disable 2FA according to config
2FA is disabled for superadmin unless `SUPER_ADMIN_OTP_ENABLED` is equal to `enabled` (default value)
This commit is contained in:
parent
ef970dbfe5
commit
6af01077b6
3 changed files with 10 additions and 5 deletions
|
@ -27,8 +27,12 @@
|
||||||
class SuperAdmin < ApplicationRecord
|
class SuperAdmin < ApplicationRecord
|
||||||
include PasswordComplexityConcern
|
include PasswordComplexityConcern
|
||||||
|
|
||||||
devise :rememberable, :trackable, :validatable, :lockable, :recoverable,
|
devise :rememberable, :trackable, :validatable, :lockable, :recoverable
|
||||||
:two_factor_authenticatable, :otp_secret_encryption_key => Rails.application.secrets.otp_secret_key
|
if SUPER_ADMIN_OTP_ENABLED
|
||||||
|
devise :two_factor_authenticatable, :otp_secret_encryption_key => Rails.application.secrets.otp_secret_key
|
||||||
|
else
|
||||||
|
devise :database_authenticatable
|
||||||
|
end
|
||||||
|
|
||||||
def enable_otp!
|
def enable_otp!
|
||||||
self.otp_secret = SuperAdmin.generate_otp_secret
|
self.otp_secret = SuperAdmin.generate_otp_secret
|
||||||
|
|
|
@ -12,6 +12,7 @@
|
||||||
= f.label :password, "Mot de passe (#{PASSWORD_MIN_LENGTH} caractères minimum)"
|
= f.label :password, "Mot de passe (#{PASSWORD_MIN_LENGTH} caractères minimum)"
|
||||||
= f.password_field :password, autocomplete: 'current-password'
|
= f.password_field :password, autocomplete: 'current-password'
|
||||||
|
|
||||||
|
- if SUPER_ADMIN_OTP_ENABLED
|
||||||
= f.label :otp_attempt, 'Code OTP (uniquement si vous avez déjà activé 2FA)'
|
= f.label :otp_attempt, 'Code OTP (uniquement si vous avez déjà activé 2FA)'
|
||||||
= f.text_field :otp_attempt
|
= f.text_field :otp_attempt
|
||||||
|
|
||||||
|
|
|
@ -237,7 +237,7 @@ Devise.setup do |config|
|
||||||
# change the failure app, you can configure them inside the config.warden block.
|
# change the failure app, you can configure them inside the config.warden block.
|
||||||
#
|
#
|
||||||
config.warden do |manager|
|
config.warden do |manager|
|
||||||
manager.default_strategies(:scope => :administration).unshift :two_factor_authenticatable
|
manager.default_strategies(:scope => :administration).unshift :two_factor_authenticatable if SUPER_ADMIN_OTP_ENABLED
|
||||||
end
|
end
|
||||||
|
|
||||||
# ==> Mountable engine configurations
|
# ==> Mountable engine configurations
|
||||||
|
|
Loading…
Reference in a new issue