diff options
author | Eugen Rochko <eugen@zeonfederated.com> | 2017-01-27 20:28:46 +0100 |
---|---|---|
committer | Eugen Rochko <eugen@zeonfederated.com> | 2017-01-27 20:35:16 +0100 |
commit | ba192f12e381842c90df0fab2fcb1a23cae97fc4 (patch) | |
tree | 1af8032d690d9c20af8b481d42978829b01334b6 /app/controllers | |
parent | 237cb41ab4d841fb215ce6707c8d7695ef44b103 (diff) |
Added optional two-factor authentication
Diffstat (limited to 'app/controllers')
-rw-r--r-- | app/controllers/auth/sessions_controller.rb | 6 | ||||
-rw-r--r-- | app/controllers/settings/two_factor_auths_controller.rb | 28 |
2 files changed, 34 insertions, 0 deletions
diff --git a/app/controllers/auth/sessions_controller.rb b/app/controllers/auth/sessions_controller.rb index c8350f9a1..889b20e11 100644 --- a/app/controllers/auth/sessions_controller.rb +++ b/app/controllers/auth/sessions_controller.rb @@ -5,6 +5,8 @@ class Auth::SessionsController < Devise::SessionsController layout 'auth' + before_action :configure_sign_in_params, only: [:create] + def create super do |resource| remember_me(resource) @@ -13,6 +15,10 @@ class Auth::SessionsController < Devise::SessionsController protected + def configure_sign_in_params + devise_parameter_sanitizer.permit(:sign_in, keys: [:otp_attempt]) + end + def after_sign_in_path_for(_resource) last_url = stored_location_for(:user) diff --git a/app/controllers/settings/two_factor_auths_controller.rb b/app/controllers/settings/two_factor_auths_controller.rb new file mode 100644 index 000000000..66a82aab7 --- /dev/null +++ b/app/controllers/settings/two_factor_auths_controller.rb @@ -0,0 +1,28 @@ +# frozen_string_literal: true + +class Settings::TwoFactorAuthsController < ApplicationController + layout 'auth' + + before_action :authenticate_user! + + def show + return unless current_user.otp_required_for_login + + @qrcode = RQRCode::QRCode.new(current_user.otp_provisioning_uri(current_user.email, issuer: Rails.configuration.x.local_domain)) + end + + def enable + current_user.otp_required_for_login = true + current_user.otp_secret = User.generate_otp_secret + current_user.save! + + redirect_to settings_two_factor_auth_path + end + + def disable + current_user.otp_required_for_login = false + current_user.save! + + redirect_to settings_two_factor_auth_path + end +end |