Add config option to disable yubikey

Set 'can_use_yubikey' to false to disable yubikey
dennisreimann · Jun 20, 2011 · 98e301b · 98e301b
1 parent 7f671b8
commit 98e301b
Show file tree

Hide file tree

Showing 2 changed files with 37 additions and 35 deletions.
diff --git a/app/models/account.rb b/app/models/account.rb
@@ -97,7 +97,7 @@ def encrypt(password)
   def authenticated?(password)
     if password.length < 50 && !(yubico_identity? && yubikey_mandatory?) 
       encrypt(password) == crypted_password
-    else
+    elsif Masquerade::Application::Config['can_use_yubikey']
       password, yubico_otp = Account.split_password_and_yubico_otp(password)
       encrypt(password) == crypted_password && @authenticated_with_yubikey = yubikey_authenticated?(yubico_otp)
     end

diff --git a/app/views/accounts/edit.html.erb b/app/views/accounts/edit.html.erb
@@ -41,44 +41,46 @@
   <% end %>
 <% end %>
 
-<h2><%=t :my_yubikey %></h2>
-<% if @account.yubico_identity? %>
-<%= form_tag account_yubikey_association_path, :method => :delete do %>
-	<div class="row">
-		<p><%=t :your_account_is_associated_with_the_yubico_identity %> <strong><%= @account.yubico_identity %></strong></p>
-		<p class="note"><%=t :yubikey_how_to_use %></p>
-	</div>
-	<div>
-		<%= submit_tag t(:remove_association) %>
-	</div>
-<% end %>
+<% if Masquerade::Application::Config['can_use_yubikey'] %>
+  <h2><%=t :my_yubikey %></h2>
+  <% if @account.yubico_identity? %>
+  <%= form_tag account_yubikey_association_path, :method => :delete do %>
+    <div class="row">
+      <p><%=t :your_account_is_associated_with_the_yubico_identity %> <strong><%= @account.yubico_identity %></strong></p>
+      <p class="note"><%=t :yubikey_how_to_use %></p>
+    </div>
+    <div>
+      <%= submit_tag t(:remove_association) %>
+    </div>
+  <% end %>
 
-<%= form_for :account, :url => account_path, :html => { :method => :put } do |f| %>
-	<div>
-	  <p>
-	    <% if @account.yubikey_mandatory? %>
-	     <%=t :your_yubikey_is_mandatory_for_login %>
-	    <% else %>
-	     <%=t :your_yubikey_is_optional_for_login %>
-	    <% end %>
-	  </p>
+  <%= form_for :account, :url => account_path, :html => { :method => :put } do |f| %>
     <div>
-      <%= f.hidden_field :yubikey_mandatory, :value => (@account.yubikey_mandatory ? 0 : 1)  %>
-      <%= submit_tag( @account.yubikey_mandatory ? t(:make_my_yubikey_optional) : t(:make_my_yubikey_mandatory) ) %>
+      <p>
+        <% if @account.yubikey_mandatory? %>
+         <%=t :your_yubikey_is_mandatory_for_login %>
+        <% else %>
+         <%=t :your_yubikey_is_optional_for_login %>
+        <% end %>
+      </p>
+      <div>
+        <%= f.hidden_field :yubikey_mandatory, :value => (@account.yubikey_mandatory ? 0 : 1)  %>
+        <%= submit_tag( @account.yubikey_mandatory ? t(:make_my_yubikey_optional) : t(:make_my_yubikey_mandatory) ) %>
+      </div>
     </div>
-	</div>
-<% end %>
+  <% end %>
 
-<% else %>
-<%= form_tag account_yubikey_association_path do %>
-	<div class="row">
-		<%= label_tag :yubico_otp, t(:your_yubikey_a_one_time_password).html_safe %>
-  	<%= password_field_tag :yubico_otp %>
-	</div>
-	<div>
-		<%= submit_tag t(:associate_account_with_yubikey) %>
-	</div>
-<% end %>
+  <% else %>
+  <%= form_tag account_yubikey_association_path do %>
+    <div class="row">
+      <%= label_tag :yubico_otp, t(:your_yubikey_a_one_time_password).html_safe %>
+      <%= password_field_tag :yubico_otp %>
+    </div>
+    <div>
+      <%= submit_tag t(:associate_account_with_yubikey) %>
+    </div>
+  <% end %>
+  <% end %>
 <% end %>
 
 <% if Masquerade::Application::Config['can_disable_account'] %>