Provide the user a way to generate new codes.
This commit is contained in:
Dominik Kwiatek
parent
61d82bdbec
commit
e16896fac1
|
|
@ -205,8 +205,14 @@ class UserController < ApplicationController
|
||||||
def destroy_2fa
|
def destroy_2fa
|
||||||
current_user.otp_module = :disabled
|
current_user.otp_module = :disabled
|
||||||
current_user.save!
|
current_user.save!
|
||||||
TotpRecoveryCode.where(user_id: resource.id).delete_all
|
TotpRecoveryCode.where(user_id: current_user.id).delete_all
|
||||||
flash[:success] = 'Two factor authentication has been disabled for your account.'
|
flash[:success] = 'Two factor authentication has been disabled for your account.'
|
||||||
redirect_to edit_user_security_path
|
redirect_to edit_user_security_path
|
||||||
end
|
end
|
||||||
|
|
||||||
|
def reset_user_recovery_codes
|
||||||
|
TotpRecoveryCode.where(user_id: current_user.id).delete_all
|
||||||
|
@recovery_keys = TotpRecoveryCode.create!(Array.new(10) { {user: current_user, code: SecureRandom.base58(8).downcase} })
|
||||||
|
render 'settings/security/recovery_keys'
|
||||||
|
end
|
||||||
end
|
end
|
||||||
|
|
|
||||||
|
|
@ -1,5 +1,6 @@
|
||||||
%p Your account is set up to require the use of a one-time password in order to log in.
|
%p Your account is set up to require the use of a one-time password in order to log in.
|
||||||
%p You currently have #{@recovery_code_count} unused recovery codes.
|
%p You currently have #{@recovery_code_count} unused recovery codes.
|
||||||
= link_to t('views.actions.remove'), destroy_user_2fa_path, class: 'btn btn-primary', method: 'delete',
|
= link_to t('views.actions.remove'), destroy_user_2fa_path, class: 'btn btn-danger', method: 'delete',
|
||||||
data: { confirm: t('views.settings.security.2fa.detach_confirm') }
|
data: { confirm: t('views.settings.security.2fa.detach_confirm') }
|
||||||
D
|
= link_to "Re-generate recovery codes", reset_user_recovery_codes_path, class: 'btn btn-primary', method: 'delete',
|
||||||
|
data: { confirm: "Are you sure? This will disable your previous set of recovery codes." }
|
||||||
|
|
@ -70,6 +70,7 @@ Rails.application.routes.draw do
|
||||||
match '/settings/security', to: 'user#edit_security', via: :get, as: :edit_user_security
|
match '/settings/security', to: 'user#edit_security', via: :get, as: :edit_user_security
|
||||||
match '/settings/security/2fa', to: 'user#update_2fa', via: :patch, as: :update_user_2fa
|
match '/settings/security/2fa', to: 'user#update_2fa', via: :patch, as: :update_user_2fa
|
||||||
match '/settings/security/2fa', to: 'user#destroy_2fa', via: :delete, as: :destroy_user_2fa
|
match '/settings/security/2fa', to: 'user#destroy_2fa', via: :delete, as: :destroy_user_2fa
|
||||||
|
match '/settings/security/recovery', to: 'user#reset_user_recovery_codes', via: :delete, as: :reset_user_recovery_codes
|
||||||
|
|
||||||
# resources :services, only: [:index, :destroy]
|
# resources :services, only: [:index, :destroy]
|
||||||
match '/settings/services', to: 'services#index', via: 'get', as: :services
|
match '/settings/services', to: 'services#index', via: 'get', as: :services
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue