- 
          
- 
                Notifications
    You must be signed in to change notification settings 
- Fork 460
feat: redirect admins to two_factor:setup if two_factors are required a two factor is not enabled for the account #491
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
base: master
Are you sure you want to change the base?
Conversation
| Codecov Report
 
 @@           Coverage Diff           @@
##           master     #491   +/-   ##
=======================================
  Coverage   98.53%   98.53%           
=======================================
  Files          60       60           
  Lines        2659     2659           
  Branches      278      278           
=======================================
  Hits         2620     2620           
  Misses         24       24           
  Partials       15       15           📣 We’re building smart automated test selection to slash your CI/CD build times. Learn more | 
e947df0    to
    dfa4241      
    Compare
  
    000633b    to
    2de44a5      
    Compare
  
    a49aea5    to
    1f22961      
    Compare
  
    4cfcee7    to
    edbb4b2      
    Compare
  
    629ed3d    to
    3bebcd7      
    Compare
  
    | @claudep @moggers87, I'd appreciate a review and feedback. I'd really like to get this in along with #493 and #497 then cut a release. | 
| @claudep @moggers87 @Bouke, any chance I can get a review on this? | 
| Sorry, I don't feel familiar enough with this part of the code to be able to review it right now. | 
| @Bouke @moggers87, claude doesn't feel comfortable reviewing this. Do either of you? This is over two weeks out with no feedback. | 
e27d9f6    to
    d76311c      
    Compare
  
    | @Bouke @moggers87, I've rebased this PR. @claudep doesn't feel comfortable reviewing this. Do either of you? It has been over a month with no feedback on this issue. | 
| @Bouke @moggers87, @claudep doesn't feel comfortable reviewing this. Do either of you? | 
| @Bouke @moggers87, @claudep ping? Is there anyone out there? | 
When TOTP is required on an admin view and a user does not have a TOTP device configured, redirect them to the TOTP setup view.
| converted to draft while I review the impact of #500. I pulled monkey patching updates into its own PR that will need to be applied first. | 
| Any process on that? | 
I'm picking up the work from #370 in this PR since it has seemingly gone stale.
Description
Currently, if OTP is set to required for the admin interface and a user does not have admin privileges. Logging in fails without any feedback. This PR modifies the login process to redirect admins to setup OTP instead.
Motivation and Context
This change is required because there is a dead end in the Login UX. It applies to #219.
How Has This Been Tested?
I am resubmitting the PR as a WIP at this juncture.
Screenshots (if appropriate):
Types of changes
Checklist: