authentication-zero 2.16.24 → 2.16.25
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +4 -0
- data/Gemfile.lock +1 -1
- data/lib/authentication_zero/version.rb +1 -1
- data/lib/generators/authentication/authentication_generator.rb +3 -2
- data/lib/generators/authentication/templates/controllers/html/two_factor_authentication/profile/totps_controller.rb.tt +6 -1
- data/lib/generators/authentication/templates/erb/two_factor_authentication/profile/totps/new.html.erb.tt +12 -0
- metadata +1 -1
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 7e2f92cea6894605d40f9db5bad75a4cb227a89043a19f8fe79172b83731b226
|
|
4
|
+
data.tar.gz: 85801b84481982cabfc5d1bbbbc554893d4597ed70a7550f1f4e299f8b4b81ae
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: cc3bddc51a3cbe07dc2dd990ae65b9692699f3dad8d370da99952ee7cedb3c6d31699ee7804e5c0b5b0ff8a8e5b05182a9a1c40d58d04c364d7171f53c193b8d
|
|
7
|
+
data.tar.gz: 07bccc4f5eb51fac1da60e82bd3f819f2b29aec97085d73fd13d819ed69b81a704b12bd866e2340b6641ee860563d49a67bea43854a2efa0da23004c9501a598
|
data/CHANGELOG.md
CHANGED
data/Gemfile.lock
CHANGED
|
@@ -117,7 +117,8 @@ class AuthenticationGenerator < Rails::Generators::Base
|
|
|
117
117
|
|
|
118
118
|
def install_javascript_dependencies
|
|
119
119
|
return if options.api?
|
|
120
|
-
|
|
120
|
+
|
|
121
|
+
template "javascript/controllers/application.js", "app/javascript/controllers/application.js", force: true
|
|
121
122
|
|
|
122
123
|
if webauthn?
|
|
123
124
|
run "bin/importmap pin stimulus-web-authn" if importmaps?
|
|
@@ -195,7 +196,7 @@ class AuthenticationGenerator < Rails::Generators::Base
|
|
|
195
196
|
|
|
196
197
|
if two_factor?
|
|
197
198
|
route "resources :recovery_codes, only: [:index, :create]", namespace: [:two_factor_authentication, :profile]
|
|
198
|
-
route "resource :totp, only: [:new, :create]", namespace: [:two_factor_authentication, :profile]
|
|
199
|
+
route "resource :totp, only: [:new, :create, :update]", namespace: [:two_factor_authentication, :profile]
|
|
199
200
|
route "resources :security_keys", namespace: [:two_factor_authentication, :profile] if webauthn?
|
|
200
201
|
|
|
201
202
|
route "resource :recovery_codes, only: [:new, :create]", namespace: [:two_factor_authentication, :challenge]
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
class TwoFactorAuthentication::Profile::TotpsController < ApplicationController
|
|
2
2
|
before_action :set_user
|
|
3
|
-
before_action :set_totp
|
|
3
|
+
before_action :set_totp, only: %i[ new create ]
|
|
4
4
|
|
|
5
5
|
def new
|
|
6
6
|
@qr_code = RQRCode::QRCode.new(provisioning_uri)
|
|
@@ -15,6 +15,11 @@ class TwoFactorAuthentication::Profile::TotpsController < ApplicationController
|
|
|
15
15
|
end
|
|
16
16
|
end
|
|
17
17
|
|
|
18
|
+
def update
|
|
19
|
+
@user.update! otp_secret: ROTP::Base32.random
|
|
20
|
+
redirect_to new_two_factor_authentication_profile_totp_path
|
|
21
|
+
end
|
|
22
|
+
|
|
18
23
|
private
|
|
19
24
|
def set_user
|
|
20
25
|
@user = Current.user
|
|
@@ -1,5 +1,17 @@
|
|
|
1
1
|
<p style="color: red"><%%= alert %></p>
|
|
2
2
|
|
|
3
|
+
<%% if Current.user.otp_required_for_sign_in? %>
|
|
4
|
+
<h1>Want to replace your existing 2FA setup?</h1>
|
|
5
|
+
|
|
6
|
+
<p>Your account is already protected with two-factor authentication. You can replace that setup if you want to switch to a new phone or authenticator app.</p>
|
|
7
|
+
|
|
8
|
+
<p><strong>Do you want to continue? Your existing 2FA setup will no longer work.</strong></p>
|
|
9
|
+
|
|
10
|
+
<%%= button_to "Yes, replace my 2FA setup", two_factor_authentication_profile_totp_path, method: :patch %>
|
|
11
|
+
|
|
12
|
+
<hr>
|
|
13
|
+
<%% end %>
|
|
14
|
+
|
|
3
15
|
<h1>Upgrade your security with 2FA</h1>
|
|
4
16
|
|
|
5
17
|
<h2>Step 1: Get an Authenticator App</h2>
|