Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
Jérome Perrin
gitlab-ce
Commits
218f3e70
Commit
218f3e70
authored
Mar 03, 2016
by
Phil Hughes
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Moved 2fa into separate view
parent
c4baf241
Changes
5
Show whitespace changes
Inline
Side-by-side
Showing
5 changed files
with
64 additions
and
104 deletions
+64
-104
app/controllers/application_controller.rb
app/controllers/application_controller.rb
+1
-1
app/controllers/profiles/accounts_controller.rb
app/controllers/profiles/accounts_controller.rb
+0
-35
app/controllers/profiles/two_factor_auths_controller.rb
app/controllers/profiles/two_factor_auths_controller.rb
+23
-3
app/views/profiles/accounts/show.html.haml
app/views/profiles/accounts/show.html.haml
+2
-26
app/views/profiles/two_factor_auths/new.html.haml
app/views/profiles/two_factor_auths/new.html.haml
+38
-39
No files found.
app/controllers/application_controller.rb
View file @
218f3e70
...
...
@@ -240,7 +240,7 @@ class ApplicationController < ActionController::Base
def
check_2fa_requirement
if
two_factor_authentication_required?
&&
current_user
&&
!
current_user
.
two_factor_enabled
&&
!
skip_two_factor?
redirect_to
profile_account
_path
redirect_to
new_profile_two_factor_auth
_path
end
end
...
...
app/controllers/profiles/accounts_controller.rb
View file @
218f3e70
class
Profiles::AccountsController
<
Profiles
::
ApplicationController
skip_before_action
:check_2fa_requirement
def
show
unless
current_user
.
otp_secret
current_user
.
otp_secret
=
User
.
generate_otp_secret
(
32
)
end
unless
current_user
.
otp_grace_period_started_at
&&
two_factor_grace_period
current_user
.
otp_grace_period_started_at
=
Time
.
current
end
current_user
.
save!
if
current_user
.
changed?
if
two_factor_authentication_required?
if
two_factor_grace_period_expired?
flash
.
now
[
:alert
]
=
'You must enable Two-factor Authentication for your account.'
else
grace_period_deadline
=
current_user
.
otp_grace_period_started_at
+
two_factor_grace_period
.
hours
flash
.
now
[
:alert
]
=
"You must enable Two-factor Authentication for your account before
#{
l
(
grace_period_deadline
)
}
."
end
end
@user
=
current_user
@qr_code
=
build_qr_code
end
def
unlink
...
...
@@ -31,16 +8,4 @@ class Profiles::AccountsController < Profiles::ApplicationController
current_user
.
identities
.
find_by
(
provider:
provider
).
destroy
redirect_to
profile_account_path
end
private
def
build_qr_code
issuer
=
"
#{
issuer_host
}
|
#{
current_user
.
email
}
"
uri
=
current_user
.
otp_provisioning_uri
(
current_user
.
email
,
issuer:
issuer
)
RQRCode
::
render_qrcode
(
uri
,
:svg
,
level: :m
,
unit:
3
)
end
def
issuer_host
Gitlab
.
config
.
gitlab
.
host
end
end
app/controllers/profiles/two_factor_auths_controller.rb
View file @
218f3e70
...
...
@@ -2,7 +2,26 @@ class Profiles::TwoFactorAuthsController < Profiles::ApplicationController
skip_before_action
:check_2fa_requirement
def
new
redirect_to
profile_account_path
unless
current_user
.
otp_secret
current_user
.
otp_secret
=
User
.
generate_otp_secret
(
32
)
end
unless
current_user
.
otp_grace_period_started_at
&&
two_factor_grace_period
current_user
.
otp_grace_period_started_at
=
Time
.
current
end
current_user
.
save!
if
current_user
.
changed?
if
two_factor_authentication_required?
if
two_factor_grace_period_expired?
flash
.
now
[
:alert
]
=
'You must enable Two-factor Authentication for your account.'
else
grace_period_deadline
=
current_user
.
otp_grace_period_started_at
+
two_factor_grace_period
.
hours
flash
.
now
[
:alert
]
=
"You must enable Two-factor Authentication for your account before
#{
l
(
grace_period_deadline
)
}
."
end
end
@qr_code
=
build_qr_code
end
def
create
...
...
@@ -13,9 +32,10 @@ class Profiles::TwoFactorAuthsController < Profiles::ApplicationController
render
'create'
else
error
=
'Invalid pin code'
@error
=
'Invalid pin code'
@qr_code
=
build_qr_code
re
direct_to
profile_account_path
,
flash:
{
error:
error
}
re
nder
'new'
end
end
...
...
app/views/profiles/accounts/show.html.haml
View file @
218f3e70
...
...
@@ -40,32 +40,8 @@
%p
Download the Google Authenticator application from App Store for iOS or Google Play for Android and scan this code.
More information is available in the
#{
link_to
(
'documentation'
,
help_page_path
(
'profile'
,
'two_factor_authentication'
))
}
.
.row.append-bottom-10
.col-md-3
=
raw
@qr_code
.col-md-9
.account-well
%p
.prepend-top-0.append-bottom-0
Can't scan the code?
%p
.prepend-top-0.append-bottom-0
To add the entry manually, provide the following details to the application on your phone.
%p
.prepend-top-0.append-bottom-0
Account:
=
current_user
.
email
%p
.prepend-top-0.append-bottom-0
Key:
=
current_user
.
otp_secret
.
scan
(
/.{4}/
).
join
(
' '
)
%p
.two-factor-new-manual-content
Time based: Yes
=
form_for
@user
,
url:
profile_two_factor_auth_path
,
method: :post
do
|
f
|
-
if
flash
[
:error
]
.alert.alert-danger
=
flash
[
:error
]
.form-group
=
label_tag
:pin_code
,
nil
,
class:
"label-light"
=
text_field_tag
:pin_code
,
nil
,
class:
"form-control"
,
required:
true
.prepend-top-default
=
submit_tag
'Enable two-factor authentication'
,
class:
'btn btn-success'
.append-bottom-10
=
link_to
'Enable two-factor authentication'
,
new_profile_two_factor_auth_path
,
class:
'btn btn-success'
-
else
=
link_to
'Disable Two-factor Authentication'
,
profile_two_factor_auth_path
,
method: :delete
,
class:
'btn btn-danger'
,
data:
{
confirm:
'Are you sure?'
}
...
...
app/views/profiles/two_factor_auths/new.html.haml
View file @
218f3e70
-
page_title
'Two-factor Authentication'
,
'Account'
%h2
.page-title
Two-factor Authentication (2FA)
%p
Download the Google Authenticator application from App Store for iOS or Google
Play for Android and scan this code.
.row.prepend-top-default
.col-lg-3
%h4
.prepend-top-0
Two-factor Authentication (2FA)
%p
Increase your account's security by enabling two-factor authentication (2FA).
.col-lg-9
%p
Status:
#{
current_user
.
two_factor_enabled?
?
'enabled'
:
'disabled'
}
%p
Download the Google Authenticator application from App Store for iOS or Google Play for Android and scan this code.
More information is available in the
#{
link_to
(
'documentation'
,
help_page_path
(
'profile'
,
'two_factor_authentication'
))
}
.
%hr
=
form_tag
profile_two_factor_auth_path
,
method: :post
,
class:
'form-horizontal two-factor-new'
do
|
f
|
.row.append-bottom-10
.col-md-3
=
raw
@qr_code
.col-md-9
.account-well
%p
.prepend-top-0.append-bottom-0
Can't scan the code?
%p
.prepend-top-0.append-bottom-0
To add the entry manually, provide the following details to the application on your phone.
%p
.prepend-top-0.append-bottom-0
Account:
=
current_user
.
email
%p
.prepend-top-0.append-bottom-0
Key:
=
current_user
.
otp_secret
.
scan
(
/.{4}/
).
join
(
' '
)
%p
.two-factor-new-manual-content
Time based: Yes
=
form_tag
profile_two_factor_auth_path
,
method: :post
do
|
f
|
-
if
@error
.alert.alert-danger
=
@error
.form-group
.col-lg-2.col-lg-offset-2
=
raw
@qr_code
.col-lg-7.col-lg-offset-1.manual-instructions
%h3
Can't scan the code?
%p
To add the entry manually, provide the following details to the
application on your phone.
%dl
%dt
Account
%dd
=
current_user
.
email
%dl
%dt
Key
%dd
=
current_user
.
otp_secret
.
scan
(
/.{4}/
).
join
(
' '
)
%dl
%dt
Time based
%dd
Yes
.form-group
=
label_tag
:pin_code
,
nil
,
class:
"control-label"
.col-lg-10
=
text_field_tag
:pin_code
,
nil
,
class:
"form-control"
,
required:
true
,
autofocus:
true
.form-actions
=
submit_tag
'Submit'
,
class:
'btn btn-success'
=
link_to
'Configure it later'
,
skip_profile_two_factor_auth_path
,
:method
=>
:patch
,
class:
'btn btn-cancel'
if
two_factor_skippable?
=
label_tag
:pin_code
,
nil
,
class:
"label-light"
=
text_field_tag
:pin_code
,
nil
,
class:
"form-control"
,
required:
true
.prepend-top-default
=
submit_tag
'Enable two-factor authentication'
,
class:
'btn btn-success'
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment