chore: installed devise-two-factor gem

Gemfile

@@ -48,6 +48,7 @@ gem "bootsnap", require: false
 # gem "image_processing", "~> 1.2"
 
 gem "devise", "~> 4.9", ">= 4.9.3"
+gem "devise-two-factor", "~> 5.0.0"
 gem "dry-initializer", "~> 3.1"
 gem "meta-tags", "~> 2.20"
 gem "public_uid", "~> 2.2"

Gemfile.lock

@@ -117,6 +117,11 @@ GEM
       railties (>= 4.1.0)
       responders
       warden (~> 1.2.3)
+    devise-two-factor (5.0.0)
+      activesupport (~> 7.0)
+      devise (~> 4.0)
+      railties (~> 7.0)
+      rotp (~> 6.0)
     docile (1.4.0)
     drb (2.2.1)
     dry-initializer (3.1.1)
@@ -265,6 +270,7 @@ GEM
       actionpack (>= 5.2)
       railties (>= 5.2)
     rexml (3.2.6)
+    rotp (6.3.0)
     rubocop (1.62.1)
       json (~> 2.3)
       language_server-protocol (>= 3.17.0)
@@ -385,6 +391,7 @@ DEPENDENCIES
   capybara
   debug
   devise (~> 4.9, >= 4.9.3)
+  devise-two-factor (~> 5.0.0)
   dry-initializer (~> 3.1)
   erb_lint
   factory_bot_rails (~> 6.4.3)

app/controllers/application_controller.rb

@@ -4,6 +4,13 @@ class ApplicationController < ActionController::Base
 
   before_action :authenticate_user!
   before_action :ensure_onboarded, unless: :devise_controller?
+  before_action :configure_permitted_parameters, if: :devise_controller?
+
+  protected
+
+  def configure_permitted_parameters
+    devise_parameter_sanitizer.permit(:sign_in, keys: [:otp_attempt])
+  end
 
   private
 

app/models/user.rb

@@ -1,6 +1,6 @@
 class User < ApplicationRecord
   # Include default devise modules.
-  devise :database_authenticatable, :registerable, :recoverable, :rememberable, :validatable, :confirmable, :lockable, :timeoutable, :trackable # , :omniauthable
+  devise :registerable, :recoverable, :rememberable, :validatable, :confirmable, :lockable, :timeoutable, :trackable, :two_factor_authenticatable # , :omniauthable
 
   # Access the users personal account.
   belongs_to :personal_account, class_name: "Account", optional: true, dependent: :destroy

config/initializers/devise.rb

@@ -9,6 +9,10 @@
 # Use this hook to configure devise mailer, warden hooks and so forth.
 # Many of these configuration options can be set straight in your model.
 Devise.setup do |config|
+  config.warden do |manager|
+    manager.default_strategies(scope: :user).unshift :two_factor_authenticatable
+  end
+
   # The secret key used by Devise. Devise uses this key to generate
   # random tokens. Changing this key will render invalid all existing
   # confirmation, reset password and unlock tokens in the database.

db/migrate/20240401110029_add_devise_two_factor_to_users.rb

@@ -0,0 +1,8 @@
+class AddDeviseTwoFactorToUsers < ActiveRecord::Migration[7.1]
+  def change
+    add_column :users, :otp_secret, :string
+    add_column :users, :consumed_timestep, :integer
+    add_column :users, :otp_required_for_login, :boolean, default: false
+    add_column :users, :otp_backup_codes, :text
+  end
+end

test/system/accounts/edit_acounts_test.rb

@@ -6,7 +6,7 @@ class EditAccountsTest < ApplicationSystemTestCase
 
     sign_in(user)
     visit edit_account_path
-    sleep 1
+    assert_selector("input[name='account[name]']")
 
     # Fill the personal account setup form
     fill_in "account[name]", with: "New name"