domi/forgejo-domi
1
0
Fork 0
forked from forgejo/forgejo
Code Pull requests Activity

Allow U2F 2FA without TOTP (#11573)

Browse source 
This change enables the usage of U2F without being forced to enroll an TOTP authenticator.
The `/user/auth/u2f` has been changed to hide the "use TOTP instead" bar if TOTP is not enrolled.

Fixes #5410
Fixes #17495
This commit is contained in:
Kamil Domański 2021-11-08 23:47:19 +01:00 committed by GitHub
parent a3f9e9234c
commit 021df29623
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
12 changed files with 100 additions and 57 deletions
Download patch file Download diff file Expand all files Collapse all files

2
templates/user/settings/security_twofa.tmpl
View file

@ -3,7 +3,7 @@
</h4>
<div class="ui attached segment">
<p>{{.i18n.Tr "settings.twofa_desc"}}</p>
{{if .TwofaEnrolled}}
{{if .TOTPEnrolled}}
<p>{{$.i18n.Tr "settings.twofa_is_enrolled" | Str2html }}</p>
<form class="ui form" action="{{AppSubUrl}}/user/settings/security/two_factor/regenerate_scratch" method="post" enctype="multipart/form-data">
{{.CsrfTokenHtml}}

42
templates/user/settings/security_u2f.tmpl
View file

@ -3,32 +3,28 @@
</h4>
<div class="ui attached segment">
<p>{{.i18n.Tr "settings.u2f_desc" | Str2html}}</p>
{{if .TwofaEnrolled}}
<div class="ui key list">
{{range .U2FRegistrations}}
<div class="item">
<div class="right floated content">
<button class="ui red tiny button delete-button" data-modal-id="delete-registration" data-url="{{$.Link}}/u2f/delete" data-id="{{.ID}}">
{{$.i18n.Tr "settings.delete_key"}}
</button>
</div>
<div class="content">
<strong>{{.Name}}</strong>
</div>
<div class="ui key list">
{{range .U2FRegistrations}}
<div class="item">
<div class="right floated content">
<button class="ui red tiny button delete-button" id="delete-registration" data-url="{{$.Link}}/u2f/delete" data-id="{{.ID}}">
{{$.i18n.Tr "settings.delete_key"}}
</button>
</div>
<div class="content">
<strong>{{.Name}}</strong>
</div>
{{end}}
</div>
<div class="ui form">
{{.CsrfTokenHtml}}
<div class="required field">
<label for="nickname">{{.i18n.Tr "settings.u2f_nickname"}}</label>
<input id="nickname" name="nickname" type="text" required>
</div>
<button id="register-security-key" class="ui green button">{{svg "octicon-key"}} {{.i18n.Tr "settings.u2f_register_key"}}</button>
{{end}}
</div>
<div class="ui form">
{{.CsrfTokenHtml}}
<div class="required field">
<label for="nickname">{{.i18n.Tr "settings.u2f_nickname"}}</label>
<input id="nickname" name="nickname" type="text" required>
</div>
{{else}}
<b>{{.i18n.Tr "settings.u2f_require_twofa"}}</b>
{{end}}
<button id="register-security-key" class="ui green button">{{svg "octicon-key"}} {{.i18n.Tr "settings.u2f_register_key"}}</button>
</div>
</div>
<div class="ui small modal" id="register-device">