Added optional two-factor authentication

2017-01-27 20:28:46 +01:00 · 2017-01-27 20:28:46 +01:00 · ba192f12e3
commit ba192f12e3
parent 237cb41ab4
16 changed files with 146 additions and 15 deletions
--- a/app/controllers/auth/sessions_controller.rb
+++ b/app/controllers/auth/sessions_controller.rb
@ -5,6 +5,8 @@ class Auth::SessionsController < Devise::SessionsController

  layout 'auth'

+  before_action :configure_sign_in_params, only: [:create]
+
  def create
    super do |resource|
      remember_me(resource)
@ -13,6 +15,10 @@ class Auth::SessionsController < Devise::SessionsController

  protected

+  def configure_sign_in_params
+    devise_parameter_sanitizer.permit(:sign_in, keys: [:otp_attempt])
+  end
+
  def after_sign_in_path_for(_resource)
    last_url = stored_location_for(:user)

--- a/app/controllers/settings/two_factor_auths_controller.rb
+++ b/app/controllers/settings/two_factor_auths_controller.rb
@ -0,0 +1,28 @@
+# frozen_string_literal: true
+
+class Settings::TwoFactorAuthsController < ApplicationController
+  layout 'auth'
+
+  before_action :authenticate_user!
+
+  def show
+    return unless current_user.otp_required_for_login
+
+    @qrcode = RQRCode::QRCode.new(current_user.otp_provisioning_uri(current_user.email, issuer: Rails.configuration.x.local_domain))
+  end
+
+  def enable
+    current_user.otp_required_for_login = true
+    current_user.otp_secret = User.generate_otp_secret
+    current_user.save!
+
+    redirect_to settings_two_factor_auth_path
+  end
+
+  def disable
+    current_user.otp_required_for_login = false
+    current_user.save!
+
+    redirect_to settings_two_factor_auth_path
+  end
+end