diff options
| author | Douwe Maan <douwe@gitlab.com> | 2016-09-02 14:21:59 +0000 |
|---|---|---|
| committer | Douwe Maan <douwe@gitlab.com> | 2016-09-02 14:21:59 +0000 |
| commit | df6e50448a2e97856805f5e4a70831f2ba8a0ef2 (patch) | |
| tree | 5e5dc709238c54a8e5213cd11f577751fc744ef8 /lib/gitlab_net.rb | |
| parent | 3043b31c458bf720843a84b35c9fbad5c1488c1d (diff) | |
| parent | dcc20876554ae18c6869b80071728f1b91858c5f (diff) | |
| download | gitlab-shell-df6e50448a2e97856805f5e4a70831f2ba8a0ef2.tar.gz | |
Merge branch '2fa_recovery' into 'master'
Add option to recover 2FA via SSH
Related to https://gitlab.com/gitlab-org/gitlab-ce/issues/3765
Allow users to recover their own account if they lose their 2FA device or recovery codes.
## Questions/Concerns
- Does this look secure? I think it is but we need to make sure no one can spoof a username or something and disable two factor.
## Todo
- [x] Working code
- [x] Tests
- [x] GitLab merge requests (including documentation)
See merge request !74
Diffstat (limited to 'lib/gitlab_net.rb')
| -rw-r--r-- | lib/gitlab_net.rb | 9 |
1 files changed, 9 insertions, 0 deletions
diff --git a/lib/gitlab_net.rb b/lib/gitlab_net.rb index 35a8833..47bae95 100644 --- a/lib/gitlab_net.rb +++ b/lib/gitlab_net.rb @@ -72,6 +72,15 @@ class GitlabNet nil end + def two_factor_recovery_codes(key) + key_id = key.gsub('key-', '') + resp = post("#{host}/two_factor_recovery_codes", key_id: key_id) + + JSON.parse(resp.body) if resp.code == '200' + rescue + {} + end + def redis_client redis_config = config.redis database = redis_config['database'] || 0 |