summaryrefslogtreecommitdiffstats
path: root/app/controllers/application_controller.rb
diff options
context:
space:
mode:
authorGo MAEDA <maeda@farend.jp>2020-08-29 06:37:09 +0000
committerGo MAEDA <maeda@farend.jp>2020-08-29 06:37:09 +0000
commitbe7f5e21faa05bdc483d1b58c8887ff499082073 (patch)
tree3eb76db7dfd87ad1b41494261d54b48f0d3ac09f /app/controllers/application_controller.rb
parent560bca344ae467cda03e758159fbf131d5c49f43 (diff)
downloadredmine-be7f5e21faa05bdc483d1b58c8887ff499082073.tar.gz
redmine-be7f5e21faa05bdc483d1b58c8887ff499082073.zip
Adds a setting to disable/enable/require 2fa auth (#1237).
Patch by Felix Schäfer. git-svn-id: http://svn.redmine.org/redmine/trunk@19989 e93f8b46-1217-0410-a6f0-8f06a7374b81
Diffstat (limited to 'app/controllers/application_controller.rb')
-rw-r--r--app/controllers/application_controller.rb30
1 files changed, 29 insertions, 1 deletions
diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
index fca9ebc90..08dea30a7 100644
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -56,7 +56,7 @@ class ApplicationController < ActionController::Base
end
end
- before_action :session_expiration, :user_setup, :check_if_login_required, :set_localization, :check_password_change
+ before_action :session_expiration, :user_setup, :check_if_login_required, :set_localization, :check_password_change, :check_twofa_activation
after_action :record_project_usage
rescue_from ::Unauthorized, :with => :deny_access
@@ -89,6 +89,9 @@ class ApplicationController < ActionController::Base
if user.must_change_password?
session[:pwd] = '1'
end
+ if user.must_activate_twofa?
+ session[:must_activate_twofa] = '1'
+ end
end
def user_setup
@@ -205,6 +208,31 @@ class ApplicationController < ActionController::Base
end
end
+ def init_twofa_pairing_and_send_code_for(twofa)
+ twofa.init_pairing!
+ if twofa.send_code(controller: 'twofa', action: 'activate')
+ flash[:notice] = l('twofa_code_sent')
+ end
+ redirect_to controller: 'twofa', action: 'activate_confirm', scheme: twofa.scheme_name
+ end
+
+ def check_twofa_activation
+ if session[:must_activate_twofa]
+ if User.current.must_activate_twofa?
+ flash[:warning] = l('twofa_warning_require')
+ if Redmine::Twofa.available_schemes.length == 1
+ twofa_scheme = Redmine::Twofa.for_twofa_scheme(Redmine::Twofa.available_schemes.first)
+ twofa = twofa_scheme.new(User.current)
+ init_twofa_pairing_and_send_code_for(twofa)
+ else
+ redirect_to controller: 'twofa', action: 'select_scheme'
+ end
+ else
+ session.delete(:must_activate_twofa)
+ end
+ end
+ end
+
def set_localization(user=User.current)
lang = nil
if user && user.logged?