df4ff9a8e1
* Add recovery code support for two-factor auth When users enable two-factor auth, the app now generates ten single-use recovery codes. Users are encouraged to print the codes and store them in a safe place. The two-factor prompt during login now accepts both OTP codes and recovery codes. The two-factor settings UI allows users to regenerated lost recovery codes. Users who have set up two-factor auth prior to this feature being added can use it to generate recovery codes for the first time. Fixes #563 and fixes #987 * Set OTP_SECRET in test enviroment * add missing .html to view file names
36 lines
1.2 KiB
Ruby
36 lines
1.2 KiB
Ruby
# frozen_string_literal: true
|
|
|
|
class User < ApplicationRecord
|
|
include Settings::Extend
|
|
|
|
devise :registerable, :recoverable,
|
|
:rememberable, :trackable, :validatable, :confirmable,
|
|
:two_factor_authenticatable, :two_factor_backupable,
|
|
otp_secret_encryption_key: ENV['OTP_SECRET'],
|
|
otp_number_of_backup_codes: 10
|
|
|
|
belongs_to :account, inverse_of: :user
|
|
accepts_nested_attributes_for :account
|
|
|
|
validates :account, presence: true
|
|
validates :locale, inclusion: I18n.available_locales.map(&:to_s), unless: 'locale.nil?'
|
|
validates :email, email: true
|
|
|
|
scope :prolific, -> { joins('inner join statuses on statuses.account_id = users.account_id').select('users.*, count(statuses.id) as statuses_count').group('users.id').order('statuses_count desc') }
|
|
scope :recent, -> { order('id desc') }
|
|
scope :admins, -> { where(admin: true) }
|
|
scope :confirmed, -> { where.not(confirmed_at: nil) }
|
|
|
|
def send_devise_notification(notification, *args)
|
|
devise_mailer.send(notification, self, *args).deliver_later
|
|
end
|
|
|
|
def setting_default_privacy
|
|
settings.default_privacy || (account.locked? ? 'private' : 'public')
|
|
end
|
|
|
|
def setting_boost_modal
|
|
settings.boost_modal
|
|
end
|
|
end
|