diff options
| author | Gabriel Mazetto <gabriel@gitlab.com> | 2015-12-24 05:02:52 +0300 |
|---|---|---|
| committer | Gabriel Mazetto <gabriel@gitlab.com> | 2015-12-25 00:01:30 +0300 |
| commit | 31fb2b7702345fbf597c2cb17466567776433a56 (patch) | |
| tree | c00ab27dc891b6ed2ce6b061c58f2fa6913edf15 /app/controllers/profiles/two_factor_auths_controller.rb | |
| parent | 33964469b38e2b36b200b20fe3061371a5f5ab18 (diff) | |
Grace period support for TFA
Diffstat (limited to 'app/controllers/profiles/two_factor_auths_controller.rb')
| -rw-r--r-- | app/controllers/profiles/two_factor_auths_controller.rb | 14 |
1 files changed, 13 insertions, 1 deletions
diff --git a/app/controllers/profiles/two_factor_auths_controller.rb b/app/controllers/profiles/two_factor_auths_controller.rb index 05c84fb720e..49629e9894a 100644 --- a/app/controllers/profiles/two_factor_auths_controller.rb +++ b/app/controllers/profiles/two_factor_auths_controller.rb @@ -4,8 +4,11 @@ class Profiles::TwoFactorAuthsController < Profiles::ApplicationController def new unless current_user.otp_secret current_user.otp_secret = User.generate_otp_secret(32) - current_user.save! end + unless current_user.otp_grace_period_started_at && two_factor_grace_period + current_user.otp_grace_period_started_at = Time.current + end + current_user.save! if current_user.changed? @qr_code = build_qr_code end @@ -36,6 +39,15 @@ class Profiles::TwoFactorAuthsController < Profiles::ApplicationController redirect_to profile_account_path end + def skip + if two_factor_grace_period_expired?(current_user.otp_grace_period_started_at) + redirect_to new_profile_two_factor_auth_path, alert: 'Cannot skip two factor authentication setup' + else + session[:skip_tfa] = current_user.otp_grace_period_started_at + two_factor_grace_period.hours + redirect_to root_path + end + end + private def build_qr_code |