From 6dd096b7f08799ff27d9e34356fb1163ca10f388 Mon Sep 17 00:00:00 2001 From: Andrew Date: Sun, 15 Jan 2017 21:14:29 -0500 Subject: Two factor authentication support (#630) * Initial commit for 2FA support Signed-off-by: Andrew * Add vendored files * Add missing depends * A few clean ups * Added improvements, proper encryption * Better encryption key * Simplify "key" generation * Make 2FA enrollment page more robust * Fix typo * Rename twofa/2FA to TwoFactor * UNIQUE INDEX -> UNIQUE --- cmd/web.go | 13 +++++++++++++ 1 file changed, 13 insertions(+) (limited to 'cmd') diff --git a/cmd/web.go b/cmd/web.go index ff4fcc376d..9942f19a50 100644 --- a/cmd/web.go +++ b/cmd/web.go @@ -203,6 +203,12 @@ func runWeb(ctx *cli.Context) error { m.Post("/sign_up", bindIgnErr(auth.RegisterForm{}), user.SignUpPost) m.Get("/reset_password", user.ResetPasswd) m.Post("/reset_password", user.ResetPasswdPost) + m.Group("/two_factor", func() { + m.Get("", user.TwoFactor) + m.Post("", bindIgnErr(auth.TwoFactorAuthForm{}), user.TwoFactorPost) + m.Get("/scratch", user.TwoFactorScratch) + m.Post("/scratch", bindIgnErr(auth.TwoFactorScratchAuthForm{}), user.TwoFactorScratchPost) + }) }, reqSignOut) m.Group("/user/settings", func() { @@ -223,6 +229,13 @@ func runWeb(ctx *cli.Context) error { Post(bindIgnErr(auth.NewAccessTokenForm{}), user.SettingsApplicationsPost) m.Post("/applications/delete", user.SettingsDeleteApplication) m.Route("/delete", "GET,POST", user.SettingsDelete) + m.Group("/two_factor", func() { + m.Get("", user.SettingsTwoFactor) + m.Post("/regenerate_scratch", user.SettingsTwoFactorRegenerateScratch) + m.Post("/disable", user.SettingsTwoFactorDisable) + m.Get("/enroll", user.SettingsTwoFactorEnroll) + m.Post("/enroll", bindIgnErr(auth.TwoFactorAuthForm{}), user.SettingsTwoFactorEnrollPost) + }) }, reqSignIn, func(ctx *context.Context) { ctx.Data["PageIsUserSettings"] = true }) -- cgit v1.2.3