mirror of
https://github.com/chatwoot/chatwoot.git
synced 2026-07-01 21:03:46 +08:00
## Linear: - https://github.com/chatwoot/chatwoot/issues/486 ## Description This PR implements Multi-Factor Authentication (MFA) support for user accounts, enhancing security by requiring a second form of verification during login. The feature adds TOTP (Time-based One-Time Password) authentication with QR code generation and backup codes for account recovery. ## Type of change - [ ] New feature (non-breaking change which adds functionality) ## How Has This Been Tested? - Added comprehensive RSpec tests for MFA controller functionality - Tested MFA setup flow with QR code generation - Verified OTP validation and backup code generation - Tested login flow with MFA enabled/disabled ## Checklist: - [ ] My code follows the style guidelines of this project - [ ] I have performed a self-review of my code - [ ] I have commented on my code, particularly in hard-to-understand areas - [ ] I have made corresponding changes to the documentation - [ ] My changes generate no new warnings - [ ] I have added tests that prove my fix is effective or that my feature works - [ ] New and existing unit tests pass locally with my changes - [ ] Any dependent changes have been merged and published in downstream modules --------- Co-authored-by: Pranav <pranav@chatwoot.com> Co-authored-by: Sojan Jose <sojan@pepalo.com> Co-authored-by: Muhsin Keloth <muhsinkeramam@gmail.com> |
||
|---|---|---|
| .. | ||
| monkey_patches | ||
| 00_init.rb | ||
| 01_inject_enterprise_edition_module.rb | ||
| 01_redis.rb | ||
| actioncable.rb | ||
| active_record_query_trace.rb | ||
| ai_agents.rb | ||
| application_controller_renderer.rb | ||
| assets.rb | ||
| audited.rb | ||
| backtrace_silencers.rb | ||
| content_security_policy.rb | ||
| cookies_serializer.rb | ||
| cors.rb | ||
| custom_error_codes.rb | ||
| datadog.rb | ||
| devise_token_auth.rb | ||
| devise.rb | ||
| event_handlers.rb | ||
| facebook_messenger.rb | ||
| feature_policy.rb | ||
| filter_parameter_logging.rb | ||
| geocoder.rb | ||
| git_sha.rb | ||
| inflections.rb | ||
| languages.rb | ||
| liquid_handler.rb | ||
| lograge.rb | ||
| mailer.rb | ||
| mime_types.rb | ||
| omniauth.rb | ||
| permissions_policy.rb | ||
| rack_attack.rb | ||
| rack_profiler.rb | ||
| rack_timeout.rb | ||
| searchkick.rb | ||
| secure_password.rb | ||
| sentry.rb | ||
| session_store.rb | ||
| sidekiq.rb | ||
| stripe.rb | ||
| warden_hooks.rb | ||
| wrap_parameters.rb | ||