<% # Copyright (C) 2012 - present Instructure, Inc. # # This file is part of Canvas. # # Canvas is free software: you can redistribute it and/or modify it under # the terms of the GNU Affero General Public License as published by the Free # Software Foundation, version 3 of the License. # # Canvas is distributed in the hope that it will be useful, but WITHOUT ANY # WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR # A PARTICULAR PURPOSE. See the GNU Affero General Public License for more # details. # # You should have received a copy of the GNU Affero General Public License along # with this program. If not, see . %> <% css_bundle :otp_login js_bundle :otp_login @headers = false add_body_class "full-width modal body--login-confirmation" provide :page_title, t(:page_title, "Multi-factor Authentication") %>

<% if configuring? %>

<% if @current_user.mfa_settings(pseudonym_hint: @current_pseudonym) == :required %>

<%= t('details.mfa_required', "You are required to set up multi-factor authentication.") %>

<% end %>

<%= mt('details.mfa_enrollment', <<-BODY, :secret_key => session[:pending_otp_secret_key], :iphone_url => 'http://itunes.apple.com/us/app/google-authenticator/id388497605', :android_url => 'https://play.google.com/store/apps/details?id=com.google.android.apps.authenticator2') Multi-factor authentication increases security by requiring that you have something in your physical possession, in addition to knowing your password, in order to log in to Canvas. This can be a device that can generate verification codes, or a phone that can receive text messages. The Google Authenticator app for [iPhone](%{iphone_url}) or [Android](%{android_url}) can be configured by scanning the QR Code below. Other tokens can be configured by entering the secret key **%{secret_key}**. Once you have configured multi-factor authentication, it is recommended that you go to your profile page and print out a set of back-up codes, in case your normal multi-factor device is unavailable. BODY %>

<% ccs = @current_user.communication_channels.sms.unretired.map { |cc| [ cc.path, cc.id ] } %> <% unless ccs.empty? %> <% ccs << [ "<< #{t('select.new_number', "a new phone")} >>", '{{id}}' ] %> <%= form_for :otp_login, :url => send_otp_via_sms_path, :html => {:id => 'select_phone_form'} do |f| %> <%= t('details.send_to_sms', "Send text messages to %{phone_number}", :phone_number => f.select('otp_communication_channel_id', ccs, :selected => @cc.try(:id))) %> <% end %> <% end %> <%= form_for :otp_login, :url => send_otp_via_sms_path, :html => { :id => 'new_phone_form', :style => (hidden(false) unless ccs.empty?), :class => 'ic-Form-group' } do |f| %>

<%= f.blabel :phone_number, :en => 'Phone Number', :class => 'ic-Label' %>

<%= f.text_field :phone_number, :class => 'ic-Input' %>

<%= f.blabel :carrier, :en => 'Carrier', :class => 'ic-Label' %> <%= f.select :carrier, CommunicationChannel.sms_carriers_by_name, {}, { :class => 'ic-Input' } %>

<% unless ccs.empty? %> <%= t('links.choose_number', "Choose an existing phone") %> <% end %>

<% end %>

<% provisioning_uri = ROTP::TOTP.new(session[:pending_otp_secret_key]).provisioning_uri("Canvas") %> <% qr_code = Barby::QrCode.new(provisioning_uri) %>

<% end %>

<% if @cc %>

<%= t('details.otp_sent_to_phone', "A verification code has been sent to your phone. Please enter it here.") %>

<% else %>

<%= t('details.otp_on_device', "Please enter the verification code shown by your token.") %>

<% end %> <%= form_for :otp_login, :url => otp_login_path, :html => {:id => "login_form", :class => "ic-Form-group"} do |f| %>

<%= f.blabel :verification_code, :en => "Verification Code", :class => 'ic-Label' %> <%= f.text_field :verification_code, :class => "ic-Input", :autocomplete => 'off' %>

<%= f.check_box :remember_me %> <%= f.label :remember_me, :en => "Remember this computer" %>

<% end %>

<%= t 'titles.mfa', "Multi-factor Authentication" %>