Create Two-factor authentication resource for user

ba7e2fd9 · Dmitriy Zaporozhets · Robert Speicher · 73023951 · ba7e2fd9 · ba7e2fd9
Commit ba7e2fd9 authored Mar 27, 2015 by Dmitriy Zaporozhets Committed by Robert Speicher May 09, 2015
4 changed files
--- a/app/controllers/profiles/two_factor_auths_controller.rb
+++ b/app/controllers/profiles/two_factor_auths_controller.rb
+class Profiles::TwoFactorAuthsController < ApplicationController
+  def new
+    issuer = "GitLab | #{current_user.email}"
+    uri = current_user.otp_provisioning_uri(current_user.email, issuer: issuer)
+    @qr_code = RQRCode::render_qrcode(uri, :svg, level: :l, unit: 2)
+  end
+
+  def create
+    current_user.otp_required_for_login = true
+    current_user.otp_secret = User.generate_otp_secret
+    current_user.save!
+
+    redirect_to profile_account_path
+  end
+
+  def destroy
+    current_user.otp_required_for_login = false
+    current_user.save!
+
+    redirect_to profile_account_path
+  end
+end
--- a/app/views/profiles/accounts/show.html.haml
+++ b/app/views/profiles/accounts/show.html.haml
@@ -26,6 +26,13 @@
              %span You don`t have one yet. Click generate to fix it.
              = f.submit 'Generate', class: "btn success btn-build-token"

+  %fieldset
+    %legend Two-Factor Authentication
+    %p
+      Keep your account secure by enabling two-factor authentication.
+      Each time you log in, you’ll be required to provide your password plus a randomly generated access code.
+    %div
+      = link_to "Enable 2-Factor Authentication", new_profile_two_factor_auth_path, class: 'btn btn-success'

  - if show_profile_social_tab?
    %fieldset

--- a/app/views/profiles/two_factor_auths/new.html.haml
+++ b/app/views/profiles/two_factor_auths/new.html.haml
+%h2.page-title Two-Factor Authentication (TFA)
+%p
+  Download the Google Authenticator application from App Store for iOS or
+  Google Play for Android and scan this code.
+
+%hr
+
+= form_tag new_profile_two_factor_auth_path, method: :post, class: 'form-horizontal' do |f|
+  .form-group
+    .col-sm-2
+    .col-sm-10
+      = raw @qr_code
+  .form-group
+    = label_tag :pin_code, nil, class: "control-label"
+    .col-sm-10
+      = text_field_tag :pin_code, nil, class: "form-control", required: true
+  .form-actions
+    = submit_tag 'Submit', class: 'btn btn-success'
--- a/config/routes.rb
+++ b/config/routes.rb
@@ -226,6 +226,7 @@ Gitlab::Application.routes.draw do
      resources :keys
      resources :emails, only: [:index, :create, :destroy]
      resource :avatar, only: [:destroy]
+      resource :two_factor_auth, only: [:new, :create, :destroy]
    end
  end