Commit cde474a4 authored by Dmitriy Zaporozhets's avatar Dmitriy Zaporozhets Committed by Robert Speicher

Make 2 factor authentication work

parent ba7e2fd9
class Profiles::TwoFactorAuthsController < ApplicationController class Profiles::TwoFactorAuthsController < ApplicationController
def new def new
issuer = "GitLab | #{current_user.email}" unless current_user.otp_secret
uri = current_user.otp_provisioning_uri(current_user.email, issuer: issuer) current_user.otp_secret = User.generate_otp_secret
@qr_code = RQRCode::render_qrcode(uri, :svg, level: :l, unit: 2) current_user.save!
end
@qr_code = build_qr_code
end end
def create def create
current_user.otp_required_for_login = true if current_user.valid_otp?(params[:pin_code])
current_user.otp_secret = User.generate_otp_secret current_user.otp_required_for_login = true
current_user.save! #current_user.otp_secret = User.generate_otp_secret
current_user.save!
redirect_to profile_account_path redirect_to profile_account_path
else
@error = 'Invalid pin code'
@qr_code = build_qr_code
render 'new'
end
end end
def destroy def destroy
...@@ -19,4 +28,12 @@ class Profiles::TwoFactorAuthsController < ApplicationController ...@@ -19,4 +28,12 @@ class Profiles::TwoFactorAuthsController < ApplicationController
redirect_to profile_account_path redirect_to profile_account_path
end end
private
def build_qr_code
issuer = "GitLab | #{current_user.email}"
uri = current_user.otp_provisioning_uri(current_user.email, issuer: issuer)
RQRCode::render_qrcode(uri, :svg, level: :m, unit: 3)
end
end end
...@@ -30,9 +30,17 @@ ...@@ -30,9 +30,17 @@
%legend Two-Factor Authentication %legend Two-Factor Authentication
%p %p
Keep your account secure by enabling two-factor authentication. Keep your account secure by enabling two-factor authentication.
%br
Each time you log in, you’ll be required to provide your password plus a randomly generated access code. Each time you log in, you’ll be required to provide your password plus a randomly generated access code.
%div %div
= link_to "Enable 2-Factor Authentication", new_profile_two_factor_auth_path, class: 'btn btn-success' - if current_user.otp_required_for_login
%strong.text-success
%i.fa.fa-check
2-Factor Authentication enabled
.pull-right
= link_to "Disable 2-Factor Authentication", profile_two_factor_auth_path, method: :delete, class: 'btn btn-close btn-sm'
- else
= link_to "Enable 2-Factor Authentication", new_profile_two_factor_auth_path, class: 'btn btn-success'
- if show_profile_social_tab? - if show_profile_social_tab?
%fieldset %fieldset
......
...@@ -5,7 +5,10 @@ ...@@ -5,7 +5,10 @@
%hr %hr
= form_tag new_profile_two_factor_auth_path, method: :post, class: 'form-horizontal' do |f| = form_tag profile_two_factor_auth_path, method: :post, class: 'form-horizontal' do |f|
- if @error
.alert.alert-danger
= @error
.form-group .form-group
.col-sm-2 .col-sm-2
.col-sm-10 .col-sm-10
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment