gitlab-org--gitlab-foss/app/views/devise/sessions/two_factor.html.haml

- if inject_u2f_api?
  - content_for :page_specific_javascripts do
    = page_specific_javascript_tag('u2f.js')

%div
  = render 'devise/shared/tab_single', { :tab_title => 'Two-Factor Authentication' }
  .login-box
    .login-body
      - if @user.two_factor_otp_enabled?
        = form_for(resource, as: resource_name, url: session_path(resource_name), method: :post, html: { class: 'edit_user show-gl-field-errors' }) do |f|
          - resource_params = params[resource_name].presence || params
          = f.hidden_field :remember_me, value: resource_params.fetch(:remember_me, 0)
          .form-group
            = f.label 'Two-Factor Authentication code', name:  :otp_attempt
            = f.text_field :otp_attempt, class: 'form-control', required: true, autofocus: true, autocomplete: 'off', title: 'This field is required.'
            %p.help-block.hint Enter the code from the two-factor app on your mobile device. If you've lost your device, you may enter one of your recovery codes.
            .prepend-top-20
              = f.submit "Verify code", class: "btn btn-save"

      - if @user.two_factor_u2f_enabled?
        = render "u2f/authenticate", locals: { params: params, resource: resource, resource_name: resource_name }
Add a U2F feature spec for multiple devices owned by the same user. 1. This scenario was previously tested for the registration flow, but not authentication. 2016-07-11 03:53:02 -04:00			`- if inject_u2f_api?`
			`- content_for :page_specific_javascripts do`
Load Javascript U2F library selectively. 1. Only on supported Chrome versions 2. Mainly, this lets us simplify the javascript-based U2F check to `window.u2f`, where `window.u2f` can either be loaded from the GitLab server (for Chrome) or from the Firefox extension. 3. This is a better way to provide browser detection for U2F. 2016-07-11 03:30:22 -04:00			`= page_specific_javascript_tag('u2f.js')`

Turn 2-factor authentication into 2 steps process. Disabled 2fa UI for ldap users since it is not supported 2015-03-30 21:19:01 -04:00			`%div`
Make UX upgrades to SignIn/Register views. - Tab between register and sign in forms - Add individual input validation error messages - Validate username - Update many styles for all login-box forms 2016-09-09 08:21:00 -04:00			`= render 'devise/shared/tab_single', { :tab_title => 'Two-Factor Authentication' }`
Turn 2-factor authentication into 2 steps process. Disabled 2fa UI for ldap users since it is not supported 2015-03-30 21:19:01 -04:00			`.login-box`
			`.login-body`
Implement authentication (login) using a U2F device. - Move the `authenticate_with_two_factor` method from `ApplicationController` to the `AuthenticatesWithTwoFactor` module, where it should be. 2016-06-06 00:50:39 -04:00			`- if @user.two_factor_otp_enabled?`
Make UX upgrades to SignIn/Register views. - Tab between register and sign in forms - Add individual input validation error messages - Validate username - Update many styles for all login-box forms 2016-09-09 08:21:00 -04:00			`= form_for(resource, as: resource_name, url: session_path(resource_name), method: :post, html: { class: 'edit_user show-gl-field-errors' }) do \|f\|`
Fix 2FA-based login for LDAP users The OTP input form is shared by both LDAP and standard logins, but when coming from an LDAP-based form, the form parameters aren't nested in a Hash based on the `resource_name` value. Now we check for a nested `remember_me` parameter and use that if it exists, or fall back to the non-nested parameters if it doesn't. Somewhat confusingly, the OTP input form _does_ nest parameters under the `resource_name`, regardless of what type of login we're coming from, so that allows everything else to work as normal. 2016-06-06 16:29:52 -04:00			`- resource_params = params[resource_name].presence \|\| params`
			`= f.hidden_field :remember_me, value: resource_params.fetch(:remember_me, 0)`
Make UX upgrades to SignIn/Register views. - Tab between register and sign in forms - Add individual input validation error messages - Validate username - Update many styles for all login-box forms 2016-09-09 08:21:00 -04:00			`.form-group`
			`= f.label 'Two-Factor Authentication code', name: :otp_attempt`
			`= f.text_field :otp_attempt, class: 'form-control', required: true, autofocus: true, autocomplete: 'off', title: 'This field is required.'`
			`%p.help-block.hint Enter the code from the two-factor app on your mobile device. If you've lost your device, you may enter one of your recovery codes.`
			`.prepend-top-20`
			`= f.submit "Verify code", class: "btn btn-save"`
Implement authentication (login) using a U2F device. - Move the `authenticate_with_two_factor` method from `ApplicationController` to the `AuthenticatesWithTwoFactor` module, where it should be. 2016-06-06 00:50:39 -04:00
			`- if @user.two_factor_u2f_enabled?`
Pass the remember_me option into the u2f form and support it while authenticating Matches the changes done for non-u2f two-factor auth 2016-08-19 21:51:56 -04:00			`= render "u2f/authenticate", locals: { params: params, resource: resource, resource_name: resource_name }`