Add latest changes from gitlab-org/gitlab@master

6 files changed, 47 insertions, 6 deletions

diff --git a/app/views/admin/sessions/_new_base.html.haml b/app/views/admin/sessions/_new_base.html.haml
index 50fa48855c0..a8d678d2b61 100644
--- a/app/views/admin/sessions/_new_base.html.haml
+++ b/app/views/admin/sessions/_new_base.html.haml
@@ -1,7 +1,7 @@
 = form_tag(admin_session_path, method: :post, html: { class: 'new_user gl-show-field-errors', 'aria-live': 'assertive'}) do
   .form-group
-    = label_tag :password, _('Password'), class: 'label-bold'
-    = password_field_tag :password, nil, class: 'form-control', required: true, title: _('This field is required.'), data: { qa_selector: 'password_field' }
+    = label_tag :user_password, _('Password'), class: 'label-bold'
+    = password_field_tag 'user[password]', nil, class: 'form-control', required: true, title: _('This field is required.'), data: { qa_selector: 'password_field' }
 
   .submit-container.move-submit-down
     = submit_tag _('Enter Admin Mode'), class: 'btn btn-success', data: { qa_selector: 'enter_admin_mode_button' }
diff --git a/app/views/admin/sessions/_tabs_normal.html.haml b/app/views/admin/sessions/_tabs_normal.html.haml
index 20830051d31..2e279013720 100644
--- a/app/views/admin/sessions/_tabs_normal.html.haml
+++ b/app/views/admin/sessions/_tabs_normal.html.haml
@@ -1,3 +1,3 @@
 %ul.nav-links.new-session-tabs.nav-tabs.nav{ role: 'tablist' }
   %li.nav-item{ role: 'presentation' }
-    %a.nav-link.active{ href: '#login-pane', data: { toggle: 'tab', qa_selector: 'sign_in_tab' }, role: 'tab' }= _('Enter Admin Mode')
+    %a.nav-link.active{ href: '#login-pane', data: { toggle: 'tab', qa_selector: 'sign_in_tab' }, role: 'tab' }= tab_title
diff --git a/app/views/admin/sessions/_two_factor_otp.html.haml b/app/views/admin/sessions/_two_factor_otp.html.haml
new file mode 100644
index 00000000000..9d4acbf1b99
--- /dev/null
+++ b/app/views/admin/sessions/_two_factor_otp.html.haml
@@ -0,0 +1,9 @@
+= form_tag(admin_session_path, { method: :post, class: "edit_user gl-show-field-errors js-2fa-form #{'hidden' if current_user.two_factor_u2f_enabled?}" }) do
+  .form-group
+    = label_tag :user_otp_attempt, _('Two-Factor Authentication code')
+    = text_field_tag 'user[otp_attempt]', nil, class: 'form-control', required: true, autofocus: true, autocomplete: 'off', title: _('This field is required.')
+    %p.form-text.text-muted.hint
+      = _("Enter the code from the two-factor app on your mobile device. If you've lost your device, you may enter one of your recovery codes.")
+
+  .submit-container.move-submit-down
+    = submit_tag 'Verify code', class: 'btn btn-success'
diff --git a/app/views/admin/sessions/_two_factor_u2f.html.haml b/app/views/admin/sessions/_two_factor_u2f.html.haml
new file mode 100644
index 00000000000..09b91d76295
--- /dev/null
+++ b/app/views/admin/sessions/_two_factor_u2f.html.haml
@@ -0,0 +1,17 @@
+#js-authenticate-u2f
+%a.btn.btn-block.btn-info#js-login-2fa-device{ href: '#' }= _("Sign in via 2FA code")
+
+%script#js-authenticate-u2f-in-progress{ type: "text/template" }
+  %p= _("Trying to communicate with your device. Plug it in (if you haven't already) and press the button on the device now.")
+
+-# haml-lint:disable NoPlainNodes
+%script#js-authenticate-u2f-error{ type: "text/template" }
+  %div
+    %p <%= error_message %> (#{_("error code:")} <%= error_code %>)
+    %a.btn.btn-block.btn-warning#js-u2f-try-again= _("Try again?")
+
+%script#js-authenticate-u2f-authenticated{ type: "text/template" }
+  %div
+    %p= _("We heard back from your U2F device. You have been authenticated.")
+    = form_tag(admin_session_path, method: :post, id: 'js-login-u2f-form') do |f|
+      = hidden_field_tag 'user[device_response]', nil, class: 'form-control', required: true, id: "js-device-response"
diff --git a/app/views/admin/sessions/new.html.haml b/app/views/admin/sessions/new.html.haml
index a1d440f2cfd..0a7f20b861e 100644
--- a/app/views/admin/sessions/new.html.haml
+++ b/app/views/admin/sessions/new.html.haml
@@ -2,10 +2,10 @@
 - page_title _('Enter Admin Mode')
 
 .row.justify-content-center
-  .col-6.new-session-forms-container
+  .col-md-5.new-session-forms-container
     .login-page
       #signin-container
-        = render 'admin/sessions/tabs_normal'
+        = render 'admin/sessions/tabs_normal', tab_title: _('Enter Admin Mode')
         .tab-content
           - if !current_user.require_password_creation_for_web?
             .login-box.tab-pane.active{ id: 'login-pane', role: 'tabpanel' }
@@ -14,7 +14,7 @@
 
           - if omniauth_enabled? && button_based_providers_enabled?
             .clearfix
-              = render 'devise/shared/omniauth_box'
+              = render 'devise/shared/omniauth_box', hide_remember_me: true
 
           -# Show a message if none of the mechanisms above are enabled
           - if current_user.require_password_creation_for_web? && !omniauth_enabled?
diff --git a/app/views/admin/sessions/two_factor.html.haml b/app/views/admin/sessions/two_factor.html.haml
new file mode 100644
index 00000000000..3a0cbe3facb
--- /dev/null
+++ b/app/views/admin/sessions/two_factor.html.haml
@@ -0,0 +1,15 @@
+- @hide_breadcrumbs = true
+- page_title _('Enter 2FA for Admin Mode')
+
+.row.justify-content-center
+  .col-md-5.new-session-forms-container
+    .login-page
+      #signin-container
+        = render 'admin/sessions/tabs_normal', tab_title: _('Enter Admin Mode')
+        .tab-content
+          .login-box.tab-pane.active{ id: 'login-pane', role: 'tabpanel' }
+            .login-body
+              - if current_user.two_factor_otp_enabled?
+                = render 'admin/sessions/two_factor_otp'
+              - if current_user.two_factor_u2f_enabled?
+                = render 'admin/sessions/two_factor_u2f'