Commit af98b5b5 authored by o's avatar o
Browse files

correctly update 2fa status when adding/removing devices

parent c795e6bc
......@@ -101,6 +101,32 @@ class ApplicationController < ActionController::Base
end
helper_method :feature_toggle?
def update_account_properties(login=false)
res = api.account_properties
if login
if res['locked']
flash[:notice] = :locked_account_hint
elsif res['mail_crypt_enabled'] &&
res['mail_crypt_recovery_token_present']
flash[:notice] = :recovery_token_hint
elsif res['mail_crypt_enabled'] &&
!session[:recovery_email_set]
# TODO: add translations
# flash[:notice] = :recovery_email_hint
else
flash[:notice] = nil
end
end
session[:mail_crypt_enabled] = res['mail_crypt_enabled']
session[:recovery_email_set] = res['recovery_email_set']
session[:requires_2fa] = res['requires_2fa']
session[:possible_resources] = res['possible_resources']
return res
end
# TODO: this needs to be replaced with a real solution!
def fix_idp_url(url)
if request.host =~ /ysp4gfuhnmj6b4mb\.onion/
......
......@@ -8,7 +8,7 @@ class MailCryptController < ApplicationController
elsif (p = params[:pass]).present?
begin
api.mail_crypt_enable(p)
session[:mail_crypt_enabled] = true
update_account_properties
flash[:notice] = :mail_crypt_enabled
if @keep_recovery_token == 'yes'
redirect_to '/mail_crypt_token' and return
......@@ -37,6 +37,7 @@ class MailCryptController < ApplicationController
puts "qr token generation failed #{e}"
end
@recovery_token = recovery_token.gsub(/(.{8})/, '\1<wbr>').html_safe
update_account_properties
unless flash[:notice] == :mail_crypt_enabled
flash[:notice] = nil
end
......
......@@ -7,13 +7,12 @@ class RecoveryEmailController < ApplicationController
if !EmailValidation::check_external_email(@recovery_email)
flash[:notice] = :invalid_recovery_email
session[:recovery_email_set] = false
render 'show' and return
end
api.set_recovery_email(@recovery_email, @email_recovery_token, params[:password])
flash[:notice] = :success
session[:recovery_email_set] = true
update_account_properties
redirect_to '/'
rescue ApiBackend::ApiError => e
if e.api_msg
......
......@@ -39,25 +39,7 @@ class SessionsController < ApplicationController
session[:user_id] = email
session[:api_token] = api_token
res = api.account_properties
if res['locked']
flash[:notice] = :locked_account_hint
elsif res['mail_crypt_enabled'] &&
res['mail_crypt_recovery_token_present']
flash[:notice] = :recovery_token_hint
elsif res['mail_crypt_enabled'] &&
!session[:recovery_email_set]
# TODO: add translations
# flash[:notice] = :recovery_email_hint
else
flash[:notice] = nil
end
session[:mail_crypt_enabled] = res['mail_crypt_enabled']
session[:recovery_email_set] = res['recovery_email_set']
session[:requires_2fa] = res['requires_2fa']
session[:possible_resources] = res['possible_resources']
res = update_account_properties(true)
if res['locked']
redirect_to '/password'
......
......@@ -21,6 +21,7 @@ class TfaController < ApplicationController
flash[:notice] = t(:all_fields_required)
return render 'new_totp'
end
update_account_properties
redirect_to tfa_path
end
......@@ -39,6 +40,7 @@ class TfaController < ApplicationController
else
flash[:notice] = t(:name_must_be_set)
end
update_account_properties
redirect_to tfa_path
end
......@@ -62,6 +64,7 @@ class TfaController < ApplicationController
params[:challenge],
)
flash[:notice] = :success
update_account_properties
redirect_to tfa_path
rescue ApiBackend::ApiError
flash[:notice] = :failed
......@@ -93,6 +96,7 @@ class TfaController < ApplicationController
else
flash[:notice] = t(:name_must_be_set)
end
update_account_properties
redirect_to tfa_path
end
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment