diff options
author | Logan Fick <logaldeveloper@protonmail.com> | 2018-06-07 20:31:11 -0400 |
---|---|---|
committer | Logan Fick <logaldeveloper@protonmail.com> | 2018-06-07 20:31:11 -0400 |
commit | 6d22462d7a3bebf63b2ea3e28aca4ba75fcac489 (patch) | |
tree | 3c43e2819e0ecbd10d72efc9e353673d6026a6fa | |
parent | a241749ee3eb8aaf2044fe49dc55cf1443d1e8cf (diff) |
Added TOTP field to login screen.
-rw-r--r-- | app/controllers/sessions_controller.rb | 6 | ||||
-rw-r--r-- | app/views/sessions/new.html.erb | 8 |
2 files changed, 13 insertions, 1 deletions
diff --git a/app/controllers/sessions_controller.rb b/app/controllers/sessions_controller.rb index 784647c..8755730 100644 --- a/app/controllers/sessions_controller.rb +++ b/app/controllers/sessions_controller.rb @@ -21,6 +21,10 @@ class SessionsController < ApplicationController flash[:alert] = "Your account has been disabled!" elsif user.banned? flash[:alert] = "You are banned!" + elsif user.totp_enabled && !TOTP.verify?(user.totp_code, params[:totp_code]) + flash[:alert] = "You're doing it wrong!" + render action: 'new' + return else session[:user_id] = user.id flash[:notice] = "Logged in!" @@ -110,4 +114,4 @@ class SessionsController < ApplicationController redirect_to login_path end end -end
\ No newline at end of file +end diff --git a/app/views/sessions/new.html.erb b/app/views/sessions/new.html.erb index 0158f59..c7cac42 100644 --- a/app/views/sessions/new.html.erb +++ b/app/views/sessions/new.html.erb @@ -16,6 +16,14 @@ <td></td> <td><%= link_to "Lost your password?", lost_password_users_path %></td> </tr> + <tr> + <td><%= label_tag :totp_code %></td> + <td><%= text_field_tag :totp_code, nil, placeholder: "123456", required: false %></td> + </tr> + <tr> + <td></td> + <td>Leave this field blank if you do not have 2FA enabled.</td> + </tr> </table> <p><%= submit_tag "Log in", class: "btn blue" %></p> <% end %> |