about summary refs log tree commit diff
path: root/app
diff options
context:
space:
mode:
authorEugen Rochko <eugen@zeonfederated.com>2017-02-13 20:56:03 +0100
committerEugen Rochko <eugen@zeonfederated.com>2017-02-13 20:56:03 +0100
commit63886bdc5976ee72df168053352899174095335a (patch)
treefcde1067523eb55308afe4238165566e0516f421 /app
parentbae7cf8ccecd7c670cd4c1a00c5c19f85c2487b6 (diff)
Fix #587 - Display TOTP secret next to QR code
Diffstat (limited to 'app')
-rw-r--r--app/controllers/settings/two_factor_auths_controller.rb3
-rw-r--r--app/views/settings/two_factor_auths/show.html.haml4
2 files changed, 6 insertions, 1 deletions
diff --git a/app/controllers/settings/two_factor_auths_controller.rb b/app/controllers/settings/two_factor_auths_controller.rb
index f34295cb9..cfee92391 100644
--- a/app/controllers/settings/two_factor_auths_controller.rb
+++ b/app/controllers/settings/two_factor_auths_controller.rb
@@ -8,7 +8,8 @@ class Settings::TwoFactorAuthsController < ApplicationController
   def show
     return unless current_user.otp_required_for_login
 
-    @qrcode = RQRCode::QRCode.new(current_user.otp_provisioning_uri(current_user.email, issuer: Rails.configuration.x.local_domain))
+    @provision_url = current_user.otp_provisioning_uri(current_user.email, issuer: Rails.configuration.x.local_domain)
+    @qrcode        = RQRCode::QRCode.new(@provision_url)
   end
 
   def enable
diff --git a/app/views/settings/two_factor_auths/show.html.haml b/app/views/settings/two_factor_auths/show.html.haml
index bad359f8f..646369a97 100644
--- a/app/views/settings/two_factor_auths/show.html.haml
+++ b/app/views/settings/two_factor_auths/show.html.haml
@@ -7,6 +7,10 @@
 
     .qr-code= raw @qrcode.as_svg(padding: 0, module_size: 5)
 
+    %p= t('two_factor_auth.plaintext_secret_html', secret: current_user.otp_secret)
+
+    %p= t('two_factor_auth.warning')
+
     = link_to t('two_factor_auth.disable'), disable_settings_two_factor_auth_path, data: { method: 'POST' }, class: 'block-button'
   - else
     %p= t('two_factor_auth.description_html')