Backup codes for 2fa auth (#1237).

Patch by Felix Schäfer. git-svn-id: http://svn.redmine.org/redmine/trunk@19990 e93f8b46-1217-0410-a6f0-8f06a7374b81
author: Go MAEDA <maeda@farend.jp> 2020-08-29 06:51:21 +0000
committer: Go MAEDA <maeda@farend.jp> 2020-08-29 06:51:21 +0000
commit: 8900eb6eb5994310e3f957398cc21a512c5951ab (patch)
tree: 22c37392fef2ef6f750dbd9bda18c90c6cfd45b9 /app/views
parent: be7f5e21faa05bdc483d1b58c8887ff499082073 (diff)
download: redmine-8900eb6eb5994310e3f957398cc21a512c5951ab.tar.gz
redmine-8900eb6eb5994310e3f957398cc21a512c5951ab.zip
5 files changed, 43 insertions, 10 deletions
diff --git a/app/views/my/account.html.erb b/app/views/my/account.html.erb
index 996bead61..c54183a8c 100644
--- a/app/views/my/account.html.erb
+++ b/app/views/my/account.html.erb
@@ -34,6 +34,7 @@
     <% if @user.twofa_active? %>
       <%=l 'twofa_currently_active', twofa_scheme_name: l("twofa__#{@user.twofa_scheme}__name") -%><br/>
       <%= link_to l('button_disable'), { controller: 'twofa', action: 'deactivate_init', scheme: @user.twofa_scheme }, method: :post -%><br/>
+      <%= link_to l('twofa_generate_backup_codes'), { controller: 'twofa_backup_codes', action: 'init' }, method: :post, data: { confirm: Redmine::Twofa.for_user(User.current).backup_codes.any? ? t('twofa_text_generate_backup_codes_confirmation') : nil } -%>
     <% else %>
       <% Redmine::Twofa.available_schemes.each do |s| %>
         <%= link_to l("twofa__#{s}__label_activate"), { controller: 'twofa', action: 'activate_init', scheme: s }, method: :post -%><br/>
diff --git a/app/views/twofa/_twofa_code_form.html.erb b/app/views/twofa/_twofa_code_form.html.erb
new file mode 100644
index 000000000..b9d0e1bf7
--- /dev/null
+++ b/app/views/twofa/_twofa_code_form.html.erb
@@ -0,0 +1,9 @@
+<div class="box">
+  <p><%=l 'twofa_label_enter_otp' %></p>
+  <div class="tabular">
+    <p>
+      <label for="twofa_code"><%=l 'twofa_label_code' -%></label>
+      <%= text_field_tag :twofa_code, nil, autocomplete: 'off' -%>
+    </p>
+  </div>
+</div>
diff --git a/app/views/twofa/deactivate_confirm.html.erb b/app/views/twofa/deactivate_confirm.html.erb
index f2ecb0d07..a515143ad 100644
--- a/app/views/twofa/deactivate_confirm.html.erb
+++ b/app/views/twofa/deactivate_confirm.html.erb
@@ -5,16 +5,7 @@
                  scheme: @twofa_view[:scheme_name] },
                { method: :post,
                  id: 'twofa_form' }) do -%>
-    <div class="box">
-
-      <p><%=l 'twofa_label_enter_otp' %></p>
-      <div class="tabular">
-        <p>
-          <label for="twofa_code"><%=l 'twofa_label_code' -%></label>
-          <%= text_field_tag :twofa_code, nil, autocomplete: 'off' -%>
-        </p>
-      </div>
-    </div>
+    <%= render partial: 'twofa_code_form' -%>
     <%= submit_tag l('button_disable'), name: :submit_otp -%>
     <%= link_to l('twofa_resend_code'), { action: 'deactivate_init', scheme: @twofa_view[:scheme_name] }, method: :post if @twofa_view[:resendable] -%>
   <% end %>
diff --git a/app/views/twofa_backup_codes/confirm.html.erb b/app/views/twofa_backup_codes/confirm.html.erb
new file mode 100644
index 000000000..34e33d455
--- /dev/null
+++ b/app/views/twofa_backup_codes/confirm.html.erb
@@ -0,0 +1,15 @@
+<h2><%=l 'twofa_generate_backup_codes' -%></h2>
+
+<div class="splitcontentleft">
+  <%= form_tag({ action: :create },
+               { method: :post,
+                 id: 'twofa_form' }) do -%>
+    <%= render partial: 'twofa/twofa_code_form' -%>
+    <%= submit_tag l('button_submit'), name: :submit_otp -%>
+    <%= link_to l('twofa_resend_code'), { action: 'init' }, method: :post if @twofa_view[:resendable] -%>
+  <% end %>
+</div>
+
+<% content_for :sidebar do %>
+<%= render :partial => 'my/sidebar' %>
+<% end %>
diff --git a/app/views/twofa_backup_codes/show.html.erb b/app/views/twofa_backup_codes/show.html.erb
new file mode 100644
index 000000000..50b9948f8
--- /dev/null
+++ b/app/views/twofa_backup_codes/show.html.erb
@@ -0,0 +1,17 @@
+<h2><%=l 'twofa_label_backup_codes' -%></h2>
+
+<div class="splitcontentleft">
+  <div class="box">
+    <p><%=l 'twofa_text_backup_codes_hint' -%></p>
+    <ul class="twofa_backup_codes">
+    <% @backup_codes.each do |code| -%>
+      <li><code><%= code.scan(/.{4}/).join(' ') -%></code></li>
+    <% end -%>
+    </ul>
+    <p><em class="info"><%=l 'twofa_text_backup_codes_created_at', datetime: format_time(@created_at) -%></em></p>
+  </div>
+</div>
+
+<% content_for :sidebar do %>
+<%= render :partial => 'my/sidebar' %>
+<% end %>
author	Go MAEDA <maeda@farend.jp>	2020-08-29 06:51:21 +0000
committer	Go MAEDA <maeda@farend.jp>	2020-08-29 06:51:21 +0000
commit	8900eb6eb5994310e3f957398cc21a512c5951ab (patch)
tree	22c37392fef2ef6f750dbd9bda18c90c6cfd45b9 /app/views
parent	be7f5e21faa05bdc483d1b58c8887ff499082073 (diff)
download	redmine-8900eb6eb5994310e3f957398cc21a512c5951ab.tar.gz redmine-8900eb6eb5994310e3f957398cc21a512c5951ab.zip