.card
  .card-body
    %h2= t('views.settings.security.2fa.title')
    - if current_user.otp_secret_key.nil?
      = bootstrap_form_for(current_user, url: { action: :update_2fa, method: :post }) do |f|
        %a{:href => "https://play.google.com/store/apps/details?id=com.beemdevelopment.aegis"} Aegis Authenticator for Android
        %a{:href => "https://apps.apple.com/gb/app/strongbox-authenticator/id1023839880"} Strongbox Authenticator for iOS
        = RQRCode::QRCode.new(current_user.provisioning_uri("Retrospring:#{current_user.screen_name}", issuer: "Retrospring")).as_svg.html_safe
        %pre= current_user.otp_secret_key
        = f.text_field :otp_validation
        = f.hidden_field :otp_secret_key, value: current_user.otp_secret_key
        = f.submit t('views.actions.save'), class: 'btn btn-primary'
    - else
      %p= t('views.settings.security.2fa.enabled_hint')
      = link_to t('views.actions.remove'), destroy_user_2fa_path, :class => 'btn btn-primary', :method => 'delete'