Commit 55f224e4 authored by Drew Blessing's avatar Drew Blessing

Add GitLab host to 2FA QR and manual info

The two factor authentication account string only had the user's
email address. This led to ambiguous entries in two factor
code generating apps. This adds the GitLab host to the account
string in the standard format (according to Google). No matter
the code generator this change disambiguates the entry.
parent bdb5e677
...@@ -22,6 +22,7 @@ class Profiles::TwoFactorAuthsController < Profiles::ApplicationController ...@@ -22,6 +22,7 @@ class Profiles::TwoFactorAuthsController < Profiles::ApplicationController
end end
@qr_code = build_qr_code @qr_code = build_qr_code
@account_string = account_string
setup_u2f_registration setup_u2f_registration
end end
...@@ -78,11 +79,14 @@ class Profiles::TwoFactorAuthsController < Profiles::ApplicationController ...@@ -78,11 +79,14 @@ class Profiles::TwoFactorAuthsController < Profiles::ApplicationController
private private
def build_qr_code def build_qr_code
issuer = "#{issuer_host} | #{current_user.email}" uri = current_user.otp_provisioning_uri(account_string, issuer: issuer_host)
uri = current_user.otp_provisioning_uri(current_user.email, issuer: issuer)
RQRCode::render_qrcode(uri, :svg, level: :m, unit: 3) RQRCode::render_qrcode(uri, :svg, level: :m, unit: 3)
end end
def account_string
"#{issuer_host}:#{current_user.email}"
end
def issuer_host def issuer_host
Gitlab.config.gitlab.host Gitlab.config.gitlab.host
end end
......
...@@ -30,7 +30,7 @@ ...@@ -30,7 +30,7 @@
To add the entry manually, provide the following details to the application on your phone. To add the entry manually, provide the following details to the application on your phone.
%p.prepend-top-0.append-bottom-0 %p.prepend-top-0.append-bottom-0
Account: Account:
= current_user.email = @account_string
%p.prepend-top-0.append-bottom-0 %p.prepend-top-0.append-bottom-0
Key: Key:
= current_user.otp_secret.scan(/.{4}/).join(' ') = current_user.otp_secret.scan(/.{4}/).join(' ')
......
---
title: Add GitLab host to 2FA QR code and manual info
merge_request: 6941
author:
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment