BigW Consortium Gitlab

Commit e73ea126 by Robert Speicher

Add support for manually entering 2FA details

parent f042b085
...@@ -93,3 +93,17 @@ ...@@ -93,3 +93,17 @@
} }
} }
} }
// Profile > Account > Two Factor Authentication
.two-factor-new {
.manual-instructions {
h3 {
margin-top: 0;
}
// Slightly increase the size of the details so they're easier to read
dl {
font-size: 1.1em;
}
}
}
class Profiles::TwoFactorAuthsController < Profiles::ApplicationController class Profiles::TwoFactorAuthsController < Profiles::ApplicationController
def new def new
unless current_user.otp_secret unless current_user.otp_secret
current_user.otp_secret = User.generate_otp_secret current_user.otp_secret = User.generate_otp_secret(16)
current_user.save! current_user.save!
end end
...@@ -18,6 +18,7 @@ class Profiles::TwoFactorAuthsController < Profiles::ApplicationController ...@@ -18,6 +18,7 @@ class Profiles::TwoFactorAuthsController < Profiles::ApplicationController
else else
@error = 'Invalid pin code' @error = 'Invalid pin code'
@qr_code = build_qr_code @qr_code = build_qr_code
render 'new' render 'new'
end end
end end
......
...@@ -7,14 +7,30 @@ ...@@ -7,14 +7,30 @@
%hr %hr
= form_tag profile_two_factor_auth_path, method: :post, class: 'form-horizontal' do |f| = form_tag profile_two_factor_auth_path, method: :post, class: 'form-horizontal two-factor-new' do |f|
- if @error - if @error
.alert.alert-danger .alert.alert-danger
= @error = @error
.form-group .form-group
.col-sm-2 .col-sm-2
.col-sm-10 .col-sm-2
= raw @qr_code = raw @qr_code
.col-sm-8.manual-instructions
%h3 Can't scan the code?
%p
To add the entry manually, provide the following details to the
application on your phone.
%dl
%dt Account
%dd= current_user.email
%dl
%dt Key
%dd= current_user.otp_secret.scan(/.{4}/).join(' ')
%dl
%dt Time based
%dd Yes
.form-group .form-group
= label_tag :pin_code, nil, class: "control-label" = label_tag :pin_code, nil, class: "control-label"
.col-sm-10 .col-sm-10
......
...@@ -11,8 +11,11 @@ describe Profiles::TwoFactorAuthsController do ...@@ -11,8 +11,11 @@ describe Profiles::TwoFactorAuthsController do
describe 'GET new' do describe 'GET new' do
let(:user) { create(:user) } let(:user) { create(:user) }
it 'generates otp_secret' do it 'generates otp_secret for user' do
expect { get :new }.to change { user.otp_secret } expect(User).to receive(:generate_otp_secret).with(16).and_return('secret').once
get :new
get :new # Second hit shouldn't re-generate it
end end
it 'assigns qr_code' do it 'assigns qr_code' do
......
...@@ -31,7 +31,7 @@ FactoryGirl.define do ...@@ -31,7 +31,7 @@ FactoryGirl.define do
trait :two_factor do trait :two_factor do
before(:create) do |user| before(:create) do |user|
user.otp_required_for_login = true user.otp_required_for_login = true
user.otp_secret = User.generate_otp_secret user.otp_secret = User.generate_otp_secret(16)
end end
end end
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment