add reset token action;

wmlele · Jun 4, 2024 · 879f58e · 879f58e
1 parent 54b206e
commit 879f58e
Show file tree

Hide file tree

Showing 5 changed files with 26 additions and 0 deletions.
diff --git a/app/controllers/devise_otp/devise/otp_tokens_controller.rb b/app/controllers/devise_otp/devise/otp_tokens_controller.rb
@@ -95,6 +95,15 @@ def recovery
         end
       end
 
+      def reset
+        if resource.disable_otp!
+          resource.clear_otp_fields!
+          otp_set_flash_message :success, :successfully_reset_otp
+        end
+
+        redirect_to action: :edit
+      end
+
       private
 
       def ensure_credentials_refresh

diff --git a/app/views/devise/otp_tokens/_token_secret.html.erb b/app/views/devise/otp_tokens/_token_secret.html.erb
@@ -14,6 +14,13 @@
   <strong><%= I18n.t('disable_explain_warn', :scope => 'devise.otp.otp_tokens') %></strong>
 </p>
 
+<p><%= button_to I18n.t('reset_link', :scope => 'devise.otp.otp_tokens'), reset_otp_token_path_for(resource), :method => :post , :data => { "turbo-method": "POST" } %></p>
+
+<p>
+  <%= I18n.t('reset_explain', :scope => 'devise.otp.otp_tokens') %>
+  <strong><%= I18n.t('reset_explain_warn', :scope => 'devise.otp.otp_tokens') %></strong>
+</p>
+
 <%- if recovery_enabled? %>
   <h3><%= I18n.t('title', :scope => 'devise.otp.otp_tokens.recovery') %></h3>
   <p><%= I18n.t('explain', :scope => 'devise.otp.otp_tokens.recovery') %></p>

diff --git a/config/locales/en.yml b/config/locales/en.yml
@@ -32,9 +32,13 @@ en:
         disable_link: 'Disable Two-Factor Authentication'
         disable_explain: 'This will disable Two-Factor authentication and clear the OTP secret.'
         disable_explain_warn: 'To re-enable Two-Factor authentication, you will need to enroll your mobile device again.'
+        reset_link: 'Reset Token Secret'
+        reset_explain: 'Resetting your token secret will temporarilly disable Two-Factor authentication.'
+        reset_explain_warn: 'To re-enable Two-Factor authentication, you will need to re-enroll your mobile device with the new token secret.'
         successfully_updated: 'Your two-factors authentication settings have been updated.'
         could_not_confirm: 'The Confirmation Code you entered did not match the QR code shown below.'
         successfully_disabled_otp: 'Two-Factor authentication has been disabled.'
+        successfully_reset_otp: 'Your token secret has been reset. Please confirm your new token secret below.'
         successfully_set_persistence: 'Your device is now trusted.'
         successfully_cleared_persistence: 'Your device has been removed from the list of trusted devices.'
         successfully_reset_persistence: 'Your list of trusted devices has been cleared.'

diff --git a/lib/devise_otp_authenticatable/controllers/url_helpers.rb b/lib/devise_otp_authenticatable/controllers/url_helpers.rb
@@ -26,6 +26,11 @@ def edit_otp_token_path_for(resource_or_scope, opts = {})
         send("edit_#{scope}_otp_token_path", opts)
       end
 
+      def reset_otp_token_path_for(resource_or_scope, opts = {})
+        scope = ::Devise::Mapping.find_scope!(resource_or_scope)
+        send("reset_#{scope}_otp_token_path", opts)
+      end
+
       def otp_credential_path_for(resource_or_scope, opts = {})
         scope = ::Devise::Mapping.find_scope!(resource_or_scope)
         send("#{scope}_otp_credential_path", opts)

diff --git a/lib/devise_otp_authenticatable/routes.rb b/lib/devise_otp_authenticatable/routes.rb
@@ -13,6 +13,7 @@ def devise_otp(mapping, controllers)
           end
 
           get :recovery
+          post :reset
         end
 
         resource :credential, only: [:show, :update],
-Original file line number
+Diff line change
@@ Expand Up / @@ -13,6 +13,7 @@ def devise_otp(mapping, controllers) @@
               end
               get :recovery
+              post :reset
             end
             resource :credential, only: [:show, :update],
@@ Expand Down @@