- page_title _('Two-Factor Authentication'), _('Account') - add_to_breadcrumbs(_('Two-Factor Authentication'), profile_account_path) - @content_class = "limit-container-width" unless fluid_layout .js-two-factor-auth{ 'data-two-factor-skippable' => "#{two_factor_skippable?}", 'data-two_factor_skip_url' => skip_profile_two_factor_auth_path } .row.gl-mt-3 .col-lg-4 %h4.gl-mt-0 = _('Register Two-Factor Authenticator') %p = _('Use an one time password authenticator on your mobile device or computer to enable two-factor authentication (2FA).') .col-lg-8 - if current_user.two_factor_otp_enabled? %p = _("You've already enabled two-factor authentication using one time password authenticators. In order to register a different device, you must first disable two-factor authentication.") %p = _('If you lose your recovery codes you can generate new ones, invalidating all previous codes.') %div = link_to _('Disable two-factor authentication'), profile_two_factor_auth_path, method: :delete, data: { confirm: _('Are you sure? This will invalidate your registered applications and U2F devices.') }, class: 'btn btn-danger gl-mr-3' = form_tag codes_profile_two_factor_auth_path, {style: 'display: inline-block', method: :post} do |f| = submit_tag _('Regenerate recovery codes'), class: 'btn' - else %p - help_link_start = '' % { url: help_page_path('user/profile/account/two_factor_authentication') } - register_2fa_token = _('Install a soft token authenticator like %{free_otp_link} or Google Authenticator from your application repository and use that app to scan this QR code. More information is available in the %{help_link_start}documentation%{help_link_end}.') % { free_otp_link:'FreeOTP', help_link_start:help_link_start, help_link_end:'' } = register_2fa_token.html_safe .row.gl-mb-3 .col-md-4 = raw @qr_code .col-md-8 .account-well %p.gl-mt-0.gl-mb-0 = _("Can't scan the code?") %p.gl-mt-0.gl-mb-0 = _('To add the entry manually, provide the following details to the application on your phone.') %p.gl-mt-0.gl-mb-0 = _('Account: %{account}') % { account: @account_string } %p.gl-mt-0.gl-mb-0{ data: { qa_selector: 'otp_secret_content' } } = _('Key: %{key}') %{ key: current_user.otp_secret.scan(/.{4}/).join(' ') } %p.two-factor-new-manual-content = _('Time based: Yes') = form_tag profile_two_factor_auth_path, method: :post do |f| - if @error .alert.alert-danger = @error .form-group = label_tag :pin_code, _('Pin code'), class: "label-bold" = text_field_tag :pin_code, nil, class: "form-control", required: true, data: { qa_selector: 'pin_code_field' } .gl-mt-3 = submit_tag _('Register with two-factor app'), class: 'btn btn-success', data: { qa_selector: 'register_2fa_app_button' } %hr .row.gl-mt-3 .col-lg-4 %h4.gl-mt-0 = _('Register Universal Two-Factor (U2F) Device') %p = _('Use a hardware device to add the second factor of authentication.') %p = _("As U2F devices are only supported by a few browsers, we require that you set up a two-factor authentication app before a U2F device. That way you'll always be able to log in - even when you're using an unsupported browser.") .col-lg-8 - if @u2f_registration.errors.present? = form_errors(@u2f_registration) = render "u2f/register" %hr %h5 = _('U2F Devices (%{length})') % { length: @u2f_registrations.length } - if @u2f_registrations.present? .table-responsive %table.table.table-bordered.u2f-registrations %colgroup %col{ width: "50%" } %col{ width: "30%" } %col{ width: "20%" } %thead %tr %th= _('Name') %th= s_('2FADevice|Registered On') %th %tbody - @u2f_registrations.each do |registration| %tr %td= registration.name.presence || html_escape_once(_("<no name set>")).html_safe %td= registration.created_at.to_date.to_s(:medium) %td= link_to _('Delete'), profile_u2f_registration_path(registration), method: :delete, class: "btn btn-danger float-right", data: { confirm: _('Are you sure you want to delete this device? This action cannot be undone.') } - else .settings-message.text-center = _("You don't have any U2F devices registered yet.")