openproject/modules/two_factor_authentication/config/routes.rb

OpenProject::Application::routes.draw do
  namespace 'two_factor_authentication' do
    get :request, to: 'authentication#request_otp'
    post :confirm, to: 'authentication#confirm_otp'
    post :retry, to: 'authentication#retry'
    get :backup_code, to: 'authentication#enter_backup_code'
    post :backup_code, to: 'authentication#verify_backup_code'

    get :settings, to: 'two_factor_settings#show', as: 'settings_2fa'
    post :settings, to: 'two_factor_settings#update', as: 'update_settings_2fa'
  end

  scope 'two_factor_authentication' do # Avoids adding the namespace prefix
    scope 'device_registration',
          controller: 'two_factor_authentication/forced_registration/two_factor_devices' do
      get :new, action: :new, as: 'new_forced_2fa_device'
      post :register, action: :register, as: 'register_forced_2fa_device'
      match '/:device_id/confirm', action: :confirm, via: %i[get post], as: 'confirm_forced_2fa_device'
    end
  end

  resources :users, only: [] do
    member do
      resources :two_factor_devices,
                param: :device_id,
                controller: 'two_factor_authentication/users/two_factor_devices',
                as: 'user_2fa_devices',
                only: %i[new create destroy] do
        # Register new device ( 'create' )
        post :register, on: :collection

        # Delete all devices
        post :delete_all, on: :collection

        # Make default
        post :make_default, on: :member
      end
    end
  end

  scope 'my' do
    resource :backup_codes,
             controller: 'two_factor_authentication/my/backup_codes',
             as: 'my_2fa_backup_codes',
             only: %i[show create]

    resource :remember_cookie,
             controller: 'two_factor_authentication/my/remember_cookie',
             as: 'my_2fa_remember_cookie',
             only: [:destroy]

    resources :two_factor_devices,
              controller: 'two_factor_authentication/my/two_factor_devices',
              param: :device_id,
              as: 'my_2fa_devices',
              only: %i[index new destroy] do
      # Register new device ( 'create' )
      post :register, on: :collection

      # Confirm token flow for new devices
      get :confirm, on: :member
      post :confirm, on: :member

      # Make a device a default
      post :make_default, on: :member
    end
  end
end
Initial commit of 2FA plugin forked from MOTP 7 years ago			`OpenProject::Application::routes.draw do`
			`namespace 'two_factor_authentication' do`
			`get :request, to: 'authentication#request_otp'`
			`post :confirm, to: 'authentication#confirm_otp'`
			`post :retry, to: 'authentication#retry'`
Implement backup codes 7 years ago			`get :backup_code, to: 'authentication#enter_backup_code'`
			`post :backup_code, to: 'authentication#verify_backup_code'`
Add menu item to change enforced and remember function 7 years ago
Fix naming of SettingsController that clashes in MenuController Menu Items are registered with the controller name only, disregarding any namespace. 7 years ago			`get :settings, to: 'two_factor_settings#show', as: 'settings_2fa'`
			`post :settings, to: 'two_factor_settings#update', as: 'update_settings_2fa'`
Initial commit of 2FA plugin forked from MOTP 7 years ago			`end`

			`scope 'two_factor_authentication' do # Avoids adding the namespace prefix`
			`scope 'device_registration',`
			`controller: 'two_factor_authentication/forced_registration/two_factor_devices' do`
			`get :new, action: :new, as: 'new_forced_2fa_device'`
			`post :register, action: :register, as: 'register_forced_2fa_device'`
safe automatic fixes by rubocop (#8994) 4 years ago			`match '/:device_id/confirm', action: :confirm, via: %i[get post], as: 'confirm_forced_2fa_device'`
Initial commit of 2FA plugin forked from MOTP 7 years ago			`end`
			`end`

Placeholder user services and administration (#8944) * Adding placeholder user contracts * Adding create, update, and delete services for placeholder users * WIP: Adding Placeholder User contract specs [ci skip] * Extract contract validation into common helper * Add common validation in BaseContract + common example for admin checks * Introduce common ModelContract shared context for validations * WIP: PlaceholderUser controller, i18n, and routes [ci skip] * Placeholder users index page and query - moved all group related scopes from User to Principal to make them also available in PlaceholderUser. * end * Create PlaceholderUser * Feature spec for editing a placeholder user * Manage PlaceholderUser memberships The managment of memberships is pretty similar for User and PlaceholderUser. This commit extacts the similarities and uses them for both. * General partial and show view for PlaceholderUser * Delete obosolete partial * Allow RequireAdminGuard to be used as a module function * Fix I18n for confirmation text * Smaller code improvements * Fix: Syntax for accessing status enums was wrong. * Use UpdateService for updating a placeholder user * Add spec for PlaceholderUsersController * First code improvements after code review. - more improvements to come. * Further code improvements after review ... still more to come * Correct namespace of delete service * Fix: Make placeholder user contract validate * Remove :type attribute from base contract of User and PlaceholerUser ...and add it to the CreateContracts. Also add type validations. Further extract shared examples for placeholder user attribute validation * Refactor: Extract membership hook calls to helper * Fix redirect paths for membership controllers * Specs already present in shared exampels. * Fix duplicates routes for users and placeholder users * Fix user path * Add attribute name and lastname We don't need a writeable check as both are equally writable * Replace more references to tab_edit_user_path * Skip specs for PlaceholderUsers::DeletionService We will tackle that service in a separate PR. * Fix module usage of RequireAdminGuard * Fix group filter for placeholder users * Fix invalid reference to expect_valid * Fix: Fix tabbed edit path for placeholder users * Fix status filtering on users * Linting * Improve generalisation of individual principal filter cell - Check for presence of groups and statuses in order to toggle visibility of their UI element. - Remove groups from placeholder user controller and cell initialization and options * Fix selector on groups assign * Remove using_shared_fixtures Co-authored-by: Oliver Günther <mail@oliverguenther.de> 4 years ago			`resources :users, only: [] do`
Initial commit of 2FA plugin forked from MOTP 7 years ago			`member do`
			`resources :two_factor_devices,`
			`param: :device_id,`
			`controller: 'two_factor_authentication/users/two_factor_devices',`
			`as: 'user_2fa_devices',`
safe automatic fixes by rubocop (#8994) 4 years ago			`only: %i[new create destroy] do`
Initial commit of 2FA plugin forked from MOTP 7 years ago			`# Register new device ( 'create' )`
			`post :register, on: :collection`

			`# Delete all devices`
			`post :delete_all, on: :collection`

			`# Make default`
			`post :make_default, on: :member`
			`end`
			`end`
			`end`

			`scope 'my' do`
Implement backup codes 7 years ago			`resource :backup_codes,`
			`controller: 'two_factor_authentication/my/backup_codes',`
			`as: 'my_2fa_backup_codes',`
safe automatic fixes by rubocop (#8994) 4 years ago			`only: %i[show create]`
Implement backup codes 7 years ago
Implement 2FA autologin cookie (#3) [ci skip] 7 years ago			`resource :remember_cookie,`
			`controller: 'two_factor_authentication/my/remember_cookie',`
			`as: 'my_2fa_remember_cookie',`
			`only: [:destroy]`
Implement backup codes 7 years ago
Initial commit of 2FA plugin forked from MOTP 7 years ago			`resources :two_factor_devices,`
			`controller: 'two_factor_authentication/my/two_factor_devices',`
			`param: :device_id,`
			`as: 'my_2fa_devices',`
safe automatic fixes by rubocop (#8994) 4 years ago			`only: %i[index new destroy] do`
Initial commit of 2FA plugin forked from MOTP 7 years ago			`# Register new device ( 'create' )`
			`post :register, on: :collection`

			`# Confirm token flow for new devices`
			`get :confirm, on: :member`
			`post :confirm, on: :member`

			`# Make a device a default`
			`post :make_default, on: :member`
			`end`
			`end`
			`end`