From 112b1fa265f650c01eef2578e286214e3d82dcac Mon Sep 17 00:00:00 2001 From: Aboobacker MK Date: Sun, 21 Jan 2018 17:51:28 +0530 Subject: Redirect to 2FA creation page when otp_secret is not available (#6314) --- .../settings/two_factor_authentication/confirmations_controller.rb | 5 +++++ 1 file changed, 5 insertions(+) (limited to 'app/controllers/settings') diff --git a/app/controllers/settings/two_factor_authentication/confirmations_controller.rb b/app/controllers/settings/two_factor_authentication/confirmations_controller.rb index 4cf62db13..8d534960d 100644 --- a/app/controllers/settings/two_factor_authentication/confirmations_controller.rb +++ b/app/controllers/settings/two_factor_authentication/confirmations_controller.rb @@ -6,6 +6,7 @@ module Settings layout 'admin' before_action :authenticate_user! + before_action :ensure_otp_secret def new prepare_two_factor_form @@ -38,6 +39,10 @@ module Settings @provision_url = current_user.otp_provisioning_uri(current_user.email, issuer: Rails.configuration.x.local_domain) @qrcode = RQRCode::QRCode.new(@provision_url) end + + def ensure_otp_secret + redirect_to settings_two_factor_authentication_path unless current_user.otp_secret + end end end end -- cgit