enable 2FA for manager
when trying to access manager, if superadmin did'nt enable otp, he/she is redirected to a page to enable 2FA. When superadmin is enabling 2FA, he has to to scan a qrcode with the 2FA application client. And afterwards, the superadmin has to log in with email, password and OTP code.
This commit is contained in:
Christophe Robillard
parent
3fdb045356
commit
2a0ebd062a
14 changed files with 141 additions and 20 deletions
|
|
@ -28,6 +28,24 @@ class Administration < ApplicationRecord
|
|||
devise :rememberable, :trackable, :validatable, :lockable, :async, :recoverable,
|
||||
:two_factor_authenticatable, :otp_secret_encryption_key => ENV['OTP_SECRET_KEY']
|
||||
|
||||
def enable_otp!
|
||||
self.otp_secret = Administration.generate_otp_secret
|
||||
self.otp_required_for_login = true
|
||||
save!
|
||||
end
|
||||
|
||||
def disable_otp!
|
||||
self.assign_attributes(
|
||||
{
|
||||
encrypted_otp_secret: nil,
|
||||
encrypted_otp_secret_iv: nil,
|
||||
encrypted_otp_secret_salt: nil,
|
||||
consumed_timestep: nil,
|
||||
otp_required_for_login: false
|
||||
}
|
||||
)
|
||||
save!
|
||||
end
|
||||
|
||||
def invite_admin(email)
|
||||
user = User.create_or_promote_to_administrateur(email, SecureRandom.hex)
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue