Commit 3ed05b21 authored by Dmitriy Zaporozhets's avatar Dmitriy Zaporozhets

Merge branch 'rs-manual-2fa-entry' into 'master'

Add support for manually entering 2FA details

> ![Screen_Shot_2015-05-22_at_6.39.26_PM](https://gitlab.com/gitlab-org/gitlab-ce/uploads/27b6cc0b2f88e0ccec234dd8d20db957/Screen_Shot_2015-05-22_at_6.39.26_PM.png)

Related to #1679 though I'm not sure if it entirely fixes it, since I don't have access to a Windows Phone.

See merge request !694
parents 1dbfecb2 7b879bb8
......@@ -93,3 +93,17 @@
}
}
}
// Profile > Account > Two Factor Authentication
.two-factor-new {
.manual-instructions {
h3 {
margin-top: 0;
}
// Slightly increase the size of the details so they're easier to read
dl {
font-size: 1.1em;
}
}
}
class Profiles::TwoFactorAuthsController < Profiles::ApplicationController
def new
unless current_user.otp_secret
current_user.otp_secret = User.generate_otp_secret
current_user.otp_secret = User.generate_otp_secret(32)
current_user.save!
end
......@@ -18,6 +18,7 @@ class Profiles::TwoFactorAuthsController < Profiles::ApplicationController
else
@error = 'Invalid pin code'
@qr_code = build_qr_code
render 'new'
end
end
......
......@@ -7,14 +7,30 @@
%hr
= form_tag profile_two_factor_auth_path, method: :post, class: 'form-horizontal' do |f|
= form_tag profile_two_factor_auth_path, method: :post, class: 'form-horizontal two-factor-new' do |f|
- if @error
.alert.alert-danger
= @error
.form-group
.col-sm-2
.col-sm-10
.col-sm-2
= raw @qr_code
.col-sm-8.manual-instructions
%h3 Can't scan the code?
%p
To add the entry manually, provide the following details to the
application on your phone.
%dl
%dt Account
%dd= current_user.email
%dl
%dt Key
%dd= current_user.otp_secret.scan(/.{4}/).join(' ')
%dl
%dt Time based
%dd Yes
.form-group
= label_tag :pin_code, nil, class: "control-label"
.col-sm-10
......
......@@ -11,8 +11,11 @@ describe Profiles::TwoFactorAuthsController do
describe 'GET new' do
let(:user) { create(:user) }
it 'generates otp_secret' do
expect { get :new }.to change { user.otp_secret }
it 'generates otp_secret for user' do
expect(User).to receive(:generate_otp_secret).with(32).and_return('secret').once
get :new
get :new # Second hit shouldn't re-generate it
end
it 'assigns qr_code' do
......
......@@ -31,7 +31,7 @@ FactoryGirl.define do
trait :two_factor do
before(:create) do |user|
user.otp_required_for_login = true
user.otp_secret = User.generate_otp_secret
user.otp_secret = User.generate_otp_secret(32)
end
end
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment