mirror of
https://github.com/mastodon/mastodon.git
synced 2025-09-07 10:22:48 +00:00
Merge 8902ba1fd5 into 14cb5ff881
This commit is contained in:
Nicolas Temciuc
GitHub
commit
f52c9ac0cf
|
|
@ -20,6 +20,12 @@ module Settings
|
|||
redirect_to new_settings_two_factor_authentication_confirmation_path
|
||||
end
|
||||
|
||||
def destroy
|
||||
current_user.disable_otp_login!
|
||||
|
||||
redirect_to settings_two_factor_authentication_methods_path
|
||||
end
|
||||
|
||||
private
|
||||
|
||||
def verify_otp_not_enabled
|
||||
|
|
|
|||
|
|
@ -6,7 +6,6 @@ module Settings
|
|||
skip_before_action :check_self_destruct!
|
||||
skip_before_action :require_functional!
|
||||
|
||||
before_action :redirect_invalid_otp, unless: -> { current_user.otp_enabled? }
|
||||
before_action :redirect_invalid_webauthn, only: [:index, :destroy], unless: -> { current_user.webauthn_enabled? }
|
||||
|
||||
def index; end
|
||||
|
|
@ -85,10 +84,6 @@ module Settings
|
|||
|
||||
private
|
||||
|
||||
def redirect_invalid_otp
|
||||
redirect_to settings_two_factor_authentication_methods_path, flash: { error: t('webauthn_credentials.otp_required') }
|
||||
end
|
||||
|
||||
def redirect_invalid_webauthn
|
||||
redirect_to settings_two_factor_authentication_methods_path, flash: { error: t('webauthn_credentials.not_enabled') }
|
||||
end
|
||||
|
|
|
|||
|
|
@ -8,7 +8,7 @@ module Settings
|
|||
skip_before_action :require_functional!
|
||||
|
||||
before_action :require_challenge!, only: :disable
|
||||
before_action :require_otp_enabled
|
||||
before_action :require_two_factor_enabled, only: :disable
|
||||
|
||||
def index; end
|
||||
|
||||
|
|
@ -16,13 +16,13 @@ module Settings
|
|||
current_user.disable_two_factor!
|
||||
UserMailer.two_factor_disabled(current_user).deliver_later!
|
||||
|
||||
redirect_to settings_otp_authentication_path, flash: { notice: I18n.t('two_factor_authentication.disabled_success') }
|
||||
redirect_to settings_two_factor_authentication_methods_path, flash: { notice: I18n.t('two_factor_authentication.disabled_success') }
|
||||
end
|
||||
|
||||
private
|
||||
|
||||
def require_otp_enabled
|
||||
redirect_to settings_otp_authentication_path unless current_user.otp_enabled?
|
||||
def require_two_factor_enabled
|
||||
redirect_to settings_otp_authentication_path unless current_user.two_factor_enabled?
|
||||
end
|
||||
end
|
||||
end
|
||||
|
|
|
|||
|
|
@ -262,6 +262,15 @@ class User < ApplicationRecord
|
|||
otp_required_for_login? || webauthn_credentials.any?
|
||||
end
|
||||
|
||||
def disable_otp_login!
|
||||
return unless otp_required_for_login?
|
||||
|
||||
self.otp_required_for_login = false
|
||||
self.otp_secret = nil
|
||||
|
||||
save!
|
||||
end
|
||||
|
||||
def disable_two_factor!
|
||||
self.otp_required_for_login = false
|
||||
self.otp_secret = nil
|
||||
|
|
|
|||
|
|
@ -1,6 +1,7 @@
|
|||
- content_for :page_title do
|
||||
= t('settings.two_factor_authentication')
|
||||
|
||||
- if current_user.two_factor_enabled?
|
||||
- content_for :heading_actions do
|
||||
= link_to t('two_factor_authentication.disable'), disable_settings_two_factor_authentication_methods_path, class: 'button button--destructive', method: :post
|
||||
|
||||
|
|
@ -19,8 +20,13 @@
|
|||
%tbody
|
||||
%tr
|
||||
%td= t('two_factor_authentication.otp')
|
||||
- if current_user.otp_enabled?
|
||||
%td
|
||||
= table_link_to 'edit', t('two_factor_authentication.edit'), settings_otp_authentication_path, method: :post
|
||||
= table_link_to 'edit', t('two_factor_authentication.edit'), settings_otp_authentication_path, method: :get
|
||||
= table_link_to 'delete', t('otp_authentication.delete'), settings_otp_authentication_path, method: :delete, data: { confirm: t('otp_authentication.delete_confirmation') }
|
||||
- else
|
||||
%td
|
||||
= table_link_to 'add', t('two_factor_authentication.add'), settings_otp_authentication_path, method: :get
|
||||
%tr
|
||||
%td= t('two_factor_authentication.webauthn')
|
||||
- if current_user.webauthn_enabled?
|
||||
|
|
@ -30,6 +36,7 @@
|
|||
%td
|
||||
= table_link_to 'key', t('two_factor_authentication.add'), new_settings_webauthn_credential_path, method: :get
|
||||
|
||||
- if current_user.otp_enabled?
|
||||
%hr.spacer/
|
||||
|
||||
%h3= t('two_factor_authentication.recovery_codes')
|
||||
|
|
|
|||
|
|
@ -1554,5 +1554,4 @@ an:
|
|||
nickname_hint: Escriba la embotada d'a suya nueva clau de seguranza
|
||||
not_enabled: Encara no has activau WebAuthn
|
||||
not_supported: Este navegador no suporta claus de seguranza
|
||||
otp_required: Pa usar claus de seguranza, per favor habilite primero l'autenticación de dople factor.
|
||||
registered_on: Rechistrau lo %{date}
|
||||
|
|
|
|||
|
|
@ -2279,5 +2279,4 @@ ar:
|
|||
nickname_hint: أدخل اسم مستعار لمفتاح الأمان الجديد الخاص بك
|
||||
not_enabled: لم تقم بتفعيل WebAuthn بعد
|
||||
not_supported: هذا المتصفح لا يدعم مفاتيح الأمان
|
||||
otp_required: لاستخدام مفاتيح الأمان، يرجى تفعيل الاستيثاق بعامِلين أولاً.
|
||||
registered_on: تم التسجيل في %{date}
|
||||
|
|
|
|||
|
|
@ -898,4 +898,3 @@ ast:
|
|||
invalid_credential: La llave de seguranza nun ye válida
|
||||
not_enabled: Nun activesti la función WebAuthn
|
||||
not_supported: Esti restolador nun ye compatible coles llaves de seguranza
|
||||
otp_required: Pa usar les llaves de seguranza, activa primero l'autenticación en dos pasos.
|
||||
|
|
|
|||
|
|
@ -2236,5 +2236,4 @@ be:
|
|||
nickname_hint: Увядзіце псеўданім вашага новага ключа бяспекі
|
||||
not_enabled: Вы яшчэ не ўключылі WebAuthn
|
||||
not_supported: Гэты браўзер не падтрымлівае ключы бяспекі
|
||||
otp_required: Каб выкарыстоўваць ключы бяспекі, спачатку ўключыце двухфактарную аўтэнтыфікацыю.
|
||||
registered_on: Зарэгістраваны %{date}
|
||||
|
|
|
|||
|
|
@ -2119,5 +2119,4 @@ bg:
|
|||
nickname_hint: Въведете прякор на новия си ключ за сигурност
|
||||
not_enabled: Още не сте включили WebAuthn
|
||||
not_supported: Този браузър не поддържа ключове за сигурност
|
||||
otp_required: Първо включете двуфакторното удостоверяване, за да използвате ключовете за сигурност.
|
||||
registered_on: Регистрирано на %{date}
|
||||
|
|
|
|||
|
|
@ -632,5 +632,4 @@ br:
|
|||
nickname_hint: Skrivit lesanv hoc'h alc'hwez surentez nevez
|
||||
not_enabled: WebAuthn n'eo ket aotreet ganeoc'h c'hoazh
|
||||
not_supported: Alc'hwezioù surentez a zo diembreg gant ar merdeer-se
|
||||
otp_required: Evit implijout alc'hwezioù surentez, aotrit dilesadur dre eil-elfenn da gentañ.
|
||||
registered_on: Enrollet d'ar %{date}
|
||||
|
|
|
|||
|
|
@ -2118,5 +2118,4 @@ ca:
|
|||
nickname_hint: Introdueix el sobrenom de la teva clau de seguretat nova
|
||||
not_enabled: Encara no has activat WebAuthn
|
||||
not_supported: Aquest navegador no suporta claus de seguretat
|
||||
otp_required: Per a usar claus de seguretat, activeu primer l'autenticació de dos factors.
|
||||
registered_on: Registrat en %{date}
|
||||
|
|
|
|||
|
|
@ -1007,5 +1007,4 @@ ckb:
|
|||
nickname_hint: نازناوی کلیلی ئاسایشی نوێت تێبنووسە
|
||||
not_enabled: تۆ هێشتا WebAuthnت چالاک نەکردووە
|
||||
not_supported: ئەم وێبگەڕە پشتگیری کلیلەکانی پاراستن ناکات
|
||||
otp_required: بۆ بەکارهێنانی کلیلەکانی پاراستن تکایە سەرەتا سەلماندنی دوو-فاکتەر چالاک بکە.
|
||||
registered_on: تۆمارکراو لە %{date}
|
||||
|
|
|
|||
|
|
@ -1021,5 +1021,4 @@ co:
|
|||
nickname_hint: Entrate u nome di a vostra nova chjave di sicurità
|
||||
not_enabled: Ùn avete micca attivatu WebAuthn
|
||||
not_supported: E chjave di sicurità ùn marchjanu micca cù quessu navigatore
|
||||
otp_required: Per utilizà una chjave di sicurità duvete attivà l'identificazione à dui fattori prima.
|
||||
registered_on: Arregistrata %{date}
|
||||
|
|
|
|||
|
|
@ -2236,5 +2236,4 @@ cs:
|
|||
nickname_hint: Zadejte přezdívku nového bezpečnostního klíče
|
||||
not_enabled: Zatím jste nepovolili WebAuthn
|
||||
not_supported: Tento prohlížeč nepodporuje bezpečnostní klíče
|
||||
otp_required: Pro použití bezpečnostních klíčů prosím nejprve zapněte dvoufázové ověřování.
|
||||
registered_on: Přidán %{date}
|
||||
|
|
|
|||
|
|
@ -2320,5 +2320,4 @@ cy:
|
|||
nickname_hint: Rhowch lysenw eich allwedd ddiogelwch newydd
|
||||
not_enabled: Nid ydych wedi galluogi WebAuthn eto
|
||||
not_supported: Nid yw'r porwr hwn yn cynnal allweddi diogelwch
|
||||
otp_required: I ddefnyddio allweddi diogelwch, galluogwch ddilysu dau ffactor yn gyntaf.
|
||||
registered_on: Cofrestrwyd ar %{date}
|
||||
|
|
|
|||
|
|
@ -2148,5 +2148,4 @@ da:
|
|||
nickname_hint: Angiv kaldenavnet på din nye sikkerhedsnøgle
|
||||
not_enabled: Du har endnu ikke aktiveret WebAuthn
|
||||
not_supported: Denne browser understøtter ikke sikkerhedsnøgler
|
||||
otp_required: For at bruge sikkerhedsnøgler skal tofaktorgodkendelse først aktiveres.
|
||||
registered_on: Registreret d. %{date}
|
||||
|
|
|
|||
|
|
@ -2148,5 +2148,4 @@ de:
|
|||
nickname_hint: Gib den Spitznamen deines neuen Sicherheitsschlüssels ein
|
||||
not_enabled: Du hast WebAuthn noch nicht aktiviert
|
||||
not_supported: Dieser Browser unterstützt keine Sicherheitsschlüssel
|
||||
otp_required: Um Sicherheitsschlüssel zu verwenden, aktiviere zunächst die Zwei-Faktor-Authentisierung.
|
||||
registered_on: Registriert am %{date}
|
||||
|
|
|
|||
|
|
@ -2138,5 +2138,4 @@ el:
|
|||
nickname_hint: Βάλε το ψευδώνυμο του νέου κλειδιού ασφαλείας σου
|
||||
not_enabled: Δεν έχεις ενεργοποιήσει το WebAuthn ακόμα
|
||||
not_supported: Αυτό το πρόγραμμα περιήγησης δεν υποστηρίζει κλειδιά ασφαλείας
|
||||
otp_required: Για να χρησιμοποιήσεις κλειδιά ασφαλείας, ενεργοποίησε πρώτα την ταυτοποίηση δύο παραγόντων.
|
||||
registered_on: Εγγραφή στις %{date}
|
||||
|
|
|
|||
|
|
@ -2107,5 +2107,4 @@ en-GB:
|
|||
nickname_hint: Enter the nickname of your new security key
|
||||
not_enabled: You haven't enabled WebAuthn yet
|
||||
not_supported: This browser doesn't support security keys
|
||||
otp_required: To use security keys please enable two-factor authentication first.
|
||||
registered_on: Registered on %{date}
|
||||
|
|
|
|||
|
|
@ -1716,6 +1716,8 @@ en:
|
|||
unit: ''
|
||||
otp_authentication:
|
||||
code_hint: Enter the code generated by your authenticator app to confirm
|
||||
delete: Delete
|
||||
delete_confirmation: Are you sure you want to delete your authenticator app from your two-factor authentication methods?
|
||||
description_html: If you enable <strong>two-factor authentication</strong> using an authenticator app, logging in will require you to be in possession of your phone, which will generate tokens for you to enter.
|
||||
enable: Enable
|
||||
instructions_html: "<strong>Scan this QR code into Google Authenticator or a similar TOTP app on your phone</strong>. From now on, that app will generate tokens that you will have to enter when logging in."
|
||||
|
|
@ -2149,5 +2151,4 @@ en:
|
|||
nickname_hint: Enter the nickname of your new security key
|
||||
not_enabled: You haven't enabled WebAuthn yet
|
||||
not_supported: This browser doesn't support security keys
|
||||
otp_required: To use security keys please enable two-factor authentication first.
|
||||
registered_on: Registered on %{date}
|
||||
|
|
|
|||
|
|
@ -2119,5 +2119,4 @@ eo:
|
|||
nickname_hint: Enigu alinomon de via nova sekurecŝlosilo
|
||||
not_enabled: Vi ankoraŭ ne ŝaltis WebAuth
|
||||
not_supported: Ĉi tiu legilo ne povas uzi sekurecŝlosilojn
|
||||
otp_required: Por uzi sekurecŝlosilojn, ebligu 2-faktoran autentigon unue.
|
||||
registered_on: Registrita je %{date}
|
||||
|
|
|
|||
|
|
@ -2148,5 +2148,4 @@ es-AR:
|
|||
nickname_hint: Ingresá el apodo de tu nueva llave de seguridad
|
||||
not_enabled: Todavía no habilitaste WebAuthn
|
||||
not_supported: Este navegador web no soporta llaves de seguridad
|
||||
otp_required: Para usar llaves de seguridad, por favor, primero habilitá la autenticación de dos factores.
|
||||
registered_on: Registrado el %{date}
|
||||
|
|
|
|||
|
|
@ -2148,5 +2148,4 @@ es-MX:
|
|||
nickname_hint: Introduzca el apodo de su nueva clave de seguridad
|
||||
not_enabled: Aún no has activado WebAuthn
|
||||
not_supported: Este navegador no soporta claves de seguridad
|
||||
otp_required: Para usar claves de seguridad, por favor habilite primero la autenticación de doble factor.
|
||||
registered_on: Registrado el %{date}
|
||||
|
|
|
|||
|
|
@ -2148,5 +2148,4 @@ es:
|
|||
nickname_hint: Introduzca el apodo de su nueva clave de seguridad
|
||||
not_enabled: Aún no has activado WebAuthn
|
||||
not_supported: Este navegador no soporta claves de seguridad
|
||||
otp_required: Para usar claves de seguridad, por favor habilite primero la autenticación de doble factor.
|
||||
registered_on: Registrado el %{date}
|
||||
|
|
|
|||
|
|
@ -2150,5 +2150,4 @@ et:
|
|||
nickname_hint: Uue turvavõtme hüüdnimi
|
||||
not_enabled: Veebiautentimine pole sisse lülitatud
|
||||
not_supported: See veebilehitseja ei toeta turvavõtmeid
|
||||
otp_required: Turvavõtmete kasutamiseks tuleb eelnevalt sisse lülitada kaheastmeline autentimine.
|
||||
registered_on: Registreeritud %{date}
|
||||
|
|
|
|||
|
|
@ -1955,5 +1955,4 @@ eu:
|
|||
nickname_hint: Sartu zure segurtasun gako berriaren ezizena
|
||||
not_enabled: Ez duzu WebAuthn gaitu oraindik
|
||||
not_supported: Nabigatzaile honek ez ditu segurtasun gakoak onartzen
|
||||
otp_required: Segurtasun gakoak erabili aurretik bi faktoreko autentifikazioa gaitu behar duzu.
|
||||
registered_on: "%{date}(e)an erregistratua"
|
||||
|
|
|
|||
|
|
@ -2137,5 +2137,4 @@ fa:
|
|||
nickname_hint: نام مستعار کلید امنیتی جدیدتان را وارد کنید
|
||||
not_enabled: شما هنوز WebAuthn را فعال نکردهاید
|
||||
not_supported: این مرورگر از کلیدهای امنیتی پشتیبانی نمیکند
|
||||
otp_required: برای استفاده از کلیدهای امنیتی، لطفاً ابتدا تأیید هویت دو عاملی را به کار بیندازید.
|
||||
registered_on: ثبتشده در %{date}
|
||||
|
|
|
|||
|
|
@ -2148,5 +2148,4 @@ fi:
|
|||
nickname_hint: Anna uuden suojausaivaimesi lempinimi
|
||||
not_enabled: Et ole vielä ottanut WebAuthn-ohjelmaa käyttöön
|
||||
not_supported: Tämä selain ei tue suojausavaimia
|
||||
otp_required: Jos haluat käyttää suojausavaimia, ota ensin kaksivaiheinen todennus käyttöön.
|
||||
registered_on: Rekisteröity %{date}
|
||||
|
|
|
|||
|
|
@ -2148,5 +2148,4 @@ fo:
|
|||
nickname_hint: Skriva eyknevni á tínum nýggja trygdarlykli
|
||||
not_enabled: Tú hevur ikki gjørt WebAuthn virkið enn
|
||||
not_supported: Hesin kagin stuðlar ikki uppundir trygdarlyklar
|
||||
otp_required: Fyri at brúka trygdarlyklar er neyðugt at gera váttan í tveimum stigum virkna fyrst.
|
||||
registered_on: Skrásett %{date}
|
||||
|
|
|
|||
|
|
@ -2078,5 +2078,4 @@ fr-CA:
|
|||
nickname_hint: Entrez le surnom de votre nouvelle clé de sécurité
|
||||
not_enabled: Vous n'avez pas encore activé WebAuthn
|
||||
not_supported: Ce navigateur ne prend pas en charge les clés de sécurité
|
||||
otp_required: Pour utiliser les clés de sécurité, veuillez d'abord activer l'authentification à deux facteurs.
|
||||
registered_on: Inscrit le %{date}
|
||||
|
|
|
|||
|
|
@ -2078,5 +2078,4 @@ fr:
|
|||
nickname_hint: Entrez le surnom de votre nouvelle clé de sécurité
|
||||
not_enabled: Vous n'avez pas encore activé WebAuthn
|
||||
not_supported: Ce navigateur ne prend pas en charge les clés de sécurité
|
||||
otp_required: Pour utiliser les clés de sécurité, veuillez d'abord activer l'authentification à deux facteurs.
|
||||
registered_on: Inscrit le %{date}
|
||||
|
|
|
|||
|
|
@ -2133,5 +2133,4 @@ fy:
|
|||
nickname_hint: Fier de bynamme yn fan jo nije befeiligingskaai
|
||||
not_enabled: Jo hawwe WebAuthn noch net ynskeakele
|
||||
not_supported: Dizze browser stipet gjin befeiligingskaaien
|
||||
otp_required: Om befeiligingskaaien brûke te kinnen, moatte jo earst twa-stapsferifikaasje ynskeakelje.
|
||||
registered_on: Registrearre op %{date}
|
||||
|
|
|
|||
|
|
@ -2277,5 +2277,4 @@ ga:
|
|||
nickname_hint: Cuir isteach leasainm d'eochair shlándála nua
|
||||
not_enabled: Níl WebAuthn cumasaithe agat fós
|
||||
not_supported: Ní thacaíonn an brabhsálaí seo le heochracha slándála
|
||||
otp_required: Chun eochracha slándála a úsáid cumasaigh fíordheimhniú dhá fhachtóir ar dtús.
|
||||
registered_on: Cláraithe ar %{date}
|
||||
|
|
|
|||
|
|
@ -2191,5 +2191,4 @@ gd:
|
|||
nickname_hint: Cuir a-steach far-ainm na h-iuchrach tèarainteachd ùir agad
|
||||
not_enabled: Cha do chuir thu WebAuthn an comas fhathast
|
||||
not_supported: Cha chuir am brabhsair seo taic ri iuchraichean tèarainteachd
|
||||
otp_required: Mus cleachd thu iuchraichean tèarainteachd, feumaidh tu an dearbhadh dà-cheumnach a chur an comas.
|
||||
registered_on: Air a chlàradh %{date}
|
||||
|
|
|
|||
|
|
@ -2148,5 +2148,4 @@ gl:
|
|||
nickname_hint: Escribe un alcume para a túa nova chave de seguridade
|
||||
not_enabled: Aínda non tes activado WebAuthn
|
||||
not_supported: Este navegador non ten soporte para chaves de seguridade
|
||||
otp_required: Para usar chaves de seguridade tes que activar primeiro o segundo factor.
|
||||
registered_on: Rexistrado o %{date}
|
||||
|
|
|
|||
|
|
@ -2236,5 +2236,4 @@ he:
|
|||
nickname_hint: הכנס.י כינוי למפתח האבטחה החדש שלך
|
||||
not_enabled: לא אפשרת את WebAuthn עדיין
|
||||
not_supported: דפדפן זה לא תומך במפתחות אבטחה
|
||||
otp_required: על מנת להשתמש במפתחות אבטחה אנא אפשר.י אימות דו-שלבי קודם.
|
||||
registered_on: נרשם ב %{date}
|
||||
|
|
|
|||
|
|
@ -2148,5 +2148,4 @@ hu:
|
|||
nickname_hint: Írd be az új biztonsági kulcsod becenevét
|
||||
not_enabled: Még nem engedélyezted a WebAuthn-t
|
||||
not_supported: Ez a böngésző nem támogatja a biztonsági kulcsokat
|
||||
otp_required: A biztonsági kulcsok használatához először engedélyezd a kétlépcsős hitelesítést.
|
||||
registered_on: 'Regisztráció ekkor: %{date}'
|
||||
|
|
|
|||
|
|
@ -2145,5 +2145,4 @@ ia:
|
|||
nickname_hint: Insere le pseudonymo de tu nove clave de securitate
|
||||
not_enabled: Tu ancora non ha activate WebAuthn
|
||||
not_supported: Iste navigator non supporta claves de securitate
|
||||
otp_required: Pro usar le claves de securitate activa prime le authentication de duo factores.
|
||||
registered_on: Inscribite le %{date}
|
||||
|
|
|
|||
|
|
@ -1523,5 +1523,4 @@ id:
|
|||
nickname_hint: Masukkan panggilan kunci keamanan baru Anda
|
||||
not_enabled: Anda belum mengaktifkan WebAuthn
|
||||
not_supported: Peramban ini tidak mendukung kunci keamanan
|
||||
otp_required: Untuk menggunakan kunci keamanan harap aktifkan autentikasi dua-faktor.
|
||||
registered_on: Terdaftar pada %{date}
|
||||
|
|
|
|||
|
|
@ -1827,5 +1827,4 @@ ie:
|
|||
nickname_hint: Scrir li moc-nómine de tui nov clave de securitá
|
||||
not_enabled: Tu ancor ne ha possibilisat WebAuthn
|
||||
not_supported: Ti-ci navigator ne subtene claves de securitá
|
||||
otp_required: Por usar claves de securitá, ples activisar 2-factor autentication.
|
||||
registered_on: Adheret ye %{date}
|
||||
|
|
|
|||
|
|
@ -1899,5 +1899,4 @@ io:
|
|||
nickname_hint: Insertez nometo di vua nova sekuresklefo
|
||||
not_enabled: Vu ne ebligis WebAuthn til nun
|
||||
not_supported: Ca vidilo ne suportas sekuresklefi
|
||||
otp_required: Por uzar sekuresklefi, ebligez dufaktora yurizo unesme.
|
||||
registered_on: Registris ye %{date}
|
||||
|
|
|
|||
|
|
@ -2152,5 +2152,4 @@ is:
|
|||
nickname_hint: Settu inn stuttnefni fyrir nýja öryggislykilinn þinn
|
||||
not_enabled: Þú hefur ennþá ekki virkjað WebAuthn
|
||||
not_supported: Þessi vafri styður ekki öryggislykla
|
||||
otp_required: Til að nota öryggislykla skaltu fyrst virkja tveggja-þátta auðkenningu.
|
||||
registered_on: Skráði sig %{date}
|
||||
|
|
|
|||
|
|
@ -2150,5 +2150,4 @@ it:
|
|||
nickname_hint: Inserisci il soprannome della tua nuova chiave di sicurezza
|
||||
not_enabled: Non hai ancora abilitato WebAuthn
|
||||
not_supported: Questo browser non supporta le chiavi di sicurezza
|
||||
otp_required: Per utilizzare le chiavi di sicurezza, prima abilita l'autenticazione a due fattori.
|
||||
registered_on: Registrato il %{date}
|
||||
|
|
|
|||
|
|
@ -2052,5 +2052,4 @@ ja:
|
|||
nickname_hint: セキュリティキーの名前を入力してください
|
||||
not_enabled: まだセキュリティキーを有効にしていません
|
||||
not_supported: このブラウザはセキュリティキーに対応していないようです
|
||||
otp_required: セキュリティキーを使用するには、まず二要素認証を有効にしてください。
|
||||
registered_on: "%{date}に登録"
|
||||
|
|
|
|||
|
|
@ -2103,5 +2103,4 @@ ko:
|
|||
nickname_hint: 새 보안 키의 별명을 입력해 주세요
|
||||
not_enabled: 아직 WebAuthn을 활성화 하지 않았습니다.
|
||||
not_supported: 이 브라우저는 보안 키를 지원하지 않습니다
|
||||
otp_required: 보안 키를 사용하기 위해서는 2단계 인증을 먼저 활성화 해 주세요
|
||||
registered_on: "%{date}에 등록됨"
|
||||
|
|
|
|||
|
|
@ -1549,5 +1549,4 @@ ku:
|
|||
nickname_hint: Bernavka kilîda te ya ewlehiyê a nû têkevê
|
||||
not_enabled: Te hê WebAuthn çalak nekiriye
|
||||
not_supported: Ev gerok piştgiriya kilîtên ewlehiyê nakê
|
||||
otp_required: Ji bo ku tu kilîtên ewlehiyê bikar bînî, ji kerema xwe re pêşî piştrastkirina du-gavî çalak bike.
|
||||
registered_on: Di %{date} dîrokê de tomar bû
|
||||
|
|
|
|||
|
|
@ -1953,5 +1953,4 @@ lad:
|
|||
nickname_hint: Introduska el sovrenombre de tu mueva yave de sigurita
|
||||
not_enabled: Ainda no tienes aktivado WebAuthn
|
||||
not_supported: Este navigador no soporta yaves de sigurita
|
||||
otp_required: Para uzar yaves de sigurita, por favor kapasite primero la autentifikasyon de dos pasos.
|
||||
registered_on: Enrejistrado el %{date}
|
||||
|
|
|
|||
|
|
@ -1359,4 +1359,3 @@ lt:
|
|||
success: Tavo saugumo raktas buvo sėkmingai ištrintas.
|
||||
nickname_hint: Įvesk naujojo saugumo rakto slapyvardį
|
||||
not_enabled: Dar neįjungei WebAuthn
|
||||
otp_required: Norint naudoti saugumo raktus, pirmiausia įjunk dvigubą tapatybės nustatymą.
|
||||
|
|
|
|||
|
|
@ -2128,5 +2128,4 @@ lv:
|
|||
nickname_hint: Ievadi savas jaunās drošības atslēgas segvārdu
|
||||
not_enabled: Tu vel neesi iespējojis WebAuthn
|
||||
not_supported: Šī pārlūkprogramma neatbalsta drošības atslēgas
|
||||
otp_required: Lai izmantotu drošības atslēgas, lūgums vispirms iespējot divpakāpju autentifikāciju.
|
||||
registered_on: Reģistrēts %{date}
|
||||
|
|
|
|||
|
|
@ -1710,5 +1710,4 @@ ms:
|
|||
nickname_hint: Masukkan nama panggilan kunci keselamatan baharu anda
|
||||
not_enabled: Anda belum mendayakan WebAuthn lagi
|
||||
not_supported: Pelayan ini tidak menyokong kunci keselamatan
|
||||
otp_required: Untuk menggunakan kunci keselamatan, sila mengaktifkan pengesahan dua faktor dahulu.
|
||||
registered_on: Didaftar pada %{date}
|
||||
|
|
|
|||
|
|
@ -1701,5 +1701,4 @@ my:
|
|||
nickname_hint: သင့်လုံခြုံရေးကီးအသစ်၏ အမည်ပြောင်ကို ထည့်ပါ။
|
||||
not_enabled: WebAuthn ကို သင် မဖွင့်ရသေးပါ
|
||||
not_supported: ဤဘရောက်ဆာသည် လုံခြုံရေးကီးများကို မပံ့ပိုးပါ
|
||||
otp_required: လုံခြုံရေးကီးများကို အသုံးပြုရန်အတွက် နှစ်ဆင့်ခံလုံခြုံရေးစနစ်စိစစ်ခြင်းကို ဦးစွာဖွင့်ပါ။
|
||||
registered_on: "%{date} တွင် စာရင်းသွင်းထားသည်"
|
||||
|
|
|
|||
|
|
@ -2148,5 +2148,4 @@ nl:
|
|||
nickname_hint: Voer de bijnaam in van jouw nieuwe beveiligingssleutel
|
||||
not_enabled: Je hebt WebAuthn nog niet ingeschakeld
|
||||
not_supported: Deze browser ondersteunt geen beveiligingssleutels
|
||||
otp_required: Om beveiligingssleutels te kunnen gebruiken, moet je eerst tweestapsverificatie inschakelen.
|
||||
registered_on: Geregistreerd op %{date}
|
||||
|
|
|
|||
|
|
@ -2145,5 +2145,4 @@ nn:
|
|||
nickname_hint: Skriv inn kallenavnet til din nye sikkerhetsnøkkel
|
||||
not_enabled: Du har ikke aktivert WebAuthn ennå
|
||||
not_supported: Denne nettleseren støtter ikke sikkerhetsnøkler
|
||||
otp_required: For å bruke sikkerhetsnøkler, må du først aktivere to-faktor autentisering.
|
||||
registered_on: Registrert den %{date}
|
||||
|
|
|
|||
|
|
@ -1821,5 +1821,4 @@
|
|||
nickname_hint: Skriv inn kallenavnet til din nye sikkerhetsnøkkel
|
||||
not_enabled: Du har ikke aktivert WebAuthn ennå
|
||||
not_supported: Denne nettleseren støtter ikke sikkerhetsnøkler
|
||||
otp_required: For å bruke sikkerhetsnøkler, må du først aktivere to-faktor autentisering.
|
||||
registered_on: Registrert den %{date}
|
||||
|
|
|
|||
|
|
@ -2198,5 +2198,4 @@ pl:
|
|||
nickname_hint: Wprowadź nazwę twojego nowego klucza bezpieczeństwa
|
||||
not_enabled: Nie włączyłeś WebAuthn
|
||||
not_supported: Twoja przeglądarka nie obsługuje kluczy bezpieczeństwa
|
||||
otp_required: Aby użyć kluczy bezpieczeństwa, najpierw włącz uwierzytelnianie dwuskładnikowe.
|
||||
registered_on: Zarejestrowano %{date}
|
||||
|
|
|
|||
|
|
@ -2148,5 +2148,4 @@ pt-BR:
|
|||
nickname_hint: Digite o apelido da sua nova chave de segurança
|
||||
not_enabled: Você ainda não habilitou o WebAuthn
|
||||
not_supported: Este navegador não tem suporte a chaves de segurança
|
||||
otp_required: Para usar chaves de segurança, ative a autenticação de dois fatores.
|
||||
registered_on: Registrado em %{date}
|
||||
|
|
|
|||
|
|
@ -2145,5 +2145,4 @@ pt-PT:
|
|||
nickname_hint: Introduz a alcunha da tua nova chave de segurança
|
||||
not_enabled: Ainda não ativaste o WebAuthn
|
||||
not_supported: Este navegador não funciona com chaves de segurança
|
||||
otp_required: Para utilizares chaves de segurança, ativa primeiro a autenticação de dois fatores.
|
||||
registered_on: Registado em %{date}
|
||||
|
|
|
|||
|
|
@ -2192,5 +2192,4 @@ ru:
|
|||
nickname_hint: Введите название для нового электронного ключа
|
||||
not_enabled: Вы еще не включили WebAuthn
|
||||
not_supported: В этом браузере отсутствует поддержка электронных ключей
|
||||
otp_required: Чтобы использовать электронные ключи, сначала включите двухфакторную аутентификацию.
|
||||
registered_on: Зарегистрирован %{date}
|
||||
|
|
|
|||
|
|
@ -1264,5 +1264,4 @@ sc:
|
|||
nickname_hint: Inserta su nomìngiu de sa crae de seguresa tua noa
|
||||
not_enabled: No as ativadu ancora WebAuthn
|
||||
not_supported: Custu navigadore no est cumpatìbile cun is craes de seguresa
|
||||
otp_required: Pro impreare is craes de seguresa depes ativare prima s'autenticatzione in duos passos.
|
||||
registered_on: 'Registratzione: %{date}'
|
||||
|
|
|
|||
|
|
@ -1539,5 +1539,4 @@ sco:
|
|||
nickname_hint: Pit in the nickname o yer new security key
|
||||
not_enabled: Ye huvnae turnt on WebAuthn yit
|
||||
not_supported: This brooser disnae support security keys
|
||||
otp_required: Fir tae uise security keys please turn on twa-factor authentication furst.
|
||||
registered_on: Registert on %{date}
|
||||
|
|
|
|||
|
|
@ -1402,5 +1402,4 @@ si:
|
|||
nickname_hint: ඔබගේ නව ආරක්ෂක යතුරේ අන්වර්ථ නාමය ඇතුළත් කරන්න
|
||||
not_enabled: ඔබ තවමත් WebAuthn සබල කර නැත
|
||||
not_supported: මෙම බ්රවුසරය ආරක්ෂක යතුරු සඳහා සහය නොදක්වයි
|
||||
otp_required: ආරක්ෂක යතුරු භාවිතා කිරීමට කරුණාකර පළමුව ද්වි-සාධක සත්යාපනය සක්රීය කරන්න.
|
||||
registered_on: "%{date} දී ලියාපදිංචි වී ඇත"
|
||||
|
|
|
|||
|
|
@ -2136,5 +2136,4 @@ sl:
|
|||
nickname_hint: Vnesite vzdevek svojega novega varnostnega ključa
|
||||
not_enabled: Niste še omogočili WebAuthn
|
||||
not_supported: Ta brskalnik ne podpira varnostnih ključev
|
||||
otp_required: Za uporabo varnostnih ključev morate najprej omogočiti 2FA (dvostopenjsko overjanje).
|
||||
registered_on: Datum registracije %{date}
|
||||
|
|
|
|||
|
|
@ -2093,5 +2093,4 @@ sq:
|
|||
nickname_hint: Jepni nofkën e kyçit tuaj të ri të sigurisë
|
||||
not_enabled: S’e keni aktivizuar ende WebAuthn-in
|
||||
not_supported: Ky shfletues nuk mbulon kyçe sigurie
|
||||
otp_required: Që të përdoren kyçe sigurie, ju lutemi, së pari aktivizoni mirëfilltësimin dyfaktorësh.
|
||||
registered_on: Regjistruar më %{date}
|
||||
|
|
|
|||
|
|
@ -1861,5 +1861,4 @@ sr-Latn:
|
|||
nickname_hint: Unesite nadimak svog novog sigurnosnog ključa
|
||||
not_enabled: Još uvek niste omogućili WebAuthn
|
||||
not_supported: Ovaj pretraživač ne podržava sigurnosne ključeve
|
||||
otp_required: Da biste koristili sigurnosne ključeve, molimo Vas prvo uključite dvofaktorsku autentifikaciju.
|
||||
registered_on: Registrovan/-a %{date}
|
||||
|
|
|
|||
|
|
@ -1891,5 +1891,4 @@ sr:
|
|||
nickname_hint: Унесите надимак свог новог сигурносног кључа
|
||||
not_enabled: Још увек нисте омогућили WebAuthn
|
||||
not_supported: Овај претраживач не подржава сигурносне кључеве
|
||||
otp_required: Да бисте користили сигурносне кључеве, молимо Вас прво укључите двофакторску аутентификацију.
|
||||
registered_on: Регистрован/-а %{date}
|
||||
|
|
|
|||
|
|
@ -2138,5 +2138,4 @@ sv:
|
|||
nickname_hint: Ange smeknamnet på din nya säkerhetsnyckel
|
||||
not_enabled: Du har inte aktiverat WebAuthn än
|
||||
not_supported: Denna webbläsare stöder inte säkerhetsnycklar
|
||||
otp_required: För att använda säkerhetsnycklar måste du först aktivera tvåfaktorsautentisering.
|
||||
registered_on: Registrerad den %{date}
|
||||
|
|
|
|||
|
|
@ -1993,5 +1993,4 @@ th:
|
|||
nickname_hint: ป้อนชื่อเล่นของกุญแจความปลอดภัยใหม่ของคุณ
|
||||
not_enabled: คุณยังไม่ได้เปิดใช้งาน WebAuthn
|
||||
not_supported: เบราว์เซอร์นี้ไม่รองรับกุญแจความปลอดภัย
|
||||
otp_required: เพื่อใช้กุญแจความปลอดภัย โปรดเปิดใช้งานการรับรองความถูกต้องด้วยสองปัจจัยก่อน
|
||||
registered_on: ลงทะเบียนเมื่อ %{date}
|
||||
|
|
|
|||
|
|
@ -2145,5 +2145,4 @@ tr:
|
|||
nickname_hint: Yeni güvenlik anahtarınızın takma adını girin
|
||||
not_enabled: Henüz WebAuthn'u etkinleştirmediniz
|
||||
not_supported: Bu tarayıcı güvenlik anahtarlarını desteklemiyor
|
||||
otp_required: Güvenlik anahtarlarını kullanmak için lütfen önce iki adımlı kimlik doğrulamayı etkinleştirin.
|
||||
registered_on: "%{date} tarihinde kaydoldu"
|
||||
|
|
|
|||
|
|
@ -2096,5 +2096,4 @@ uk:
|
|||
nickname_hint: Введіть псевдонім нового ключа безпеки
|
||||
not_enabled: Ви ще не активували WebAuthn
|
||||
not_supported: Цей браузер не підтримує ключі безпеки
|
||||
otp_required: Для використання ключів безпеки, спочатку увімкніть двофакторну аутентифікацію.
|
||||
registered_on: Зареєстровано %{date}
|
||||
|
|
|
|||
|
|
@ -2104,5 +2104,4 @@ vi:
|
|||
nickname_hint: Nhập tên mới cho khóa bảo mật của bạn
|
||||
not_enabled: Bạn chưa kích hoạt WebAuthn
|
||||
not_supported: Trình duyệt của bạn không hỗ trợ khóa bảo mật
|
||||
otp_required: Để dùng khóa bảo mật, trước tiên hãy kích hoạt xác thực 2 bước.
|
||||
registered_on: Đăng ký vào %{date}
|
||||
|
|
|
|||
|
|
@ -2104,5 +2104,4 @@ zh-CN:
|
|||
nickname_hint: 输入你的新安全密钥的昵称
|
||||
not_enabled: 你尚未启用WebAuthn
|
||||
not_supported: 此浏览器不支持安全密钥
|
||||
otp_required: 要使用安全密钥,请先启用双因素认证。
|
||||
registered_on: 注册于 %{date}
|
||||
|
|
|
|||
|
|
@ -1841,5 +1841,4 @@ zh-HK:
|
|||
nickname_hint: 請為你的安全密鑰裝置命名
|
||||
not_enabled: 你還未啟用 WebAuthn
|
||||
not_supported: 這個瀏覽器並不支援安全密鑰裝置
|
||||
otp_required: 請開啟雙重認證以使用安全密鑰裝置
|
||||
registered_on: 在 %{date} 注冊
|
||||
|
|
|
|||
|
|
@ -2110,5 +2110,4 @@ zh-TW:
|
|||
nickname_hint: 輸入您新安全金鑰的暱稱
|
||||
not_enabled: 您尚未啟用 WebAuthn
|
||||
not_supported: 此瀏覽器並不支援安全金鑰
|
||||
otp_required: 請先啟用兩階段驗證以使用安全金鑰。
|
||||
registered_on: 註冊於 %{date}
|
||||
|
|
|
|||
|
|
@ -39,7 +39,7 @@ namespace :settings do
|
|||
end
|
||||
|
||||
scope module: :two_factor_authentication do
|
||||
resource :otp_authentication, only: [:show, :create], controller: :otp_authentication
|
||||
resource :otp_authentication, only: [:show, :create, :destroy], controller: :otp_authentication
|
||||
|
||||
resources :webauthn_credentials, only: [:index, :new, :create, :destroy], path: 'security_keys' do
|
||||
collection do
|
||||
|
|
|
|||
|
|
@ -349,9 +349,9 @@ RSpec.describe Auth::SessionsController do
|
|||
end
|
||||
end
|
||||
|
||||
context 'with WebAuthn and OTP enabled as second factor' do
|
||||
context 'with WebAuthn enabled as second factor' do
|
||||
let!(:user) do
|
||||
Fabricate(:user, email: 'x@y.com', password: 'abcdefgh', otp_required_for_login: true, otp_secret: User.generate_otp_secret)
|
||||
Fabricate(:user, email: 'x@y.com', password: 'abcdefgh')
|
||||
end
|
||||
|
||||
let!(:webauthn_credential) do
|
||||
|
|
|
|||
|
|
@ -96,4 +96,26 @@ RSpec.describe Settings::TwoFactorAuthentication::OtpAuthenticationController do
|
|||
end
|
||||
end
|
||||
end
|
||||
|
||||
describe 'GET #destroy' do
|
||||
context 'when signed in' do
|
||||
before do
|
||||
sign_in user, scope: :user
|
||||
end
|
||||
|
||||
it 'redirects to two factor authentication methods list page' do
|
||||
delete :destroy
|
||||
|
||||
expect(response).to redirect_to settings_two_factor_authentication_methods_path
|
||||
end
|
||||
end
|
||||
|
||||
context 'when not signed in' do
|
||||
it 'redirects to login' do
|
||||
delete :destroy
|
||||
|
||||
expect(response).to redirect_to new_user_session_path
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
||||
|
|
|
|||
|
|
@ -20,31 +20,12 @@ RSpec.describe Settings::TwoFactorAuthentication::WebauthnCredentialsController
|
|||
sign_in user, scope: :user
|
||||
end
|
||||
|
||||
context 'when user has otp enabled' do
|
||||
before do
|
||||
user.update(otp_required_for_login: true)
|
||||
end
|
||||
|
||||
it 'returns http success' do
|
||||
get :new
|
||||
|
||||
expect(response).to have_http_status(200)
|
||||
end
|
||||
end
|
||||
|
||||
context 'when user does not have otp enabled' do
|
||||
before do
|
||||
user.update(otp_required_for_login: false)
|
||||
end
|
||||
|
||||
it 'requires otp enabled first' do
|
||||
get :new
|
||||
|
||||
expect(response).to redirect_to settings_two_factor_authentication_methods_path
|
||||
expect(flash[:error]).to be_present
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
describe 'GET #index' do
|
||||
|
|
@ -53,11 +34,6 @@ RSpec.describe Settings::TwoFactorAuthentication::WebauthnCredentialsController
|
|||
sign_in user, scope: :user
|
||||
end
|
||||
|
||||
context 'when user has otp enabled' do
|
||||
before do
|
||||
user.update(otp_required_for_login: true)
|
||||
end
|
||||
|
||||
context 'when user has webauthn enabled' do
|
||||
before do
|
||||
user.update(webauthn_id: WebAuthn.generate_user_id)
|
||||
|
|
@ -81,20 +57,6 @@ RSpec.describe Settings::TwoFactorAuthentication::WebauthnCredentialsController
|
|||
end
|
||||
end
|
||||
|
||||
context 'when user does not have otp enabled' do
|
||||
before do
|
||||
user.update(otp_required_for_login: false)
|
||||
end
|
||||
|
||||
it 'requires otp enabled first' do
|
||||
get :index
|
||||
|
||||
expect(response).to redirect_to settings_two_factor_authentication_methods_path
|
||||
expect(flash[:error]).to be_present
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
context 'when not signed in' do
|
||||
it 'redirects to login' do
|
||||
delete :index
|
||||
|
|
@ -110,23 +72,30 @@ RSpec.describe Settings::TwoFactorAuthentication::WebauthnCredentialsController
|
|||
sign_in user, scope: :user
|
||||
end
|
||||
|
||||
context 'when user has otp enabled' do
|
||||
before do
|
||||
user.update(otp_required_for_login: true)
|
||||
end
|
||||
|
||||
context 'when user has webauthn enabled' do
|
||||
before do
|
||||
user.update(webauthn_id: WebAuthn.generate_user_id)
|
||||
add_webauthn_credential(user)
|
||||
end
|
||||
|
||||
it 'includes existing credentials in list of excluded credentials', :aggregate_failures do
|
||||
expect { get :options }.to_not change(user, :webauthn_id)
|
||||
it 'returns http success' do
|
||||
get :options
|
||||
|
||||
expect(response).to have_http_status(200)
|
||||
end
|
||||
|
||||
it 'stores the challenge on the session' do
|
||||
get :options
|
||||
|
||||
expect(controller.session[:webauthn_challenge]).to be_present
|
||||
end
|
||||
|
||||
it 'does not change webauthn_id' do
|
||||
expect { get :options }.to_not change(user, :webauthn_id)
|
||||
end
|
||||
|
||||
it 'includes existing credentials in list of excluded credentials' do
|
||||
get :options
|
||||
|
||||
excluded_credentials_ids = response.parsed_body['excludeCredentials'].pluck('id')
|
||||
expect(excluded_credentials_ids).to match_array(user.webauthn_credentials.pluck(:external_id))
|
||||
|
|
@ -134,26 +103,22 @@ RSpec.describe Settings::TwoFactorAuthentication::WebauthnCredentialsController
|
|||
end
|
||||
|
||||
context 'when user does not have webauthn enabled' do
|
||||
it 'stores the challenge on the session and sets user webauthn_id', :aggregate_failures do
|
||||
it 'returns http success' do
|
||||
get :options
|
||||
|
||||
expect(response).to have_http_status(200)
|
||||
expect(controller.session[:webauthn_challenge]).to be_present
|
||||
expect(user.reload.webauthn_id).to be_present
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
context 'when user has not enabled otp' do
|
||||
before do
|
||||
user.update(otp_required_for_login: false)
|
||||
end
|
||||
|
||||
it 'requires otp enabled first' do
|
||||
it 'stores the challenge on the session' do
|
||||
get :options
|
||||
|
||||
expect(response).to redirect_to settings_two_factor_authentication_methods_path
|
||||
expect(flash[:error]).to be_present
|
||||
expect(controller.session[:webauthn_challenge]).to be_present
|
||||
end
|
||||
|
||||
it 'sets user webauthn_id' do
|
||||
get :options
|
||||
|
||||
expect(user.reload.webauthn_id).to be_present
|
||||
end
|
||||
end
|
||||
end
|
||||
|
|
@ -183,29 +148,40 @@ RSpec.describe Settings::TwoFactorAuthentication::WebauthnCredentialsController
|
|||
sign_in user, scope: :user
|
||||
end
|
||||
|
||||
context 'when user has enabled otp' do
|
||||
before do
|
||||
user.update(otp_required_for_login: true)
|
||||
end
|
||||
|
||||
context 'when user has enabled webauthn' do
|
||||
before do
|
||||
user.update(webauthn_id: WebAuthn.generate_user_id)
|
||||
add_webauthn_credential(user)
|
||||
end
|
||||
|
||||
it 'adds a new credential to user credentials and does not change webauthn_id when creation succeeds', :aggregate_failures do
|
||||
context 'when creation succeeds' do
|
||||
it 'returns http success' do
|
||||
controller.session[:webauthn_challenge] = challenge
|
||||
|
||||
post :create, params: { credential: new_webauthn_credential, nickname: nickname }
|
||||
|
||||
expect(response).to have_http_status(200)
|
||||
end
|
||||
|
||||
it 'adds a new credential to user credentials' do
|
||||
controller.session[:webauthn_challenge] = challenge
|
||||
|
||||
expect do
|
||||
post :create, params: { credential: new_webauthn_credential, nickname: nickname }
|
||||
end.to change { user.webauthn_credentials.count }.by(1)
|
||||
.and not_change(user, :webauthn_id)
|
||||
|
||||
expect(response).to have_http_status(200)
|
||||
end
|
||||
|
||||
it 'fails when the nickname is already used' do
|
||||
it 'does not change webauthn_id' do
|
||||
controller.session[:webauthn_challenge] = challenge
|
||||
|
||||
expect do
|
||||
post :create, params: { credential: new_webauthn_credential, nickname: nickname }
|
||||
end.to_not change(user, :webauthn_id)
|
||||
end
|
||||
end
|
||||
|
||||
context 'when the nickname is already used' do
|
||||
it 'fails' do
|
||||
controller.session[:webauthn_challenge] = challenge
|
||||
|
||||
post :create, params: { credential: new_webauthn_credential, nickname: 'USB Key' }
|
||||
|
|
@ -213,14 +189,19 @@ RSpec.describe Settings::TwoFactorAuthentication::WebauthnCredentialsController
|
|||
expect(response).to have_http_status(422)
|
||||
expect(flash[:error]).to be_present
|
||||
end
|
||||
end
|
||||
|
||||
it 'fails when the credential already exists' do
|
||||
context 'when the credential already exists' do
|
||||
before do
|
||||
user2 = Fabricate(:user)
|
||||
public_key_credential = WebAuthn::Credential.from_create(new_webauthn_credential)
|
||||
Fabricate(:webauthn_credential,
|
||||
user_id: Fabricate(:user).id,
|
||||
user_id: user2.id,
|
||||
external_id: public_key_credential.id,
|
||||
public_key: public_key_credential.public_key)
|
||||
end
|
||||
|
||||
it 'fails' do
|
||||
controller.session[:webauthn_challenge] = challenge
|
||||
|
||||
post :create, params: { credential: new_webauthn_credential, nickname: nickname }
|
||||
|
|
@ -230,7 +211,8 @@ RSpec.describe Settings::TwoFactorAuthentication::WebauthnCredentialsController
|
|||
end
|
||||
end
|
||||
|
||||
context 'when user have not enabled webauthn and creation succeeds' do
|
||||
context 'when user have not enabled webauthn' do
|
||||
context 'when creation succeeds' do
|
||||
it 'creates a webauthn credential' do
|
||||
controller.session[:webauthn_challenge] = challenge
|
||||
|
||||
|
|
@ -240,18 +222,6 @@ RSpec.describe Settings::TwoFactorAuthentication::WebauthnCredentialsController
|
|||
end
|
||||
end
|
||||
end
|
||||
|
||||
context 'when user has not enabled otp' do
|
||||
before do
|
||||
user.update(otp_required_for_login: false)
|
||||
end
|
||||
|
||||
it 'requires otp enabled first' do
|
||||
post :create, params: { credential: new_webauthn_credential, nickname: nickname }
|
||||
|
||||
expect(response).to redirect_to settings_two_factor_authentication_methods_path
|
||||
expect(flash[:error]).to be_present
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
|
|
@ -270,25 +240,26 @@ RSpec.describe Settings::TwoFactorAuthentication::WebauthnCredentialsController
|
|||
sign_in user, scope: :user
|
||||
end
|
||||
|
||||
context 'when user has otp enabled' do
|
||||
before do
|
||||
user.update(otp_required_for_login: true)
|
||||
end
|
||||
|
||||
context 'when user has webauthn enabled' do
|
||||
before do
|
||||
user.update(webauthn_id: WebAuthn.generate_user_id)
|
||||
add_webauthn_credential(user)
|
||||
end
|
||||
|
||||
it 'redirects to 2FA methods list and shows flash success and deletes the credential when deletion succeeds', :aggregate_failures do
|
||||
expect do
|
||||
context 'when deletion succeeds' do
|
||||
it 'redirects to 2FA methods list and shows flash success' do
|
||||
delete :destroy, params: { id: user.webauthn_credentials.take.id }
|
||||
end.to change { user.webauthn_credentials.count }.by(-1)
|
||||
|
||||
expect(response).to redirect_to settings_two_factor_authentication_methods_path
|
||||
expect(flash[:success]).to be_present
|
||||
end
|
||||
|
||||
it 'deletes the credential' do
|
||||
expect do
|
||||
delete :destroy, params: { id: user.webauthn_credentials.take.id }
|
||||
end.to change { user.webauthn_credentials.count }.by(-1)
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
context 'when user does not have webauthn enabled' do
|
||||
|
|
@ -301,16 +272,6 @@ RSpec.describe Settings::TwoFactorAuthentication::WebauthnCredentialsController
|
|||
end
|
||||
end
|
||||
|
||||
context 'when user does not have otp enabled' do
|
||||
it 'requires otp enabled first' do
|
||||
delete :destroy, params: { id: '1' }
|
||||
|
||||
expect(response).to redirect_to settings_two_factor_authentication_methods_path
|
||||
expect(flash[:error]).to be_present
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
context 'when not signed in' do
|
||||
it 'redirects to login' do
|
||||
delete :destroy, params: { id: '1' }
|
||||
|
|
|
|||
|
|
@ -235,6 +235,52 @@ RSpec.describe User do
|
|||
end
|
||||
end
|
||||
|
||||
describe '#disable_otp_login!' do
|
||||
describe 'when user has OTP enabled' do
|
||||
let(:user) do
|
||||
Fabricate(
|
||||
:user,
|
||||
otp_required_for_login: true,
|
||||
otp_secret: 'oldotpcode'
|
||||
)
|
||||
end
|
||||
|
||||
it 'saves false for otp_required_for_login' do
|
||||
user.disable_otp_login!
|
||||
|
||||
expect(user.reload.otp_required_for_login).to be false
|
||||
end
|
||||
|
||||
it 'saves nil for otp_secret' do
|
||||
user.disable_otp_login!
|
||||
|
||||
expect(user.reload.otp_secret).to be_nil
|
||||
end
|
||||
end
|
||||
|
||||
describe 'when user does not have OTP enabled' do
|
||||
let(:user) do
|
||||
Fabricate(
|
||||
:user,
|
||||
otp_required_for_login: false,
|
||||
otp_secret: nil
|
||||
)
|
||||
end
|
||||
|
||||
it 'does not change for otp_required_for_login' do
|
||||
user.disable_otp_login!
|
||||
|
||||
expect(user.reload.otp_required_for_login).to be false
|
||||
end
|
||||
|
||||
it 'does not change for otp_secret' do
|
||||
user.disable_otp_login!
|
||||
|
||||
expect(user.reload.otp_secret).to be_nil
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
describe '#disable_two_factor!' do
|
||||
it 'saves false for otp_required_for_login' do
|
||||
user = Fabricate.build(:user, otp_required_for_login: true)
|
||||
|
|
|
|||
|
|
@ -13,23 +13,4 @@ RSpec.describe 'Settings TwoFactorAuthenticationMethods' do
|
|||
end
|
||||
end
|
||||
end
|
||||
|
||||
context 'when signed in' do
|
||||
let(:user) { Fabricate(:user) }
|
||||
|
||||
before { sign_in user }
|
||||
|
||||
describe 'GET to /settings/two_factor_authentication_methods' do
|
||||
describe 'when user has not enabled otp' do
|
||||
before { user.update(otp_required_for_login: false) }
|
||||
|
||||
it 'redirects to enable otp' do
|
||||
get settings_two_factor_authentication_methods_path
|
||||
|
||||
expect(response)
|
||||
.to redirect_to(settings_otp_authentication_path)
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
||||
|
|
|
|||
|
|
@ -26,15 +26,14 @@ RSpec.describe 'Admin Users TwoFactorAuthentications' do
|
|||
end
|
||||
end
|
||||
|
||||
context 'when user has OTP and WebAuthn enabled' do
|
||||
before { user.update(otp_required_for_login: true, webauthn_id: WebAuthn.generate_user_id) }
|
||||
context 'when user has WebAuthn enabled' do
|
||||
before { user.update(webauthn_id: WebAuthn.generate_user_id) }
|
||||
|
||||
it 'disables OTP and webauthn and redirects to admin account page' do
|
||||
visit admin_account_path(user.account.id)
|
||||
|
||||
expect { disable_two_factor }
|
||||
.to change { user.reload.otp_enabled? }.to(false)
|
||||
.and(change { user.reload.webauthn_enabled? }.to(false))
|
||||
.to change { user.reload.webauthn_enabled? }.to(false)
|
||||
expect(page)
|
||||
.to have_title(user.account.pretty_acct)
|
||||
end
|
||||
|
|
|
|||
Loading…
Reference in New Issue
Block a user