From 55f224e4e785d0e1515ac4a840e689cb6d9c7d24 Mon Sep 17 00:00:00 2001
From: Drew Blessing <drew@gitlab.com>
Date: Mon, 17 Oct 2016 09:39:14 -0500
Subject: [PATCH] Add GitLab host to 2FA QR and manual info

The two factor authentication account string only had the user's
email address. This led to ambiguous entries in two factor
code generating apps. This adds the GitLab host to the account
string in the standard format (according to Google). No matter
the code generator this change disambiguates the entry.
---
 app/controllers/profiles/two_factor_auths_controller.rb | 8 ++++++--
 app/views/profiles/two_factor_auths/show.html.haml      | 2 +-
 changelogs/unreleased/add_info_to_qr.yml                | 4 ++++
 3 files changed, 11 insertions(+), 3 deletions(-)
 create mode 100644 changelogs/unreleased/add_info_to_qr.yml

diff --git a/app/controllers/profiles/two_factor_auths_controller.rb b/app/controllers/profiles/two_factor_auths_controller.rb
index 9eb75bb3891..18044ca78e2 100644
--- a/app/controllers/profiles/two_factor_auths_controller.rb
+++ b/app/controllers/profiles/two_factor_auths_controller.rb
@@ -22,6 +22,7 @@ class Profiles::TwoFactorAuthsController < Profiles::ApplicationController
     end
 
     @qr_code = build_qr_code
+    @account_string = account_string
     setup_u2f_registration
   end
 
@@ -78,11 +79,14 @@ class Profiles::TwoFactorAuthsController < Profiles::ApplicationController
   private
 
   def build_qr_code
-    issuer = "#{issuer_host} | #{current_user.email}"
-    uri = current_user.otp_provisioning_uri(current_user.email, issuer: issuer)
+    uri = current_user.otp_provisioning_uri(account_string, issuer: issuer_host)
     RQRCode::render_qrcode(uri, :svg, level: :m, unit: 3)
   end
 
+  def account_string
+    "#{issuer_host}:#{current_user.email}"
+  end
+
   def issuer_host
     Gitlab.config.gitlab.host
   end
diff --git a/app/views/profiles/two_factor_auths/show.html.haml b/app/views/profiles/two_factor_auths/show.html.haml
index 03ac739ade5..558a1d56151 100644
--- a/app/views/profiles/two_factor_auths/show.html.haml
+++ b/app/views/profiles/two_factor_auths/show.html.haml
@@ -30,7 +30,7 @@
               To add the entry manually, provide the following details to the application on your phone.
             %p.prepend-top-0.append-bottom-0
               Account:
-              = current_user.email
+              = @account_string
             %p.prepend-top-0.append-bottom-0
               Key:
               = current_user.otp_secret.scan(/.{4}/).join(' ')
diff --git a/changelogs/unreleased/add_info_to_qr.yml b/changelogs/unreleased/add_info_to_qr.yml
new file mode 100644
index 00000000000..a4b0354a9c9
--- /dev/null
+++ b/changelogs/unreleased/add_info_to_qr.yml
@@ -0,0 +1,4 @@
+---
+title: Add GitLab host to 2FA QR code and manual info
+merge_request: 6941
+author: