Skip to content

G
gitlab-ce
Commit 259851c0 authored by Robert Speicher's avatar Robert Speicher
Browse files
Options

Bump devise-two-factor to 2.0.0 

Addresses internal https://dev.gitlab.org/gitlab/gitlabhq/issues/2605

See https://github.com/tinfoil/devise-two-factor/pull/43
parent 69723d20
Hide whitespace changes
Inline Side-by-side
Showing with 16 additions and 11 deletions
Gemfile
View file @ 259851c0
......@@ -38,7 +38,7 @@ gem 'omniauth_crowd'
gem "rack-oauth2", "~> 1.0.5"
# Two-factor authentication
gem 'devise-two-factor', '~> 1.0.1'
gem 'devise-two-factor', '~> 2.0.0'
gem 'rqrcode-rails3', '~> 0.1.7'
gem 'attr_encrypted', '~> 1.3.4'
......
Gemfile.lock
View file @ 259851c0
......@@ -145,13 +145,12 @@ GEM
warden (~> 1.2.3)
devise-async (0.9.0)
devise (~> 3.2)
devise-two-factor (1.0.2)
activemodel
devise-two-factor (2.0.0)
activesupport
attr_encrypted (~> 1.3.2)
devise (~> 3.5.0)
railties
rotp (< 2)
rotp (~> 2)
diff-lcs (1.2.5)
diffy (3.0.7)
docile (1.1.5)
......@@ -566,7 +565,7 @@ GEM
mime-types (>= 1.16, < 3.0)
netrc (~> 0.7)
rinku (1.7.3)
rotp (1.6.1)
rotp (2.1.1)
rouge (1.10.1)
rqrcode (0.7.0)
chunky_png
......@@ -811,7 +810,7 @@ DEPENDENCIES
default_value_for (~> 3.0.0)
devise (~> 3.5.2)
devise-async (~> 0.9.0)
devise-two-factor (~> 1.0.1)
devise-two-factor (~> 2.0.0)
diffy (~> 3.0.3)
doorkeeper (~> 2.1.3)
dropzonejs-rails (~> 0.7.1)
......
app/controllers/profiles/two_factor_auths_controller.rb
View file @ 259851c0
......@@ -9,7 +9,7 @@ class Profiles::TwoFactorAuthsController < Profiles::ApplicationController
end
def create
if current_user.valid_otp?(params[:pin_code])
if current_user.validate_and_consume_otp!(params[:pin_code])
current_user.two_factor_enabled = true
@codes = current_user.generate_otp_backup_codes!
current_user.save!
......
app/controllers/sessions_controller.rb
View file @ 259851c0
......@@ -99,7 +99,7 @@ class SessionsController < Devise::SessionsController
end
def valid_otp_attempt?(user)
user.valid_otp?(user_params[:otp_attempt]) ||
user.validate_and_consume_otp!(user_params[:otp_attempt]) ||
user.invalidate_otp_backup_code!(user_params[:otp_attempt])
end
......
db/migrate/20150920010715_add_consumed_timestep_to_users.rb 0 → 100644
View file @ 259851c0
class AddConsumedTimestepToUsers < ActiveRecord::Migration
def change
add_column :users, :consumed_timestep, :integer
end
end
db/schema.rb
View file @ 259851c0
......@@ -11,7 +11,7 @@
#
# It's strongly recommended that you check this file into your version control system.
ActiveRecord::Schema.define(version: 20150918084513) do
ActiveRecord::Schema.define(version: 20150920010715) do
# These are extensions that must be enabled in order to support this database
enable_extension "plpgsql"
......@@ -749,6 +749,7 @@ ActiveRecord::Schema.define(version: 20150918084513) do
t.string "public_email", default: "", null: false
t.integer "dashboard", default: 0
t.integer "project_view", default: 0
t.integer "consumed_timestep"
end
add_index "users", ["admin"], name: "index_users_on_admin", using: :btree
......
spec/controllers/profiles/two_factor_auths_controller_spec.rb
View file @ 259851c0
......@@ -37,7 +37,7 @@ describe Profiles::TwoFactorAuthsController do
context 'with valid pin' do
before do
expect(user).to receive(:valid_otp?).with(pin).and_return(true)
expect(user).to receive(:validate_and_consume_otp!).with(pin).and_return(true)
end
it 'sets two_factor_enabled' do
......@@ -63,7 +63,7 @@ describe Profiles::TwoFactorAuthsController do
context 'with invalid pin' do
before do
expect(user).to receive(:valid_otp?).with(pin).and_return(false)
expect(user).to receive(:validate_and_consume_otp!).with(pin).and_return(false)
end
it 'assigns error' do
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment
GitLab Nexedi Edition | About GitLab | About Nexedi | 沪ICP备2021021310号-2 | 沪ICP备2021021310号-7