mirror of
https://github.com/philomena-dev/philomena.git
synced 2024-11-24 12:37:58 +01:00
103 lines
No EOL
4.5 KiB
Text
103 lines
No EOL
4.5 KiB
Text
h1 Two Factor Authentication
|
|
|
|
= form_for @changeset, Routes.registration_totp_path(@conn, :update), [as: :user], fn f ->
|
|
= if @changeset.action do
|
|
.alert.alert-danger
|
|
p Oops, something went wrong! Please check the errors below.
|
|
|
|
= if @current_user.otp_required_for_login do
|
|
p
|
|
' Two factor authentication is currently
|
|
strong> enabled
|
|
' for your account.
|
|
|
|
h4 Enter the generated 6-digit code or one of your backup codes to disable.
|
|
p
|
|
' Note that the 6-digit codes are limited to a single use within their
|
|
' lifespan of 30 seconds, so if you just logged in with a code, entering
|
|
' it again here will cause an error. If that's the case, just wait for a
|
|
' new code to be generated.
|
|
|
|
.field
|
|
= text_input f, :twofactor_token, class: "input", placeholder: "6-digit code"
|
|
= error_tag f, :twofactor_token
|
|
|
|
- else
|
|
p
|
|
' Two factor authentication is currently
|
|
strong> disabled
|
|
' for your account.
|
|
|
|
br
|
|
|
|
.block.block--fixed.block--warning
|
|
p
|
|
| Enabling 2FA will make it harder for an attacker to get into your account, but it may also make it harder for
|
|
strong<> you
|
|
| to get into your account. Make sure you'll have access to your authenticator if you enable it.
|
|
h4 Download application
|
|
p
|
|
| You will need an application on your phone that'll generate TOTP codes for you, such as:
|
|
ul
|
|
li
|
|
| Authy (
|
|
a href="https://play.google.com/store/apps/details?id=com.authy.authy" target="_blank" rel="noreferrer"
|
|
| Android
|
|
| /
|
|
a href="https://itunes.apple.com/us/app/authy/id494168017" target="_blank" rel="noreferrer"
|
|
| iOS
|
|
| )
|
|
li
|
|
| LastPass Authenticator (
|
|
a href="https://play.google.com/store/apps/details?id=com.lastpass.authenticator" target="_blank" rel="noreferrer"
|
|
| Android
|
|
| /
|
|
a href="https://itunes.apple.com/us/app/lastpass-authenticator/id1079110004" target="_blank" rel="noreferrer"
|
|
| iOS
|
|
| /
|
|
a href="https://www.microsoft.com/en-us/store/apps/lastpass-authenticator/9nblggh5l9d7" target="_blank" rel="noreferrer"
|
|
| Windows Mobile
|
|
| )
|
|
li
|
|
| Microsoft Authenticator (
|
|
a href="https://play.google.com/store/apps/details?id=com.azure.authenticator" target="_blank" rel="noreferrer"
|
|
| Android
|
|
| /
|
|
a href="https://itunes.apple.com/us/app/microsoft-authenticator/id983156458" target="_blank" rel="noreferrer"
|
|
| iOS
|
|
| /
|
|
a href="https://www.microsoft.com/en-us/store/p/microsoft-authenticator/9nblgggzmcj6" target="_blank" rel="noreferrer"
|
|
| Windows Mobile
|
|
| )
|
|
' Google Authenticator is
|
|
em> not
|
|
' recommended.
|
|
h4 Pair application
|
|
p
|
|
' Using the application of your choice, scan the QR code below or enter the following secret key:
|
|
strong
|
|
= @totp_secret
|
|
p
|
|
img src=@totp_qrcode alt="QR Code"
|
|
h4 Confirm pairing
|
|
p Enter the code generated by your authenticator app into the field below for verification.
|
|
= text_input f, :twofactor_token, class: "input", placeholder: "6-digit code", autocomplete: "off"
|
|
p Note that the 6-digit codes are limited to a single use within their lifespan of 30 seconds, so if you use a code to enable the feature here, you won't be able to immediately use the same code to log in or to disable the feature. You have to wait for a new code to be generated.
|
|
.dnp-warning
|
|
h4 Warning - Authenticator Backup Codes
|
|
p Once you enable 2FA on your account, you will be provided with a list of backup codes that can be used to access your account in the event of you losing access to your authenticator app. You will only be provided with these codes once, so please ensure that you have a way to safely and securely record them before enabling 2FA on your account. If you lose access to your authenticator app and do not have your backup codes, you will be locked out of your account permanently, and we will be unable to assist you.
|
|
|
|
br
|
|
|
|
.block.block--fixed.block--warning
|
|
.field
|
|
= password_input f, :current_password, class: "input", placeholder: "Current password"
|
|
= error_tag f, :current_password
|
|
.fieldlabel
|
|
' We need your current password to confirm these changes
|
|
|
|
br
|
|
|
|
= submit "Save Account", class: "button"
|
|
|
|
p = link "Back", to: Routes.pow_registration_path(@conn, :edit) |