Commit c4baf241 authored by Phil Hughes's avatar Phil Hughes

Fixed issue with 2fa not enabling

Added in disable button for 2fa
parent 4d457326
......@@ -240,7 +240,7 @@ def check_password_expiration
def check_2fa_requirement
if two_factor_authentication_required? && current_user && !current_user.two_factor_enabled && !skip_two_factor?
redirect_to new_profile_two_factor_auth_path
redirect_to profile_account_path
end
end
......
class Profiles::AccountsController < Profiles::ApplicationController
skip_before_action :check_2fa_requirement
def show
unless current_user.otp_secret
current_user.otp_secret = User.generate_otp_secret(32)
......@@ -10,6 +12,15 @@ def show
current_user.save! if current_user.changed?
if two_factor_authentication_required?
if two_factor_grace_period_expired?
flash.now[:alert] = 'You must enable Two-factor Authentication for your account.'
else
grace_period_deadline = current_user.otp_grace_period_started_at + two_factor_grace_period.hours
flash.now[:alert] = "You must enable Two-factor Authentication for your account before #{l(grace_period_deadline)}."
end
end
@user = current_user
@qr_code = build_qr_code
......
......@@ -2,26 +2,7 @@ class Profiles::TwoFactorAuthsController < Profiles::ApplicationController
skip_before_action :check_2fa_requirement
def new
unless current_user.otp_secret
current_user.otp_secret = User.generate_otp_secret(32)
end
unless current_user.otp_grace_period_started_at && two_factor_grace_period
current_user.otp_grace_period_started_at = Time.current
end
current_user.save! if current_user.changed?
if two_factor_authentication_required?
if two_factor_grace_period_expired?
flash.now[:alert] = 'You must enable Two-factor Authentication for your account.'
else
grace_period_deadline = current_user.otp_grace_period_started_at + two_factor_grace_period.hours
flash.now[:alert] = "You must enable Two-factor Authentication for your account before #{l(grace_period_deadline)}."
end
end
@qr_code = build_qr_code
redirect_to profile_account_path
end
def create
......@@ -32,10 +13,9 @@ def create
render 'create'
else
@error = 'Invalid pin code'
@qr_code = build_qr_code
error = 'Invalid pin code'
render 'new'
redirect_to profile_account_path, flash: { error: error }
end
end
......
......@@ -57,12 +57,18 @@
= current_user.otp_secret.scan(/.{4}/).join(' ')
%p.two-factor-new-manual-content
Time based: Yes
= form_for @user, url: "", method: :put do |f|
= form_for @user, url: profile_two_factor_auth_path, method: :post do |f|
- if flash[:error]
.alert.alert-danger
= flash[:error]
.form-group
= label_tag :pin_code, nil, class: "label-light"
= text_field_tag :pin_code, nil, class: "form-control", required: true
.prepend-top-default
= submit_tag 'Enable two-factor authentication', class: 'btn btn-success'
- else
= link_to 'Disable Two-factor Authentication', profile_two_factor_auth_path, method: :delete, class: 'btn btn-danger',
data: { confirm: 'Are you sure?' }
%hr
- if button_based_providers.any?
.row.prepend-top-default
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment