Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
李少辉-开发者
gitlab-foss
提交
b6318297
G
gitlab-foss
项目概览
李少辉-开发者
/
gitlab-foss
通知
15
Star
0
Fork
0
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
G
gitlab-foss
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
提交
Issue看板
前往新版Gitcode,体验更适合开发者的 AI 搜索 >>
提交
b6318297
编写于
6月 19, 2015
作者:
R
Robert Speicher
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
Use User#two_factor_enabled instead of otp_required_for_login
上级
22dd2240
变更
5
隐藏空白更改
内联
并排
Showing
5 changed file
with
9 addition
and
9 deletion
+9
-9
app/controllers/passwords_controller.rb
app/controllers/passwords_controller.rb
+1
-1
app/controllers/profiles/two_factor_auths_controller.rb
app/controllers/profiles/two_factor_auths_controller.rb
+2
-2
app/controllers/sessions_controller.rb
app/controllers/sessions_controller.rb
+1
-1
app/views/profiles/accounts/show.html.haml
app/views/profiles/accounts/show.html.haml
+1
-1
spec/controllers/profiles/two_factor_auths_controller_spec.rb
.../controllers/profiles/two_factor_auths_controller_spec.rb
+4
-4
未找到文件。
app/controllers/passwords_controller.rb
浏览文件 @
b6318297
...
...
@@ -24,7 +24,7 @@ class PasswordsController < Devise::PasswordsController
super
do
|
resource
|
# TODO (rspeicher): In Devise master (> 3.4.1), we can set
# `Devise.sign_in_after_reset_password = false` and avoid this mess.
if
resource
.
errors
.
empty?
&&
resource
.
try
(
:
otp_required_for_login
?
)
if
resource
.
errors
.
empty?
&&
resource
.
try
(
:
two_factor_enabled
?
)
resource
.
unlock_access!
if
unlockable?
(
resource
)
# Since we are not signing this user in, we use the :updated_not_active
...
...
app/controllers/profiles/two_factor_auths_controller.rb
浏览文件 @
b6318297
...
...
@@ -10,7 +10,7 @@ class Profiles::TwoFactorAuthsController < Profiles::ApplicationController
def
create
if
current_user
.
valid_otp?
(
params
[
:pin_code
])
current_user
.
otp_required_for_login
=
true
current_user
.
two_factor_enabled
=
true
@codes
=
current_user
.
generate_otp_backup_codes!
current_user
.
save!
...
...
@@ -30,7 +30,7 @@ class Profiles::TwoFactorAuthsController < Profiles::ApplicationController
def
destroy
current_user
.
update_attributes
({
otp_required_for_login:
false
,
two_factor_enabled:
false
,
encrypted_otp_secret:
nil
,
encrypted_otp_secret_iv:
nil
,
encrypted_otp_secret_salt:
nil
,
...
...
app/controllers/sessions_controller.rb
浏览文件 @
b6318297
...
...
@@ -57,7 +57,7 @@ class SessionsController < Devise::SessionsController
def
authenticate_with_two_factor
user
=
self
.
resource
=
find_user
return
unless
user
&&
user
.
otp_required_for_login
return
unless
user
&&
user
.
two_factor_enabled?
if
user_params
[
:otp_attempt
].
present?
&&
session
[
:otp_user_id
]
if
valid_otp_attempt?
(
user
)
...
...
app/views/profiles/accounts/show.html.haml
浏览文件 @
b6318297
...
...
@@ -36,7 +36,7 @@
.panel-heading
Two-factor Authentication
.panel-body
-
if
current_user
.
otp_required_for_login
-
if
current_user
.
two_factor_enabled?
.pull-right
=
link_to
'Disable Two-factor Authentication'
,
profile_two_factor_auth_path
,
method: :delete
,
class:
'btn btn-close btn-sm'
,
data:
{
confirm:
'Are you sure?'
}
...
...
spec/controllers/profiles/two_factor_auths_controller_spec.rb
浏览文件 @
b6318297
...
...
@@ -40,11 +40,11 @@ describe Profiles::TwoFactorAuthsController do
expect
(
user
).
to
receive
(
:valid_otp?
).
with
(
pin
).
and_return
(
true
)
end
it
'sets
otp_required_for_login
'
do
it
'sets
two_factor_enabled
'
do
go
user
.
reload
expect
(
user
.
otp_required_for_login
).
to
eq
true
expect
(
user
).
to
be_two_factor_enabled
end
it
'presents plaintext codes for the user to save'
do
...
...
@@ -109,13 +109,13 @@ describe Profiles::TwoFactorAuthsController do
let!
(
:codes
)
{
user
.
generate_otp_backup_codes!
}
it
'clears all 2FA-related fields'
do
expect
(
user
.
otp_required_for_login
).
to
eq
true
expect
(
user
).
to
be_two_factor_enabled
expect
(
user
.
otp_backup_codes
).
not_to
be_nil
expect
(
user
.
encrypted_otp_secret
).
not_to
be_nil
delete
:destroy
expect
(
user
.
otp_required_for_login
).
to
eq
false
expect
(
user
).
not_to
be_two_factor_enabled
expect
(
user
.
otp_backup_codes
).
to
be_nil
expect
(
user
.
encrypted_otp_secret
).
to
be_nil
end
...
...
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录