I do believe that OTP/MFA is now working.
This commit is contained in:
parent
95675aa5ef
commit
b72f88f60f
1
Gemfile
1
Gemfile
@ -8,6 +8,7 @@ gem "rails", "7.1.3.3"
|
|||||||
|
|
||||||
gem 'devise'
|
gem 'devise'
|
||||||
gem 'devise-two-factor'
|
gem 'devise-two-factor'
|
||||||
|
gem 'rqrcode'
|
||||||
|
|
||||||
# The original asset pipeline for Rails [https://github.com/rails/sprockets-rails]
|
# The original asset pipeline for Rails [https://github.com/rails/sprockets-rails]
|
||||||
gem "sprockets-rails"
|
gem "sprockets-rails"
|
||||||
|
|||||||
@ -93,6 +93,7 @@ GEM
|
|||||||
rack-test (>= 0.6.3)
|
rack-test (>= 0.6.3)
|
||||||
regexp_parser (>= 1.5, < 3.0)
|
regexp_parser (>= 1.5, < 3.0)
|
||||||
xpath (~> 3.2)
|
xpath (~> 3.2)
|
||||||
|
chunky_png (1.4.0)
|
||||||
concurrent-ruby (1.2.3)
|
concurrent-ruby (1.2.3)
|
||||||
connection_pool (2.4.1)
|
connection_pool (2.4.1)
|
||||||
crass (1.0.6)
|
crass (1.0.6)
|
||||||
@ -212,6 +213,10 @@ GEM
|
|||||||
railties (>= 5.2)
|
railties (>= 5.2)
|
||||||
rexml (3.2.6)
|
rexml (3.2.6)
|
||||||
rotp (6.3.0)
|
rotp (6.3.0)
|
||||||
|
rqrcode (2.2.0)
|
||||||
|
chunky_png (~> 1.0)
|
||||||
|
rqrcode_core (~> 1.0)
|
||||||
|
rqrcode_core (1.2.0)
|
||||||
rubyzip (2.3.2)
|
rubyzip (2.3.2)
|
||||||
selenium-webdriver (4.20.1)
|
selenium-webdriver (4.20.1)
|
||||||
base64 (~> 0.2)
|
base64 (~> 0.2)
|
||||||
@ -266,6 +271,7 @@ DEPENDENCIES
|
|||||||
mysql2 (~> 0.5)
|
mysql2 (~> 0.5)
|
||||||
puma (~> 6.0)
|
puma (~> 6.0)
|
||||||
rails (= 7.1.3.3)
|
rails (= 7.1.3.3)
|
||||||
|
rqrcode
|
||||||
selenium-webdriver
|
selenium-webdriver
|
||||||
sprockets-rails
|
sprockets-rails
|
||||||
stimulus-rails
|
stimulus-rails
|
||||||
|
|||||||
@ -89,12 +89,12 @@ menu > li {
|
|||||||
flex-grow: 1;
|
flex-grow: 1;
|
||||||
}
|
}
|
||||||
|
|
||||||
.domain {
|
.domain, .mfa {
|
||||||
background-color: #efefef;
|
background-color: #efefef;
|
||||||
border-radius:1rem;
|
border-radius:1rem;
|
||||||
padding:1rem;
|
padding:1rem;
|
||||||
}
|
}
|
||||||
.domain-header {
|
.domain-header, .mfa-header {
|
||||||
background-color: #fefefe;
|
background-color: #fefefe;
|
||||||
border-radius:1rem;
|
border-radius:1rem;
|
||||||
padding:1rem 1rem;
|
padding:1rem 1rem;
|
||||||
@ -108,7 +108,7 @@ menu > li {
|
|||||||
scale: 75%;
|
scale: 75%;
|
||||||
}
|
}
|
||||||
|
|
||||||
.email-list, .domain-list {
|
.email-list, .domain-list, .mfa-list {
|
||||||
border-radius:1rem;
|
border-radius:1rem;
|
||||||
border:1rem black;
|
border:1rem black;
|
||||||
background-color:#e7eae7;
|
background-color:#e7eae7;
|
||||||
|
|||||||
20
app/controllers/mfas_controller.rb
Normal file
20
app/controllers/mfas_controller.rb
Normal file
@ -0,0 +1,20 @@
|
|||||||
|
class MfasController < ApplicationController
|
||||||
|
def new
|
||||||
|
issuer = "Hidden Agenda Email"
|
||||||
|
label = "#{issuer}:#{current_user.email}"
|
||||||
|
current_user.otp_secret = User.generate_otp_secret
|
||||||
|
current_user.save!
|
||||||
|
|
||||||
|
qrcode = RQRCode::QRCode.new([{ data: current_user.otp_provisioning_uri(label, issuer: issuer), mode: :byte_8bit }])
|
||||||
|
|
||||||
|
@svg = qrcode.as_svg(color: "000", shape_rendering: "crispEdges", module_size: 5, standalone: true,
|
||||||
|
use_path: true
|
||||||
|
)
|
||||||
|
end
|
||||||
|
|
||||||
|
def create
|
||||||
|
current_user.otp_required_for_login = true
|
||||||
|
current_user.save!
|
||||||
|
redirect_to root_url
|
||||||
|
end
|
||||||
|
end
|
||||||
@ -21,5 +21,5 @@
|
|||||||
<%= f.submit "Change my password" %>
|
<%= f.submit "Change my password" %>
|
||||||
</div>
|
</div>
|
||||||
<% end %>
|
<% end %>
|
||||||
|
<hr/>
|
||||||
<%= render "devise/shared/links" %>
|
<%#= render "devise/shared/links" %>
|
||||||
|
|||||||
@ -35,5 +35,12 @@
|
|||||||
<%= f.submit "Update" %>
|
<%= f.submit "Update" %>
|
||||||
</div>
|
</div>
|
||||||
<% end %>
|
<% end %>
|
||||||
|
<hr/>
|
||||||
|
|
||||||
|
<% if current_user.otp_secret.to_s.size == 0 %>
|
||||||
|
<%= link_to "Enable MFA", new_mfa_path %>
|
||||||
|
<% else %>
|
||||||
|
<%= link_to "Edit MFA", new_mfa_path %>
|
||||||
|
<% end %>
|
||||||
|
|
|
||||||
<%= link_to "Back", :back %>
|
<%= link_to "Back", :back %>
|
||||||
|
|||||||
@ -12,6 +12,11 @@
|
|||||||
<%= f.password_field :password, autocomplete: "current-password", class: "input" %>
|
<%= f.password_field :password, autocomplete: "current-password", class: "input" %>
|
||||||
</div>
|
</div>
|
||||||
|
|
||||||
|
<div class="flex flex-column mt-3">
|
||||||
|
<%= f.label :otp_attempt, class: "my-2" %>
|
||||||
|
<%= f.password_field :otp_attempt, autocomplete: "OTP Code", class: "input" %>
|
||||||
|
</div>
|
||||||
|
|
||||||
<% if devise_mapping.rememberable? %>
|
<% if devise_mapping.rememberable? %>
|
||||||
<div class="flex flex-items-center mt-4">
|
<div class="flex flex-items-center mt-4">
|
||||||
<%= f.check_box :remember_me, class: "checkbox mr-3" %>
|
<%= f.check_box :remember_me, class: "checkbox mr-3" %>
|
||||||
|
|||||||
@ -26,12 +26,21 @@
|
|||||||
<% if alert %><div class=""><%= alert %></div><% end %>
|
<% if alert %><div class=""><%= alert %></div><% end %>
|
||||||
<%= yield %>
|
<%= yield %>
|
||||||
</main>
|
</main>
|
||||||
|
<% if Rails.env == "development" %>
|
||||||
<footer>
|
<footer>
|
||||||
RoR Version <%= Rails.version %> (<%=Rails.env%>) | Ruby <%= "#{RUBY_VERSION}p#{RUBY_PATCHLEVEL}" %> | OS <%= RUBY_PLATFORM %> | App Version <%= `git describe --always` %>
|
RoR Version <%= Rails.version %> (<%=Rails.env%>) | Ruby <%= "#{RUBY_VERSION}p#{RUBY_PATCHLEVEL}" %> | OS <%= RUBY_PLATFORM %> | App Version <%= `git describe --always` %>
|
||||||
|
|
||||||
|
<% if user_signed_in? %>
|
||||||
|
<hr/>
|
||||||
|
<%= "User:#{current_user.email} | OTP for login:#{current_user.otp_required_for_login} | " %>
|
||||||
|
<% end %>
|
||||||
|
<!--
|
||||||
<h3>To-Do (In order of importance):</h3>
|
<h3>To-Do (In order of importance):</h3>
|
||||||
<ul>
|
<ul>
|
||||||
<li>2FA</li>
|
|
||||||
</ul>
|
</ul>
|
||||||
|
-->
|
||||||
|
<% end %>
|
||||||
</footer>
|
</footer>
|
||||||
</body>
|
</body>
|
||||||
</html>
|
</html>
|
||||||
|
|||||||
9
app/views/mfas/new.html.erb
Normal file
9
app/views/mfas/new.html.erb
Normal file
@ -0,0 +1,9 @@
|
|||||||
|
<div class="mfa">
|
||||||
|
<h1 class="mfa-header">New MFA</h1>
|
||||||
|
<div class="mfa-list">
|
||||||
|
<p>Scan the code below and then click "Done".</p>
|
||||||
|
<p>You will only be able to login with your authenticator app once you have clicked "Done"</p>
|
||||||
|
<%= @svg.html_safe%>
|
||||||
|
<p><%= link_to "Done", mfas_path, data: { turbo_method: :post} %></p>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
@ -11,6 +11,8 @@ Rails.application.routes.draw do
|
|||||||
put 'users' => 'devise/registrations#update', :as => 'user_registration'
|
put 'users' => 'devise/registrations#update', :as => 'user_registration'
|
||||||
end
|
end
|
||||||
|
|
||||||
|
resources :mfas, only: [:new, :create]
|
||||||
|
|
||||||
# Define your application routes per the DSL in https://guides.rubyonrails.org/routing.html
|
# Define your application routes per the DSL in https://guides.rubyonrails.org/routing.html
|
||||||
|
|
||||||
# Defines the root path route ("/")
|
# Defines the root path route ("/")
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user