BigW Consortium Gitlab

show.html.haml 3.72 KB
Newer Older
1 2
- page_title 'Two-Factor Authentication', 'Account'
- header_title "Two-Factor Authentication", profile_two_factor_auth_path
Connor Shea committed
3
= render 'profiles/head'
4

5 6
- if inject_u2f_api?
  - content_for :page_specific_javascripts do
7 8
    = page_specific_javascript_tag('u2f.js')

9 10 11 12 13 14 15 16 17 18 19 20
.row.prepend-top-default
  .col-lg-3
    %h4.prepend-top-0
      Register Two-Factor Authentication App
    %p
      Use an app on your mobile device to enable two-factor authentication (2FA).
  .col-lg-9
    - if current_user.two_factor_otp_enabled?
      = icon "check inverse", base: "circle", class: "text-success", text: "You've already enabled two-factor authentication using mobile authenticator applications. You can disable it from your account settings page."
    - else
      %p
        Download the Google Authenticator application from App Store or Google Play Store and scan this code.
21
        More information is available in the #{link_to('documentation', help_page_path('profile/two_factor_authentication'))}.
22 23 24 25 26 27 28 29 30 31 32
      .row.append-bottom-10
        .col-md-3
          = raw @qr_code
        .col-md-9
          .account-well
            %p.prepend-top-0.append-bottom-0
              Can't scan the code?
            %p.prepend-top-0.append-bottom-0
              To add the entry manually, provide the following details to the application on your phone.
            %p.prepend-top-0.append-bottom-0
              Account:
33
              = @account_string
34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58
            %p.prepend-top-0.append-bottom-0
              Key:
              = current_user.otp_secret.scan(/.{4}/).join(' ')
            %p.two-factor-new-manual-content
              Time based: Yes
      = form_tag profile_two_factor_auth_path, method: :post do |f|
        - if @error
          .alert.alert-danger
            = @error
        .form-group
          = label_tag :pin_code, nil, class: "label-light"
          = text_field_tag :pin_code, nil, class: "form-control", required: true
        .prepend-top-default
          = submit_tag 'Register with Two-Factor App', class: 'btn btn-success'

%hr

.row.prepend-top-default

  .col-lg-3
    %h4.prepend-top-0
      Register Universal Two-Factor (U2F) Device
    %p
      Use a hardware device to add the second factor of authentication.
    %p
59 60 61
      As U2F devices are only supported by a few browsers, we require that you set up a
      two-factor authentication app before a U2F device. That way you'll always be able to
      log in - even when you're using an unsupported browser.
62 63 64 65 66
  .col-lg-9
    - if @u2f_registration.errors.present?
      = form_errors(@u2f_registration)
    = render "u2f/register"

67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94
    %hr

    %h5 U2F Devices (#{@u2f_registrations.length})

    - if @u2f_registrations.present?
      .table-responsive
        %table.table.table-bordered.u2f-registrations
          %colgroup
            %col{ width: "50%" }
            %col{ width: "30%" }
            %col{ width: "20%" }
          %thead
            %tr
              %th Name
              %th Registered On
              %th
          %tbody
            - @u2f_registrations.each do |registration|
              %tr
                %td= registration.name.presence || "<no name set>"
                %td= registration.created_at.to_date.to_s(:medium)
                %td= link_to "Delete", profile_u2f_registration_path(registration), method: :delete, class: "btn btn-danger pull-right", data: { confirm: "Are you sure you want to delete this device? This action cannot be undone." }

    - else
      .settings-message.text-center
        You don't have any U2F devices registered yet.


95 96 97 98 99
- if two_factor_skippable?
  :javascript
    var button = "<a class='btn btn-xs btn-warning pull-right' data-method='patch' href='#{skip_profile_two_factor_auth_path}'>Configure it later</a>";
    $(".flash-alert").append(button);