Strip out more inline javascript code. Encrypt backup codes and treat the backup codes attribute as a json array

2025-11-04 18:46:11 +11:00
parent bf104a9983
commit fb14ce032f
14 changed files with 336 additions and 248 deletions
--- a/config/routes.rb
+++ b/config/routes.rb
@@ -64,6 +64,8 @@ Rails.application.routes.draw do
  delete '/totp', to: 'totp#destroy'
  get '/totp/backup_codes', to: 'totp#backup_codes', as: :backup_codes_totp
  post '/totp/verify_password', to: 'totp#verify_password', as: :verify_password_totp
+  get '/totp/regenerate_backup_codes', to: 'totp#regenerate_backup_codes', as: :regenerate_backup_codes_totp
+  post '/totp/regenerate_backup_codes', to: 'totp#create_new_backup_codes', as: :create_new_backup_codes_totp

  # WebAuthn (Passkeys) routes
  get '/webauthn/new', to: 'webauthn#new', as: :new_webauthn