diff options
| author | Douwe Maan <douwe@gitlab.com> | 2016-03-01 19:01:18 +0300 |
|---|---|---|
| committer | Douwe Maan <douwe@gitlab.com> | 2016-03-01 19:01:18 +0300 |
| commit | 204a9895333178cc90b40ef365ad566d750fa594 (patch) | |
| tree | b4a6264775b1b0d18d725f916d685f07eebc2cc1 /app | |
| parent | 8cba0612e16268ea12904e40ce7dad293998a875 (diff) | |
| parent | b0ec9529e218ba577404c48453ea1818e28fd382 (diff) | |
Merge branch 'rs-improve-grace-period' into 'master'
Don't show any "2FA required" message if it's not actually required
Prior, if the user had enabled and then disabled 2FA, they would be
shown a "You must enable Two-factor Authentication for your account."
message when going back to re-activate it, even if 2FA enforcement was
disabled.
See merge request !3014
Diffstat (limited to 'app')
| -rw-r--r-- | app/controllers/profiles/two_factor_auths_controller.rb | 12 | ||||
| -rw-r--r-- | app/models/user.rb | 11 |
2 files changed, 13 insertions, 10 deletions
diff --git a/app/controllers/profiles/two_factor_auths_controller.rb b/app/controllers/profiles/two_factor_auths_controller.rb index f3bfede4354..8f83fdd02bc 100644 --- a/app/controllers/profiles/two_factor_auths_controller.rb +++ b/app/controllers/profiles/two_factor_auths_controller.rb @@ -12,11 +12,13 @@ class Profiles::TwoFactorAuthsController < Profiles::ApplicationController current_user.save! if current_user.changed? - if two_factor_grace_period_expired? - flash.now[:alert] = 'You must enable Two-factor Authentication for your account.' - else - grace_period_deadline = current_user.otp_grace_period_started_at + two_factor_grace_period.hours - flash.now[:alert] = "You must enable Two-factor Authentication for your account before #{l(grace_period_deadline)}." + if two_factor_authentication_required? + if two_factor_grace_period_expired? + flash.now[:alert] = 'You must enable Two-factor Authentication for your account.' + else + grace_period_deadline = current_user.otp_grace_period_started_at + two_factor_grace_period.hours + flash.now[:alert] = "You must enable Two-factor Authentication for your account before #{l(grace_period_deadline)}." + end end @qr_code = build_qr_code diff --git a/app/models/user.rb b/app/models/user.rb index 6baf2468ade..4bc4ab8de7f 100644 --- a/app/models/user.rb +++ b/app/models/user.rb @@ -362,11 +362,12 @@ class User < ActiveRecord::Base def disable_two_factor! update_attributes( - two_factor_enabled: false, - encrypted_otp_secret: nil, - encrypted_otp_secret_iv: nil, - encrypted_otp_secret_salt: nil, - otp_backup_codes: nil + two_factor_enabled: false, + encrypted_otp_secret: nil, + encrypted_otp_secret_iv: nil, + encrypted_otp_secret_salt: nil, + otp_grace_period_started_at: nil, + otp_backup_codes: nil ) end |