gitlab-org--gitlab-foss/app/controllers/profiles/two_factor_auths_controller.rb

class Profiles::TwoFactorAuthsController < ApplicationController
  def new
    unless current_user.otp_secret
      current_user.otp_secret = User.generate_otp_secret
      current_user.save!
    end

    @qr_code = build_qr_code
  end

  def create
    if current_user.valid_otp?(params[:pin_code])
      current_user.otp_required_for_login = true
      current_user.save!

      redirect_to profile_account_path
    else
      @error = 'Invalid pin code'
      @qr_code = build_qr_code
      render 'new'
    end
  end

  def codes
    codes = current_user.generate_otp_backup_codes!
    current_user.save!
    send_data codes.join("\n"), filename: 'gitlab_recovery_codes.txt'
  end

  def destroy
    current_user.otp_required_for_login = false
    current_user.save!

    redirect_to profile_account_path
  end

  private

  def build_qr_code
    issuer = "GitLab | #{current_user.email}"
    uri = current_user.otp_provisioning_uri(current_user.email, issuer: issuer)
    RQRCode::render_qrcode(uri, :svg, level: :m, unit: 3)
  end
end
Create Two-factor authentication resource for user 2015-03-27 20:01:24 -04:00			`class Profiles::TwoFactorAuthsController < ApplicationController`
			`def new`
Make 2 factor authentication work 2015-03-27 20:53:08 -04:00			`unless current_user.otp_secret`
			`current_user.otp_secret = User.generate_otp_secret`
			`current_user.save!`
			`end`

			`@qr_code = build_qr_code`
Create Two-factor authentication resource for user 2015-03-27 20:01:24 -04:00			`end`

			`def create`
Make 2 factor authentication work 2015-03-27 20:53:08 -04:00			`if current_user.valid_otp?(params[:pin_code])`
			`current_user.otp_required_for_login = true`
			`current_user.save!`
Create Two-factor authentication resource for user 2015-03-27 20:01:24 -04:00
Make 2 factor authentication work 2015-03-27 20:53:08 -04:00			`redirect_to profile_account_path`
			`else`
			`@error = 'Invalid pin code'`
			`@qr_code = build_qr_code`
			`render 'new'`
			`end`
Create Two-factor authentication resource for user 2015-03-27 20:01:24 -04:00			`end`

Add support for backup codes 2015-03-31 15:42:17 -04:00			`def codes`
			`codes = current_user.generate_otp_backup_codes!`
			`current_user.save!`
			`send_data codes.join("\n"), filename: 'gitlab_recovery_codes.txt'`
			`end`

Create Two-factor authentication resource for user 2015-03-27 20:01:24 -04:00			`def destroy`
			`current_user.otp_required_for_login = false`
			`current_user.save!`

			`redirect_to profile_account_path`
			`end`
Make 2 factor authentication work 2015-03-27 20:53:08 -04:00
			`private`

			`def build_qr_code`
			`issuer = "GitLab \| #{current_user.email}"`
			`uri = current_user.otp_provisioning_uri(current_user.email, issuer: issuer)`
			`RQRCode::render_qrcode(uri, :svg, level: :m, unit: 3)`
			`end`
Create Two-factor authentication resource for user 2015-03-27 20:01:24 -04:00			`end`