enable 2FA for manager

when trying to access manager, if superadmin did'nt enable otp, he/she is redirected to a page to enable 2FA. When superadmin is enabling 2FA, he has to to scan a qrcode with the 2FA application client. And afterwards, the superadmin has to log in with email, password and OTP code.
2020-11-04 16:35:15 +01:00 · 2020-11-04 16:35:15 +01:00 · 2a0ebd062a
commit 2a0ebd062a
parent 3fdb045356
14 changed files with 141 additions and 20 deletions
--- a/app/controllers/manager/application_controller.rb
+++ b/app/controllers/manager/application_controller.rb
@ -13,8 +13,10 @@ module Manager
    protected

    def authenticate_administration!
-      if administration_signed_in?
+      if administration_signed_in? && current_administration.otp_required_for_login?
        super
+      elsif administration_signed_in?
+        redirect_to edit_administration_otp_path
      else
        redirect_to manager_sign_in_path
      end