commit: 63886bdc5976ee72df168053352899174095335a
parent: bae7cf8ccecd7c670cd4c1a00c5c19f85c2487b6
Author: Eugen Rochko <eugen@zeonfederated.com>
Date: Mon, 13 Feb 2017 20:56:03 +0100
Fix #587 - Display TOTP secret next to QR code
Diffstat:
3 files changed, 8 insertions(+), 1 deletion(-)
diff --git a/app/controllers/settings/two_factor_auths_controller.rb b/app/controllers/settings/two_factor_auths_controller.rb
@@ -8,7 +8,8 @@ class Settings::TwoFactorAuthsController < ApplicationController
def show
return unless current_user.otp_required_for_login
- @qrcode = RQRCode::QRCode.new(current_user.otp_provisioning_uri(current_user.email, issuer: Rails.configuration.x.local_domain))
+ @provision_url = current_user.otp_provisioning_uri(current_user.email, issuer: Rails.configuration.x.local_domain)
+ @qrcode = RQRCode::QRCode.new(@provision_url)
end
def enable
diff --git a/app/views/settings/two_factor_auths/show.html.haml b/app/views/settings/two_factor_auths/show.html.haml
@@ -7,6 +7,10 @@
.qr-code= raw @qrcode.as_svg(padding: 0, module_size: 5)
+ %p= t('two_factor_auth.plaintext_secret_html', secret: current_user.otp_secret)
+
+ %p= t('two_factor_auth.warning')
+
= link_to t('two_factor_auth.disable'), disable_settings_two_factor_auth_path, data: { method: 'POST' }, class: 'block-button'
- else
%p= t('two_factor_auth.description_html')
diff --git a/config/locales/en.yml b/config/locales/en.yml
@@ -118,6 +118,8 @@ en:
disable: Disable
enable: Enable
instructions_html: "<strong>Scan this QR code into Google Authenticator or a similiar app on your phone</strong>. From now on, that app will generate tokens that you will have to enter when logging in."
+ plaintext_secret_html: "Plain-text secret: <samp>%{secret}</samp>"
+ warning: If you cannot configure an authenticator app right now, you should click "disable" or you won't be able to login.
users:
invalid_email: The e-mail address is invalid
invalid_otp_token: Invalid two-factor code