From df4ff9a8e13d776e1670c232655db0275a353a0f Mon Sep 17 00:00:00 2001 From: Patrick Figel Date: Sat, 15 Apr 2017 13:26:03 +0200 Subject: Add recovery code support for two-factor auth (#1773) * Add recovery code support for two-factor auth When users enable two-factor auth, the app now generates ten single-use recovery codes. Users are encouraged to print the codes and store them in a safe place. The two-factor prompt during login now accepts both OTP codes and recovery codes. The two-factor settings UI allows users to regenerated lost recovery codes. Users who have set up two-factor auth prior to this feature being added can use it to generate recovery codes for the first time. Fixes #563 and fixes #987 * Set OTP_SECRET in test enviroment * add missing .html to view file names --- db/schema.rb | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'db/schema.rb') diff --git a/db/schema.rb b/db/schema.rb index 2decf5471..5f995ebda 100644 --- a/db/schema.rb +++ b/db/schema.rb @@ -10,7 +10,7 @@ # # It's strongly recommended that you check this file into your version control system. -ActiveRecord::Schema.define(version: 20170406215816) do +ActiveRecord::Schema.define(version: 20170414080609) do # These are extensions that must be enabled in order to support this database enable_extension "plpgsql" @@ -313,6 +313,7 @@ ActiveRecord::Schema.define(version: 20170406215816) do t.integer "consumed_timestep" t.boolean "otp_required_for_login" t.datetime "last_emailed_at" + t.string "otp_backup_codes", array: true t.index ["account_id"], name: "index_users_on_account_id", using: :btree t.index ["confirmation_token"], name: "index_users_on_confirmation_token", unique: true, using: :btree t.index ["email"], name: "index_users_on_email", unique: true, using: :btree -- cgit