diff options
Diffstat (limited to 'app/controllers/settings/two_factor_authentication')
-rw-r--r-- | app/controllers/settings/two_factor_authentication/confirmations_controller.rb | 43 | ||||
-rw-r--r-- | app/controllers/settings/two_factor_authentication/recovery_codes_controller.rb | 18 |
2 files changed, 61 insertions, 0 deletions
diff --git a/app/controllers/settings/two_factor_authentication/confirmations_controller.rb b/app/controllers/settings/two_factor_authentication/confirmations_controller.rb new file mode 100644 index 000000000..4cf62db13 --- /dev/null +++ b/app/controllers/settings/two_factor_authentication/confirmations_controller.rb @@ -0,0 +1,43 @@ +# frozen_string_literal: true + +module Settings + module TwoFactorAuthentication + class ConfirmationsController < ApplicationController + layout 'admin' + + before_action :authenticate_user! + + def new + prepare_two_factor_form + end + + def create + if current_user.validate_and_consume_otp!(confirmation_params[:code]) + flash[:notice] = I18n.t('two_factor_authentication.enabled_success') + + current_user.otp_required_for_login = true + @recovery_codes = current_user.generate_otp_backup_codes! + current_user.save! + + render 'settings/two_factor_authentication/recovery_codes/index' + else + flash.now[:alert] = I18n.t('two_factor_authentication.wrong_code') + prepare_two_factor_form + render :new + end + end + + private + + def confirmation_params + params.require(:form_two_factor_confirmation).permit(:code) + end + + def prepare_two_factor_form + @confirmation = Form::TwoFactorConfirmation.new + @provision_url = current_user.otp_provisioning_uri(current_user.email, issuer: Rails.configuration.x.local_domain) + @qrcode = RQRCode::QRCode.new(@provision_url) + end + end + end +end diff --git a/app/controllers/settings/two_factor_authentication/recovery_codes_controller.rb b/app/controllers/settings/two_factor_authentication/recovery_codes_controller.rb new file mode 100644 index 000000000..e591e9502 --- /dev/null +++ b/app/controllers/settings/two_factor_authentication/recovery_codes_controller.rb @@ -0,0 +1,18 @@ +# frozen_string_literal: true + +module Settings + module TwoFactorAuthentication + class RecoveryCodesController < ApplicationController + layout 'admin' + + before_action :authenticate_user! + + def create + @recovery_codes = current_user.generate_otp_backup_codes! + current_user.save! + flash[:notice] = I18n.t('two_factor_authentication.recovery_codes_regenerated') + render :index + end + end + end +end |