2021-09-30 23:02:18 +05:30
- breadcrumb_title _('Two-Factor Authentication')
2019-09-04 21:01:54 +05:30
- page_title _('Two-Factor Authentication'), _('Account')
2021-09-30 23:02:18 +05:30
- add_to_breadcrumbs _('Account'), profile_account_path
2017-09-10 17:25:29 +05:30
- @content_class = "limit-container-width" unless fluid_layout
2022-07-16 23:28:13 +05:30
- webauthn_enabled = Feature.enabled?(:webauthn)
2017-09-10 17:25:29 +05:30
.js-two-factor-auth{ 'data-two-factor-skippable' => "#{two_factor_skippable?}", 'data-two_factor_skip_url' => skip_profile_two_factor_auth_path }
2020-07-28 23:09:34 +05:30
.row.gl-mt-3
2017-09-10 17:25:29 +05:30
.col-lg-4
2020-06-23 00:09:42 +05:30
%h4.gl-mt-0
2023-05-27 22:25:52 +05:30
= _('Register a one-time password authenticator')
2016-06-16 23:09:34 +05:30
%p
2021-04-17 20:07:23 +05:30
= _('Use a one-time password authenticator on your mobile device or computer to enable two-factor authentication (2FA).')
2017-09-10 17:25:29 +05:30
.col-lg-8
- if current_user.two_factor_otp_enabled?
2018-03-17 18:26:18 +05:30
%p
2019-09-04 21:01:54 +05:30
= _("You've already enabled two-factor authentication using one time password authenticators. In order to register a different device, you must first disable two-factor authentication.")
2017-09-10 17:25:29 +05:30
- else
%p
2022-08-27 11:52:29 +05:30
- register_2fa_token = _('We recommend using cloud-based authenticator applications that can restore access if you lose your hardware device.')
2019-09-04 21:01:54 +05:30
= register_2fa_token.html_safe
2022-08-27 11:52:29 +05:30
= link_to _('What are some examples?'), help_page_path('user/profile/account/two_factor_authentication', anchor: 'enable-one-time-password'), target: '_blank', rel: 'noopener noreferrer'
2020-10-24 23:57:45 +05:30
.row.gl-mb-3
2022-07-23 23:45:48 +05:30
.col-md-4.gl-min-w-fit-content
.gl-p-2.gl-mb-3{ style: 'background: #fff' }
= raw @qr_code
2017-09-10 17:25:29 +05:30
.col-md-8
2023-05-27 22:25:52 +05:30
= render Pajamas::CardComponent.new do |c|
- c.body do
2022-08-27 11:52:29 +05:30
%p.gl-mt-0.gl-mb-3.gl-font-weight-bold
= _("Can't scan the code?")
%p.gl-mt-0.gl-mb-3
= _('To add the entry manually, provide the following details to the application on your phone.')
%p.gl-mt-0.gl-mb-0
= _('Account: %{account}') % { account: @account_string }
%p.gl-mt-0.gl-mb-0{ data: { qa_selector: 'otp_secret_content' } }
= _('Key:')
%code.two-factor-secret= current_user.otp_secret.scan(/.{4}/).join(' ')
%p.gl-mb-0.two-factor-new-manual-content
= _('Time based: Yes')
2017-09-10 17:25:29 +05:30
= form_tag profile_two_factor_auth_path, method: :post do |f|
- if @error
2022-06-21 17:19:12 +05:30
= render Pajamas::AlertComponent.new(title: @error[:message],
variant: :danger,
2022-11-25 23:54:43 +05:30
alert_options: { class: 'gl-mb-3' },
2022-07-16 23:28:13 +05:30
dismissible: false) do |c|
= c.body do
2022-05-07 20:08:51 +05:30
= link_to _('Try the troubleshooting steps here.'), help_page_path('user/profile/account/two_factor_authentication.md', anchor: 'troubleshooting'), target: '_blank', rel: 'noopener noreferrer'
2021-11-11 11:23:49 +05:30
- if current_password_required?
.form-group
= label_tag :current_password, _('Current password'), class: 'label-bold'
2021-11-18 22:05:49 +05:30
= password_field_tag :current_password, nil, autocomplete: 'current-password', required: true, class: 'form-control gl-form-input', data: { qa_selector: 'current_password_field' }
2021-11-11 11:23:49 +05:30
%p.form-text.text-muted
= _('Your current password is required to register a two-factor authenticator app.')
2023-05-27 22:25:52 +05:30
.form-group
= label_tag :pin_code, _('Enter verification code'), class: "label-bold"
= text_field_tag :pin_code, nil, autocomplete: 'off', inputmode: 'numeric', class: "form-control gl-form-input", required: true, data: { qa_selector: 'pin_code_field' }
2020-07-28 23:09:34 +05:30
.gl-mt-3
2021-04-29 21:17:54 +05:30
= submit_tag _('Register with two-factor app'), class: 'gl-button btn btn-confirm', data: { qa_selector: 'register_2fa_app_button' }
2016-06-16 23:09:34 +05:30
2017-09-10 17:25:29 +05:30
%hr
2016-06-16 23:09:34 +05:30
2020-07-28 23:09:34 +05:30
.row.gl-mt-3
2017-09-10 17:25:29 +05:30
.col-lg-4
2020-06-23 00:09:42 +05:30
%h4.gl-mt-0
2023-05-27 22:25:52 +05:30
= _('Register a WebAuthn device')
2017-09-10 17:25:29 +05:30
%p
2023-05-27 22:25:52 +05:30
= _('Set up a hardware device to enable two-factor authentication (2FA).')
2017-09-10 17:25:29 +05:30
%p
2023-05-27 22:25:52 +05:30
- if webauthn_enabled && Feature.enabled?(:webauthn_without_totp)
= _("Not all browsers support WebAuthn. You must save your recovery codes after you first register a two-factor authenticator to be able to sign in, even from an unsupported browser.")
2020-11-24 15:15:51 +05:30
- else
2023-05-27 22:25:52 +05:30
= _("Not all browsers support WebAuthn. Therefore, we require that you set up a two-factor authentication app first. That way you'll always be able to sign in, even from an unsupported browser.")
2017-09-10 17:25:29 +05:30
.col-lg-8
2023-05-27 22:25:52 +05:30
- if @webauthn_registration.errors.present?
= form_errors(@webauthn_registration)
= render "authentication/register", target_path: create_webauthn_profile_two_factor_auth_path
2016-06-16 23:09:34 +05:30
2017-09-10 17:25:29 +05:30
%hr
2016-09-13 17:45:13 +05:30
2019-09-04 21:01:54 +05:30
%h5
2023-05-27 22:25:52 +05:30
= _('WebAuthn Devices (%{length})') % { length: @registrations.length }
2016-09-13 17:45:13 +05:30
2020-11-24 15:15:51 +05:30
- if @registrations.present?
2017-09-10 17:25:29 +05:30
.table-responsive
2023-05-27 22:25:52 +05:30
%table.table
2017-09-10 17:25:29 +05:30
%colgroup
%col{ width: "50%" }
%col{ width: "30%" }
%col{ width: "20%" }
%thead
2016-09-13 17:45:13 +05:30
%tr
2019-09-04 21:01:54 +05:30
%th= _('Name')
%th= s_('2FADevice|Registered On')
2017-09-10 17:25:29 +05:30
%th
%tbody
2020-11-24 15:15:51 +05:30
- @registrations.each do |registration|
2017-09-10 17:25:29 +05:30
%tr
2021-01-03 14:25:43 +05:30
%td
- if registration[:name].present?
= registration[:name]
- else
%span.gl-text-gray-500
= _("no name set")
2020-11-24 15:15:51 +05:30
%td= registration[:created_at].to_date.to_s(:medium)
2023-04-23 21:23:45 +05:30
%td
= render Pajamas::ButtonComponent.new(variant: :danger,
href: registration[:delete_path],
method: :delete,
button_options: { class: 'float-right', data: { confirm: _('Are you sure you want to delete this device? This action cannot be undone.'), confirm_btn_variant: "danger" }, aria: { label: _('Delete') }}) do
= _('Delete')
2016-09-13 17:45:13 +05:30
2017-09-10 17:25:29 +05:30
- else
.settings-message.text-center
2023-05-27 22:25:52 +05:30
= _("You don't have any WebAuthn devices registered yet.")
%hr
.row.gl-mt-3
.col-lg-4
%h4.gl-mt-0
= _('Disable two-factor authentication')
%p
= _('Use this section to disable your one-time password authenticator and WebAuthn devices. You can also generate new recovery codes.')
.col-lg-8
- if current_user.two_factor_enabled?
%p
= _('If you lose your recovery codes you can generate new ones, invalidating all previous codes.')
- if @error
= render Pajamas::AlertComponent.new(title: @error[:message],
variant: :danger,
alert_options: { class: 'gl-mb-3' },
dismissible: false) do |c|
= c.body do
= link_to _('Try the troubleshooting steps here.'), help_page_path('user/profile/account/two_factor_authentication.md', anchor: 'troubleshooting'), target: '_blank', rel: 'noopener noreferrer'
.js-manage-two-factor-form{ data: { webauthn_enabled: webauthn_enabled, current_password_required: current_password_required?.to_s, profile_two_factor_auth_path: profile_two_factor_auth_path, profile_two_factor_auth_method: 'delete', codes_profile_two_factor_auth_path: codes_profile_two_factor_auth_path, codes_profile_two_factor_auth_method: 'post' } }
- else
%p
= _("Register a one-time password authenticator or a WebAuthn device first.")
