Add support for manually entering 2FA details

e73ea126 · Robert Speicher · f042b085 · e73ea126 · e73ea126 · e73ea126
Commit e73ea126 authored 9 years ago by Robert Speicher
5 changed files
--- a/app/assets/stylesheets/pages/profile.scss
+++ b/app/assets/stylesheets/pages/profile.scss
@@ -93,3 +93,17 @@
    }
  }
 }
+// Profile > Account > Two Factor Authentication
+.two-factor-new {
+  .manual-instructions {
+    h3 {
+      margin-top: 0;
+    }
+    // Slightly increase the size of the details so they're easier to read
+    dl {
+      font-size: 1.1em;
+    }
+  }
+}
--- a/app/controllers/profiles/two_factor_auths_controller.rb
+++ b/app/controllers/profiles/two_factor_auths_controller.rb
 class Profiles::TwoFactorAuthsController < Profiles::ApplicationController
  def new
    unless current_user.otp_secret
-      current_user.otp_secret = User.generate_otp_secret
+      current_user.otp_secret = User.generate_otp_secret(16)
      current_user.save!
    end
@@ -18,6 +18,7 @@ class Profiles::TwoFactorAuthsController < Profiles::ApplicationController
    else
      @error = 'Invalid pin code'
      @qr_code = build_qr_code
      render 'new'
    end
  end

--- a/app/views/profiles/two_factor_auths/new.html.haml
+++ b/app/views/profiles/two_factor_auths/new.html.haml
@@ -7,14 +7,30 @@
 %hr
-= form_tag profile_two_factor_auth_path, method: :post, class: 'form-horizontal' do |f|
+= form_tag profile_two_factor_auth_path, method: :post, class: 'form-horizontal two-factor-new' do |f|
  - if @error
    .alert.alert-danger
      = @error
  .form-group
    .col-sm-2
-    .col-sm-10
+    .col-sm-2
      = raw @qr_code
+    .col-sm-8.manual-instructions
+      %h3 Can't scan the code?
+      %p
+        To add the entry manually, provide the following details to the
+        application on your phone.
+      %dl
+        %dt Account
+        %dd= current_user.email
+      %dl
+        %dt Key
+        %dd= current_user.otp_secret.scan(/.{4}/).join(' ')
+      %dl
+        %dt Time based
+        %dd Yes
  .form-group
    = label_tag :pin_code, nil, class: "control-label"
    .col-sm-10

--- a/spec/controllers/profiles/two_factor_auths_controller_spec.rb
+++ b/spec/controllers/profiles/two_factor_auths_controller_spec.rb
@@ -11,8 +11,11 @@ describe Profiles::TwoFactorAuthsController do
  describe 'GET new' do
    let(:user) { create(:user) }
-    it 'generates otp_secret' do
+    it 'generates otp_secret for user' do
-      expect { get :new }.to change { user.otp_secret }
+      expect(User).to receive(:generate_otp_secret).with(16).and_return('secret').once
+      get :new
+      get :new # Second hit shouldn't re-generate it
    end
    it 'assigns qr_code' do

--- a/spec/factories.rb
+++ b/spec/factories.rb
@@ -31,7 +31,7 @@ FactoryGirl.define do
    trait :two_factor do
      before(:create) do |user|
        user.otp_required_for_login = true
-        user.otp_secret = User.generate_otp_secret
+        user.otp_secret = User.generate_otp_secret(16)
      end
    end