps/admin/deploy_keys.rb b/features/steps/admin/deploy_keys.rb index fb0b611762e..844837d177d 100644 --- a/features/steps/admin/deploy_keys.rb +++ b/features/steps/admin/deploy_keys.rb @@ -14,17 +14,6 @@ class Spinach::Features::AdminDeployKeys < Spinach::FeatureSteps end end - step 'I click on first deploy key' do - click_link DeployKey.are_public.first.title - end - - step 'I should see deploy key details' do - deploy_key = DeployKey.are_public.first - current_path.should == admin_deploy_key_path(deploy_key) - page.should have_content(deploy_key.title) - page.should have_content(deploy_key.key) - end - step 'I visit admin deploy key page' do visit admin_deploy_key_path(deploy_key) end diff --git a/spec/routing/project_routing_spec.rb b/spec/routing/project_routing_spec.rb index 3a0d9b88d75..0040718d9be 100644 --- a/spec/routing/project_routing_spec.rb +++ b/spec/routing/project_routing_spec.rb @@ -172,7 +172,7 @@ end # DELETE /:project_id/deploy_keys/:id(.:format) deploy_keys#destroy describe Projects::DeployKeysController, 'routing' do it_behaves_like 'RESTful project resources' do - let(:actions) { [:index, :show, :new, :create] } + let(:actions) { [:index, :new, :create] } let(:controller) { 'deploy_keys' } end end -- cgit v1.2.1 From 793d9799b64c1a46b6e7f45a74c89c3298ad0221 Mon Sep 17 00:00:00 2001 From: Robert Speicher Date: Wed, 3 Jun 2015 17:54:16 -0400 Subject: Show key fingerprint on DeployKeys#index Also style all key fingerprints consistently across the app. --- app/assets/stylesheets/generic/typography.scss | 7 +++++++ app/views/admin/deploy_keys/index.html.haml | 3 +-- app/views/profiles/keys/_key.html.haml | 3 +-- app/views/profiles/keys/_key_details.html.haml | 2 +- app/views/projects/deploy_keys/_deploy_key.html.haml | 16 ++++++---------- 5 files changed, 16 insertions(+), 15 deletions(-) diff --git a/app/assets/stylesheets/generic/typography.scss b/app/assets/stylesheets/generic/typography.scss index e5590897947..66767cb13cb 100644 --- a/app/assets/stylesheets/generic/typography.scss +++ b/app/assets/stylesheets/generic/typography.scss @@ -23,6 +23,13 @@ pre { font-family: $monospace_font; } +code { + &.key-fingerprint { + background: $body-bg; + color: $text-color; + } +} + /** * Wiki typography * diff --git a/app/views/admin/deploy_keys/index.html.haml b/app/views/admin/deploy_keys/index.html.haml index 367d25cd6a1..6405a69fad3 100644 --- a/app/views/admin/deploy_keys/index.html.haml +++ b/app/views/admin/deploy_keys/index.html.haml @@ -19,8 +19,7 @@ = link_to admin_deploy_key_path(deploy_key) do %strong= deploy_key.title %td - %span - (#{deploy_key.fingerprint}) + %code.key-fingerprint= deploy_key.fingerprint %td %span.cgray added #{time_ago_with_tooltip(deploy_key.created_at)} diff --git a/app/views/profiles/keys/_key.html.haml b/app/views/profiles/keys/_key.html.haml index fe5770f45c3..9bbccbc45ea 100644 --- a/app/views/profiles/keys/_key.html.haml +++ b/app/views/profiles/keys/_key.html.haml @@ -3,8 +3,7 @@ = link_to path_to_key(key, is_admin) do %strong= key.title %td - %span - (#{key.fingerprint}) + %code.key-fingerprint= key.fingerprint %td %span.cgray added #{time_ago_with_tooltip(key.created_at)} diff --git a/app/views/profiles/keys/_key_details.html.haml b/app/views/profiles/keys/_key_details.html.haml index 8bac22a2e1a..e0ae4d9720f 100644 --- a/app/views/profiles/keys/_key_details.html.haml +++ b/app/views/profiles/keys/_key_details.html.haml @@ -15,7 +15,7 @@ .col-md-8 %p %span.light Fingerprint: - %strong= @key.fingerprint + %code.key-fingerprint= @key.fingerprint %pre.well-pre = @key.key .pull-right diff --git a/app/views/projects/deploy_keys/_deploy_key.html.haml b/app/views/projects/deploy_keys/_deploy_key.html.haml index c577dfa8d55..8d66bae8cdf 100644 --- a/app/views/projects/deploy_keys/_deploy_key.html.haml +++ b/app/views/projects/deploy_keys/_deploy_key.html.haml @@ -2,24 +2,20 @@ .pull-right - if @available_keys.include?(deploy_key) = link_to enable_namespace_project_deploy_key_path(@project.namespace, @project, deploy_key), class: 'btn btn-sm', method: :put do - %i.fa.fa-plus + = icon('plus') Enable - else - if deploy_key.destroyed_when_orphaned? && deploy_key.almost_orphaned? = link_to 'Remove', disable_namespace_project_deploy_key_path(@project.namespace, @project, deploy_key), data: { confirm: 'You are going to remove deploy key. Are you sure?'}, method: :put, class: "btn btn-remove delete-key btn-sm pull-right" - else = link_to disable_namespace_project_deploy_key_path(@project.namespace, @project, deploy_key), class: 'btn btn-sm', method: :put do - %i.fa.fa-power-off + = icon('power-off') Disable - - if project = project_for_deploy_key(deploy_key) - = link_to namespace_project_deploy_key_path(project.namespace, project, deploy_key) do - %i.fa.fa-key - %strong= deploy_key.title - - else - %i.fa.fa-key - %strong= deploy_key.title - + = icon('key') + %strong= deploy_key.title + %br + %code.key-fingerprint= deploy_key.fingerprint %p.light.prepend-top-10 - if deploy_key.public? -- cgit v1.2.1