Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
Jérome Perrin
gitlab-ce
Commits
b6318297
Commit
b6318297
authored
Jun 19, 2015
by
Robert Speicher
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Use User#two_factor_enabled instead of otp_required_for_login
parent
22dd2240
Changes
5
Hide whitespace changes
Inline
Side-by-side
Showing
5 changed files
with
9 additions
and
9 deletions
+9
-9
app/controllers/passwords_controller.rb
app/controllers/passwords_controller.rb
+1
-1
app/controllers/profiles/two_factor_auths_controller.rb
app/controllers/profiles/two_factor_auths_controller.rb
+2
-2
app/controllers/sessions_controller.rb
app/controllers/sessions_controller.rb
+1
-1
app/views/profiles/accounts/show.html.haml
app/views/profiles/accounts/show.html.haml
+1
-1
spec/controllers/profiles/two_factor_auths_controller_spec.rb
.../controllers/profiles/two_factor_auths_controller_spec.rb
+4
-4
No files found.
app/controllers/passwords_controller.rb
View file @
b6318297
...
@@ -24,7 +24,7 @@ class PasswordsController < Devise::PasswordsController
...
@@ -24,7 +24,7 @@ class PasswordsController < Devise::PasswordsController
super
do
|
resource
|
super
do
|
resource
|
# TODO (rspeicher): In Devise master (> 3.4.1), we can set
# TODO (rspeicher): In Devise master (> 3.4.1), we can set
# `Devise.sign_in_after_reset_password = false` and avoid this mess.
# `Devise.sign_in_after_reset_password = false` and avoid this mess.
if
resource
.
errors
.
empty?
&&
resource
.
try
(
:
otp_required_for_login
?
)
if
resource
.
errors
.
empty?
&&
resource
.
try
(
:
two_factor_enabled
?
)
resource
.
unlock_access!
if
unlockable?
(
resource
)
resource
.
unlock_access!
if
unlockable?
(
resource
)
# Since we are not signing this user in, we use the :updated_not_active
# Since we are not signing this user in, we use the :updated_not_active
...
...
app/controllers/profiles/two_factor_auths_controller.rb
View file @
b6318297
...
@@ -10,7 +10,7 @@ class Profiles::TwoFactorAuthsController < Profiles::ApplicationController
...
@@ -10,7 +10,7 @@ class Profiles::TwoFactorAuthsController < Profiles::ApplicationController
def
create
def
create
if
current_user
.
valid_otp?
(
params
[
:pin_code
])
if
current_user
.
valid_otp?
(
params
[
:pin_code
])
current_user
.
otp_required_for_login
=
true
current_user
.
two_factor_enabled
=
true
@codes
=
current_user
.
generate_otp_backup_codes!
@codes
=
current_user
.
generate_otp_backup_codes!
current_user
.
save!
current_user
.
save!
...
@@ -30,7 +30,7 @@ class Profiles::TwoFactorAuthsController < Profiles::ApplicationController
...
@@ -30,7 +30,7 @@ class Profiles::TwoFactorAuthsController < Profiles::ApplicationController
def
destroy
def
destroy
current_user
.
update_attributes
({
current_user
.
update_attributes
({
otp_required_for_login:
false
,
two_factor_enabled:
false
,
encrypted_otp_secret:
nil
,
encrypted_otp_secret:
nil
,
encrypted_otp_secret_iv:
nil
,
encrypted_otp_secret_iv:
nil
,
encrypted_otp_secret_salt:
nil
,
encrypted_otp_secret_salt:
nil
,
...
...
app/controllers/sessions_controller.rb
View file @
b6318297
...
@@ -57,7 +57,7 @@ class SessionsController < Devise::SessionsController
...
@@ -57,7 +57,7 @@ class SessionsController < Devise::SessionsController
def
authenticate_with_two_factor
def
authenticate_with_two_factor
user
=
self
.
resource
=
find_user
user
=
self
.
resource
=
find_user
return
unless
user
&&
user
.
otp_required_for_login
return
unless
user
&&
user
.
two_factor_enabled?
if
user_params
[
:otp_attempt
].
present?
&&
session
[
:otp_user_id
]
if
user_params
[
:otp_attempt
].
present?
&&
session
[
:otp_user_id
]
if
valid_otp_attempt?
(
user
)
if
valid_otp_attempt?
(
user
)
...
...
app/views/profiles/accounts/show.html.haml
View file @
b6318297
...
@@ -36,7 +36,7 @@
...
@@ -36,7 +36,7 @@
.panel-heading
.panel-heading
Two-factor Authentication
Two-factor Authentication
.panel-body
.panel-body
-
if
current_user
.
otp_required_for_login
-
if
current_user
.
two_factor_enabled?
.pull-right
.pull-right
=
link_to
'Disable Two-factor Authentication'
,
profile_two_factor_auth_path
,
method: :delete
,
class:
'btn btn-close btn-sm'
,
=
link_to
'Disable Two-factor Authentication'
,
profile_two_factor_auth_path
,
method: :delete
,
class:
'btn btn-close btn-sm'
,
data:
{
confirm:
'Are you sure?'
}
data:
{
confirm:
'Are you sure?'
}
...
...
spec/controllers/profiles/two_factor_auths_controller_spec.rb
View file @
b6318297
...
@@ -40,11 +40,11 @@ describe Profiles::TwoFactorAuthsController do
...
@@ -40,11 +40,11 @@ describe Profiles::TwoFactorAuthsController do
expect
(
user
).
to
receive
(
:valid_otp?
).
with
(
pin
).
and_return
(
true
)
expect
(
user
).
to
receive
(
:valid_otp?
).
with
(
pin
).
and_return
(
true
)
end
end
it
'sets
otp_required_for_login
'
do
it
'sets
two_factor_enabled
'
do
go
go
user
.
reload
user
.
reload
expect
(
user
.
otp_required_for_login
).
to
eq
true
expect
(
user
).
to
be_two_factor_enabled
end
end
it
'presents plaintext codes for the user to save'
do
it
'presents plaintext codes for the user to save'
do
...
@@ -109,13 +109,13 @@ describe Profiles::TwoFactorAuthsController do
...
@@ -109,13 +109,13 @@ describe Profiles::TwoFactorAuthsController do
let!
(
:codes
)
{
user
.
generate_otp_backup_codes!
}
let!
(
:codes
)
{
user
.
generate_otp_backup_codes!
}
it
'clears all 2FA-related fields'
do
it
'clears all 2FA-related fields'
do
expect
(
user
.
otp_required_for_login
).
to
eq
true
expect
(
user
).
to
be_two_factor_enabled
expect
(
user
.
otp_backup_codes
).
not_to
be_nil
expect
(
user
.
otp_backup_codes
).
not_to
be_nil
expect
(
user
.
encrypted_otp_secret
).
not_to
be_nil
expect
(
user
.
encrypted_otp_secret
).
not_to
be_nil
delete
:destroy
delete
:destroy
expect
(
user
.
otp_required_for_login
).
to
eq
false
expect
(
user
).
not_to
be_two_factor_enabled
expect
(
user
.
otp_backup_codes
).
to
be_nil
expect
(
user
.
otp_backup_codes
).
to
be_nil
expect
(
user
.
encrypted_otp_secret
).
to
be_nil
expect
(
user
.
encrypted_otp_secret
).
to
be_nil
end
end
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment