diff options
author | Go MAEDA <maeda@farend.jp> | 2020-08-29 06:37:09 +0000 |
---|---|---|
committer | Go MAEDA <maeda@farend.jp> | 2020-08-29 06:37:09 +0000 |
commit | be7f5e21faa05bdc483d1b58c8887ff499082073 (patch) | |
tree | 3eb76db7dfd87ad1b41494261d54b48f0d3ac09f /app/controllers/application_controller.rb | |
parent | 560bca344ae467cda03e758159fbf131d5c49f43 (diff) | |
download | redmine-be7f5e21faa05bdc483d1b58c8887ff499082073.tar.gz redmine-be7f5e21faa05bdc483d1b58c8887ff499082073.zip |
Adds a setting to disable/enable/require 2fa auth (#1237).
Patch by Felix Schäfer.
git-svn-id: http://svn.redmine.org/redmine/trunk@19989 e93f8b46-1217-0410-a6f0-8f06a7374b81
Diffstat (limited to 'app/controllers/application_controller.rb')
-rw-r--r-- | app/controllers/application_controller.rb | 30 |
1 files changed, 29 insertions, 1 deletions
diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index fca9ebc90..08dea30a7 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -56,7 +56,7 @@ class ApplicationController < ActionController::Base end end - before_action :session_expiration, :user_setup, :check_if_login_required, :set_localization, :check_password_change + before_action :session_expiration, :user_setup, :check_if_login_required, :set_localization, :check_password_change, :check_twofa_activation after_action :record_project_usage rescue_from ::Unauthorized, :with => :deny_access @@ -89,6 +89,9 @@ class ApplicationController < ActionController::Base if user.must_change_password? session[:pwd] = '1' end + if user.must_activate_twofa? + session[:must_activate_twofa] = '1' + end end def user_setup @@ -205,6 +208,31 @@ class ApplicationController < ActionController::Base end end + def init_twofa_pairing_and_send_code_for(twofa) + twofa.init_pairing! + if twofa.send_code(controller: 'twofa', action: 'activate') + flash[:notice] = l('twofa_code_sent') + end + redirect_to controller: 'twofa', action: 'activate_confirm', scheme: twofa.scheme_name + end + + def check_twofa_activation + if session[:must_activate_twofa] + if User.current.must_activate_twofa? + flash[:warning] = l('twofa_warning_require') + if Redmine::Twofa.available_schemes.length == 1 + twofa_scheme = Redmine::Twofa.for_twofa_scheme(Redmine::Twofa.available_schemes.first) + twofa = twofa_scheme.new(User.current) + init_twofa_pairing_and_send_code_for(twofa) + else + redirect_to controller: 'twofa', action: 'select_scheme' + end + else + session.delete(:must_activate_twofa) + end + end + end + def set_localization(user=User.current) lang = nil if user && user.logged? |