diff options
| author | Patrick Figel <patrick@figel.email> | 2017-04-15 13:26:03 +0200 |
|---|---|---|
| committer | Eugen <eugen@zeonfederated.com> | 2017-04-15 13:26:03 +0200 |
| commit | df4ff9a8e13d776e1670c232655db0275a353a0f (patch) | |
| tree | a7bdb4c0240e169bac01bf67b76f685e9a9b4a67 /app/views | |
| parent | 67ad84b7ebf080d6a6cbcb7d299e02c2a51d955e (diff) | |
Add recovery code support for two-factor auth (#1773)
* Add recovery code support for two-factor auth When users enable two-factor auth, the app now generates ten single-use recovery codes. Users are encouraged to print the codes and store them in a safe place. The two-factor prompt during login now accepts both OTP codes and recovery codes. The two-factor settings UI allows users to regenerated lost recovery codes. Users who have set up two-factor auth prior to this feature being added can use it to generate recovery codes for the first time. Fixes #563 and fixes #987 * Set OTP_SECRET in test enviroment * add missing .html to view file names
Diffstat (limited to 'app/views')
5 files changed, 23 insertions, 1 deletions
diff --git a/app/views/auth/sessions/two_factor.html.haml b/app/views/auth/sessions/two_factor.html.haml index 1deff82b2..3dec40c44 100644 --- a/app/views/auth/sessions/two_factor.html.haml +++ b/app/views/auth/sessions/two_factor.html.haml @@ -2,7 +2,9 @@ = t('auth.login') = simple_form_for(resource, as: resource_name, url: session_path(resource_name), method: :post) do |f| - = f.input :otp_attempt, type: :number, placeholder: t('simple_form.labels.defaults.otp_attempt'), input_html: { 'aria-label' => t('simple_form.labels.defaults.otp_attempt') }, required: true, autofocus: true, autocomplete: 'off' + = f.input :otp_attempt, type: :number, placeholder: t('simple_form.labels.defaults.otp_attempt'), + input_html: { 'aria-label' => t('simple_form.labels.defaults.otp_attempt') }, required: true, autofocus: true, autocomplete: 'off', + hint: t('simple_form.hints.sessions.otp') .actions = f.button :button, t('auth.login'), type: :submit diff --git a/app/views/settings/two_factor_auths/_recovery_codes.html.haml b/app/views/settings/two_factor_auths/_recovery_codes.html.haml new file mode 100644 index 000000000..c23311e2a --- /dev/null +++ b/app/views/settings/two_factor_auths/_recovery_codes.html.haml @@ -0,0 +1,7 @@ +%p.hint= t('two_factor_auth.recovery_instructions') + +%h3= t('two_factor_auth.recovery_codes') +%ol.recovery-codes + - @codes.each do |code| + %li + %samp= code diff --git a/app/views/settings/two_factor_auths/create.html.haml b/app/views/settings/two_factor_auths/create.html.haml new file mode 100644 index 000000000..8710b6e02 --- /dev/null +++ b/app/views/settings/two_factor_auths/create.html.haml @@ -0,0 +1,4 @@ +- content_for :page_title do + = t('settings.two_factor_auth') + += render 'recovery_codes' diff --git a/app/views/settings/two_factor_auths/recovery_codes.html.haml b/app/views/settings/two_factor_auths/recovery_codes.html.haml new file mode 100644 index 000000000..8710b6e02 --- /dev/null +++ b/app/views/settings/two_factor_auths/recovery_codes.html.haml @@ -0,0 +1,4 @@ +- content_for :page_title do + = t('settings.two_factor_auth') + += render 'recovery_codes' diff --git a/app/views/settings/two_factor_auths/show.html.haml b/app/views/settings/two_factor_auths/show.html.haml index 047fe0c54..bf19d24f1 100644 --- a/app/views/settings/two_factor_auths/show.html.haml +++ b/app/views/settings/two_factor_auths/show.html.haml @@ -8,3 +8,8 @@ = link_to t('two_factor_auth.disable'), disable_settings_two_factor_auth_path, data: { method: 'POST' }, class: 'block-button' - else = link_to t('two_factor_auth.setup'), new_settings_two_factor_auth_path, class: 'block-button' + +- if current_user.otp_required_for_login + .simple_form + %p.hint= t('two_factor_auth.lost_recovery_codes') + = link_to t('two_factor_auth.generate_recovery_codes'), recovery_codes_settings_two_factor_auth_path, data: { method: 'POST' }, class: 'block-button' |