diff options
Diffstat (limited to 'config/initializers/devise.rb')
-rw-r--r-- | config/initializers/devise.rb | 11 |
1 files changed, 10 insertions, 1 deletions
diff --git a/config/initializers/devise.rb b/config/initializers/devise.rb index bdd334b26..327cef80e 100644 --- a/config/initializers/devise.rb +++ b/config/initializers/devise.rb @@ -15,6 +15,11 @@ end # Use this hook to configure devise mailer, warden hooks and so forth. # Many of these configuration options can be set straight in your model. Devise.setup do |config| + config.warden do |manager| + manager.default_strategies(scope: :user).unshift :two_factor_authenticatable + manager.default_strategies(scope: :user).unshift :two_factor_backupable + end + # The secret key used by Devise. Devise uses this key to generate # random tokens. Changing this key will render invalid all existing # confirmation, reset password and unlock tokens in the database. @@ -92,7 +97,7 @@ Devise.setup do |config| # It will change confirmation, password recovery and other workflows # to behave the same regardless if the e-mail provided was right or wrong. # Does not affect registerable. - # config.paranoid = true + config.paranoid = true # By default Devise will store the user in session. You can skip storage for # particular strategies by setting this option. @@ -270,4 +275,8 @@ Devise.setup do |config| # When using omniauth, Devise cannot automatically set Omniauth path, # so you need to do it manually. For the users scope, it would be: # config.omniauth_path_prefix = '/my_engine/users/auth' + + # if a user enables 2fa this would log them in without requiring them + # to enter a token + config.sign_in_after_reset_password = false end |