Commit 30202d6
Changed files (5)
app
config
app/controllers/tfas_controller.rb
@@ -13,5 +13,8 @@ class TfasController < ApplicationController
def edit; end
- def update; end
+ def destroy
+ current_user.disable_tfa!
+ redirect_to dashboard_path
+ end
end
app/models/user.rb
@@ -25,6 +25,10 @@ class User < ApplicationRecord
tfa_secret.present?
end
+ def disable_tfa!
+ update!(tfa_secret: nil)
+ end
+
def self.login(email, password)
return if email.blank? || password.blank?
app/views/dashboards/show.html.erb
@@ -2,7 +2,11 @@
<div class="row">
<div class="col">
<h1>Dashboard</h1>
- <%= link_to "TFA setup", new_tfa_path %>
+ <% if current_user.tfa_setup? %>
+ <%= link_to "TFA", edit_tfa_path %>
+ <% else %>
+ <%= link_to "Setup TFA", new_tfa_path %>
+ <% end %>
<table class="table">
<thead>
<th>Entity ID</th>
app/views/tfas/edit.html.erb
@@ -0,0 +1,18 @@
+<div class="container">
+ <div class="row">
+ <div class="col">
+ <h1>Two Factor Authentication (TFA)</h1>
+ <div data-controller="tfa--setup">
+ <canvas id="canvas" data-target="tfa--setup.canvas"></canvas>
+ <p>Secret: <%= current_user.tfa_secret %></p>
+ <p>Provisioning URI: <%= current_user.tfa_provisioning_uri %></p>
+
+ <%= form_for current_user, url: tfa_path, method: :delete do |form| %>
+ <%= form.hidden_field :tfa_secret, data: { target: 'tfa--setup.secret' } %>
+ <%= form.submit "Disable", class: 'btn btn-danger', data: { disable_with: 'Saving…' } %>
+ <%= link_to "Cancel", dashboard_path, class: 'btn' %>
+ <% end %>
+ </div>
+ </div>
+ </div>
+</div>
config/routes.rb
@@ -6,7 +6,7 @@ Rails.application.routes.draw do
resource :metadata, only: [:show]
resource :dashboard, only: [:show]
resources :registrations, only: [:new, :create]
- resource :tfa, only: [:new, :edit, :create, :update]
+ resource :tfa, only: [:new, :edit, :create, :destroy]
namespace :scim do
namespace :v2, defaults: { format: :scim } do