Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
Léo-Paul Géneau
gitlab-ce
Commits
c4baf241
Commit
c4baf241
authored
8 years ago
by
Phil Hughes
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Fixed issue with 2fa not enabling
Added in disable button for 2fa
parent
4d457326
Changes
4
Hide whitespace changes
Inline
Side-by-side
Showing
4 changed files
with
22 additions
and
25 deletions
+22
-25
app/controllers/application_controller.rb
app/controllers/application_controller.rb
+1
-1
app/controllers/profiles/accounts_controller.rb
app/controllers/profiles/accounts_controller.rb
+11
-0
app/controllers/profiles/two_factor_auths_controller.rb
app/controllers/profiles/two_factor_auths_controller.rb
+3
-23
app/views/profiles/accounts/show.html.haml
app/views/profiles/accounts/show.html.haml
+7
-1
No files found.
app/controllers/application_controller.rb
View file @
c4baf241
...
...
@@ -240,7 +240,7 @@ class ApplicationController < ActionController::Base
def
check_2fa_requirement
if
two_factor_authentication_required?
&&
current_user
&&
!
current_user
.
two_factor_enabled
&&
!
skip_two_factor?
redirect_to
new_profile_two_factor_auth
_path
redirect_to
profile_account
_path
end
end
...
...
This diff is collapsed.
Click to expand it.
app/controllers/profiles/accounts_controller.rb
View file @
c4baf241
class
Profiles::AccountsController
<
Profiles
::
ApplicationController
skip_before_action
:check_2fa_requirement
def
show
unless
current_user
.
otp_secret
current_user
.
otp_secret
=
User
.
generate_otp_secret
(
32
)
...
...
@@ -10,6 +12,15 @@ class Profiles::AccountsController < Profiles::ApplicationController
current_user
.
save!
if
current_user
.
changed?
if
two_factor_authentication_required?
if
two_factor_grace_period_expired?
flash
.
now
[
:alert
]
=
'You must enable Two-factor Authentication for your account.'
else
grace_period_deadline
=
current_user
.
otp_grace_period_started_at
+
two_factor_grace_period
.
hours
flash
.
now
[
:alert
]
=
"You must enable Two-factor Authentication for your account before
#{
l
(
grace_period_deadline
)
}
."
end
end
@user
=
current_user
@qr_code
=
build_qr_code
...
...
This diff is collapsed.
Click to expand it.
app/controllers/profiles/two_factor_auths_controller.rb
View file @
c4baf241
...
...
@@ -2,26 +2,7 @@ class Profiles::TwoFactorAuthsController < Profiles::ApplicationController
skip_before_action
:check_2fa_requirement
def
new
unless
current_user
.
otp_secret
current_user
.
otp_secret
=
User
.
generate_otp_secret
(
32
)
end
unless
current_user
.
otp_grace_period_started_at
&&
two_factor_grace_period
current_user
.
otp_grace_period_started_at
=
Time
.
current
end
current_user
.
save!
if
current_user
.
changed?
if
two_factor_authentication_required?
if
two_factor_grace_period_expired?
flash
.
now
[
:alert
]
=
'You must enable Two-factor Authentication for your account.'
else
grace_period_deadline
=
current_user
.
otp_grace_period_started_at
+
two_factor_grace_period
.
hours
flash
.
now
[
:alert
]
=
"You must enable Two-factor Authentication for your account before
#{
l
(
grace_period_deadline
)
}
."
end
end
@qr_code
=
build_qr_code
redirect_to
profile_account_path
end
def
create
...
...
@@ -32,10 +13,9 @@ class Profiles::TwoFactorAuthsController < Profiles::ApplicationController
render
'create'
else
@error
=
'Invalid pin code'
@qr_code
=
build_qr_code
error
=
'Invalid pin code'
re
nder
'new'
re
direct_to
profile_account_path
,
flash:
{
error:
error
}
end
end
...
...
This diff is collapsed.
Click to expand it.
app/views/profiles/accounts/show.html.haml
View file @
c4baf241
...
...
@@ -57,12 +57,18 @@
=
current_user
.
otp_secret
.
scan
(
/.{4}/
).
join
(
' '
)
%p
.two-factor-new-manual-content
Time based: Yes
=
form_for
@user
,
url:
""
,
method: :put
do
|
f
|
=
form_for
@user
,
url:
profile_two_factor_auth_path
,
method: :post
do
|
f
|
-
if
flash
[
:error
]
.alert.alert-danger
=
flash
[
:error
]
.form-group
=
label_tag
:pin_code
,
nil
,
class:
"label-light"
=
text_field_tag
:pin_code
,
nil
,
class:
"form-control"
,
required:
true
.prepend-top-default
=
submit_tag
'Enable two-factor authentication'
,
class:
'btn btn-success'
-
else
=
link_to
'Disable Two-factor Authentication'
,
profile_two_factor_auth_path
,
method: :delete
,
class:
'btn btn-danger'
,
data:
{
confirm:
'Are you sure?'
}
%hr
-
if
button_based_providers
.
any?
.row.prepend-top-default
...
...
This diff is collapsed.
Click to expand it.
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment