Add pairwise SID with a UUIDv4, a significatant upgrade over User.id.to_s. Complete allowing admin to enforce TOTP per user
This commit is contained in:
Dan Milne
@@ -98,23 +98,52 @@
|
||||
<p class="text-sm font-medium text-green-800">
|
||||
Two-factor authentication is enabled
|
||||
</p>
|
||||
<% if @user.totp_required? %>
|
||||
<p class="mt-1 text-sm text-green-700">
|
||||
<svg class="inline h-4 w-4" fill="currentColor" viewBox="0 0 20 20">
|
||||
<path fill-rule="evenodd" d="M5 9V7a5 5 0 0110 0v2a2 2 0 012 2v5a2 2 0 01-2 2H5a2 2 0 01-2-2v-5a2 2 0 012-2zm8-2v2H7V7a3 3 0 016 0z" clip-rule="evenodd" />
|
||||
</svg>
|
||||
Required by administrator
|
||||
</p>
|
||||
<% end %>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
<div class="mt-4 flex gap-3">
|
||||
<button type="button"
|
||||
data-action="click->modal#show"
|
||||
data-modal-id="disable-2fa-modal"
|
||||
class="inline-flex items-center rounded-md border border-red-300 bg-white px-4 py-2 text-sm font-medium text-red-700 shadow-sm hover:bg-red-50 focus:outline-none focus:ring-2 focus:ring-red-500 focus:ring-offset-2">
|
||||
Disable 2FA
|
||||
</button>
|
||||
<button type="button"
|
||||
data-action="click->modal#show"
|
||||
data-modal-id="view-backup-codes-modal"
|
||||
class="inline-flex items-center rounded-md border border-gray-300 bg-white px-4 py-2 text-sm font-medium text-gray-700 shadow-sm hover:bg-gray-50 focus:outline-none focus:ring-2 focus:ring-blue-500 focus:ring-offset-2">
|
||||
View Backup Codes
|
||||
</button>
|
||||
</div>
|
||||
<% if @user.totp_required? %>
|
||||
<div class="mt-4 rounded-md bg-blue-50 p-4">
|
||||
<div class="flex">
|
||||
<svg class="h-5 w-5 text-blue-400 mr-2 flex-shrink-0" viewBox="0 0 20 20" fill="currentColor">
|
||||
<path fill-rule="evenodd" d="M18 10a8 8 0 11-16 0 8 8 0 0116 0zm-7-4a1 1 0 11-2 0 1 1 0 012 0zM9 9a1 1 0 000 2v3a1 1 0 001 1h1a1 1 0 100-2v-3a1 1 0 00-1-1H9z" clip-rule="evenodd" />
|
||||
</svg>
|
||||
<p class="text-sm text-blue-800">
|
||||
Your administrator requires two-factor authentication. You cannot disable it.
|
||||
</p>
|
||||
</div>
|
||||
</div>
|
||||
<div class="mt-4 flex gap-3">
|
||||
<button type="button"
|
||||
data-action="click->modal#show"
|
||||
data-modal-id="view-backup-codes-modal"
|
||||
class="inline-flex items-center rounded-md border border-gray-300 bg-white px-4 py-2 text-sm font-medium text-gray-700 shadow-sm hover:bg-gray-50 focus:outline-none focus:ring-2 focus:ring-blue-500 focus:ring-offset-2">
|
||||
View Backup Codes
|
||||
</button>
|
||||
</div>
|
||||
<% else %>
|
||||
<div class="mt-4 flex gap-3">
|
||||
<button type="button"
|
||||
data-action="click->modal#show"
|
||||
data-modal-id="disable-2fa-modal"
|
||||
class="inline-flex items-center rounded-md border border-red-300 bg-white px-4 py-2 text-sm font-medium text-red-700 shadow-sm hover:bg-red-50 focus:outline-none focus:ring-2 focus:ring-red-500 focus:ring-offset-2">
|
||||
Disable 2FA
|
||||
</button>
|
||||
<button type="button"
|
||||
data-action="click->modal#show"
|
||||
data-modal-id="view-backup-codes-modal"
|
||||
class="inline-flex items-center rounded-md border border-gray-300 bg-white px-4 py-2 text-sm font-medium text-gray-700 shadow-sm hover:bg-gray-50 focus:outline-none focus:ring-2 focus:ring-blue-500 focus:ring-offset-2">
|
||||
View Backup Codes
|
||||
</button>
|
||||
</div>
|
||||
<% end %>
|
||||
<% else %>
|
||||
<%= link_to new_totp_path, class: "inline-flex items-center rounded-md border border-transparent bg-blue-600 px-4 py-2 text-sm font-medium text-white shadow-sm hover:bg-blue-700 focus:outline-none focus:ring-2 focus:ring-blue-500 focus:ring-offset-2" do %>
|
||||
Enable 2FA
|
||||
|
||||
Reference in New Issue
Block a user