From 879f58e88a130e0dd643c0a10b6ffa1e67e33a3f Mon Sep 17 00:00:00 2001
From: Laney Stroup <laney@stroupsolutions.com>
Date: Tue, 4 Jun 2024 22:45:41 +0900
Subject: [PATCH] add reset token action;

---
 .../devise_otp/devise/otp_tokens_controller.rb           | 9 +++++++++
 app/views/devise/otp_tokens/_token_secret.html.erb       | 7 +++++++
 config/locales/en.yml                                    | 4 ++++
 .../controllers/url_helpers.rb                           | 5 +++++
 lib/devise_otp_authenticatable/routes.rb                 | 1 +
 5 files changed, 26 insertions(+)

diff --git a/app/controllers/devise_otp/devise/otp_tokens_controller.rb b/app/controllers/devise_otp/devise/otp_tokens_controller.rb
index b6ae3c6..1fe1bad 100644
--- a/app/controllers/devise_otp/devise/otp_tokens_controller.rb
+++ b/app/controllers/devise_otp/devise/otp_tokens_controller.rb
@@ -95,6 +95,15 @@ def recovery
         end
       end
 
+      def reset
+        if resource.disable_otp!
+          resource.clear_otp_fields!
+          otp_set_flash_message :success, :successfully_reset_otp
+        end
+
+        redirect_to action: :edit
+      end
+
       private
 
       def ensure_credentials_refresh
diff --git a/app/views/devise/otp_tokens/_token_secret.html.erb b/app/views/devise/otp_tokens/_token_secret.html.erb
index 7ae09b5..135819f 100644
--- a/app/views/devise/otp_tokens/_token_secret.html.erb
+++ b/app/views/devise/otp_tokens/_token_secret.html.erb
@@ -14,6 +14,13 @@
   <strong><%= I18n.t('disable_explain_warn', :scope => 'devise.otp.otp_tokens') %></strong>
 </p>
 
+<p><%= button_to I18n.t('reset_link', :scope => 'devise.otp.otp_tokens'), reset_otp_token_path_for(resource), :method => :post , :data => { "turbo-method": "POST" } %></p>
+
+<p>
+  <%= I18n.t('reset_explain', :scope => 'devise.otp.otp_tokens') %>
+  <strong><%= I18n.t('reset_explain_warn', :scope => 'devise.otp.otp_tokens') %></strong>
+</p>
+
 <%- if recovery_enabled? %>
   <h3><%= I18n.t('title', :scope => 'devise.otp.otp_tokens.recovery') %></h3>
   <p><%= I18n.t('explain', :scope => 'devise.otp.otp_tokens.recovery') %></p>
diff --git a/config/locales/en.yml b/config/locales/en.yml
index 133a162..426662d 100644
--- a/config/locales/en.yml
+++ b/config/locales/en.yml
@@ -32,9 +32,13 @@ en:
         disable_link: 'Disable Two-Factor Authentication'
         disable_explain: 'This will disable Two-Factor authentication and clear the OTP secret.'
         disable_explain_warn: 'To re-enable Two-Factor authentication, you will need to enroll your mobile device again.'
+        reset_link: 'Reset Token Secret'
+        reset_explain: 'Resetting your token secret will temporarilly disable Two-Factor authentication.'
+        reset_explain_warn: 'To re-enable Two-Factor authentication, you will need to re-enroll your mobile device with the new token secret.'
         successfully_updated: 'Your two-factors authentication settings have been updated.'
         could_not_confirm: 'The Confirmation Code you entered did not match the QR code shown below.'
         successfully_disabled_otp: 'Two-Factor authentication has been disabled.'
+        successfully_reset_otp: 'Your token secret has been reset. Please confirm your new token secret below.'
         successfully_set_persistence: 'Your device is now trusted.'
         successfully_cleared_persistence: 'Your device has been removed from the list of trusted devices.'
         successfully_reset_persistence: 'Your list of trusted devices has been cleared.'
diff --git a/lib/devise_otp_authenticatable/controllers/url_helpers.rb b/lib/devise_otp_authenticatable/controllers/url_helpers.rb
index 4b8415e..14754fb 100644
--- a/lib/devise_otp_authenticatable/controllers/url_helpers.rb
+++ b/lib/devise_otp_authenticatable/controllers/url_helpers.rb
@@ -26,6 +26,11 @@ def edit_otp_token_path_for(resource_or_scope, opts = {})
         send("edit_#{scope}_otp_token_path", opts)
       end
 
+      def reset_otp_token_path_for(resource_or_scope, opts = {})
+        scope = ::Devise::Mapping.find_scope!(resource_or_scope)
+        send("reset_#{scope}_otp_token_path", opts)
+      end
+
       def otp_credential_path_for(resource_or_scope, opts = {})
         scope = ::Devise::Mapping.find_scope!(resource_or_scope)
         send("#{scope}_otp_credential_path", opts)
diff --git a/lib/devise_otp_authenticatable/routes.rb b/lib/devise_otp_authenticatable/routes.rb
index a751306..45e7296 100644
--- a/lib/devise_otp_authenticatable/routes.rb
+++ b/lib/devise_otp_authenticatable/routes.rb
@@ -13,6 +13,7 @@ def devise_otp(mapping, controllers)
           end
 
           get :recovery
+          post :reset
         end
 
         resource :credential, only: [:show, :update],