Account Security

Manage your account settings, active sessions, and connected applications.

Account Information

<%= form_with model: @user, url: profile_path, method: :patch, class: "space-y-6" do |form| %> <% if @user.errors.any? %>

<%= pluralize(@user.errors.count, "error") %> prohibited this from being saved:

    <% @user.errors.each do |error| %>
  • <%= error.full_message %>
    • <% end %>
<% end %>
<%= form.label :email_address, "Email Address", class: "block text-sm font-medium text-gray-700" %> <%= form.email_field :email_address, required: true, autocomplete: "email", class: "mt-1 block w-full rounded-md border-gray-300 shadow-sm focus:border-blue-500 focus:ring-blue-500 sm:text-sm" %>
<%= form.submit "Update Email", class: "inline-flex justify-center rounded-md border border-transparent bg-blue-600 py-2 px-4 text-sm font-medium text-white shadow-sm hover:bg-blue-700 focus:outline-none focus:ring-2 focus:ring-blue-500 focus:ring-offset-2" %>
<% end %>

Change Password

<%= form_with model: @user, url: profile_path, method: :patch, class: "space-y-6" do |form| %>
<%= form.label :current_password, "Current Password", class: "block text-sm font-medium text-gray-700" %> <%= form.password_field :current_password, autocomplete: "current-password", placeholder: "Enter current password", class: "mt-1 block w-full rounded-md border-gray-300 shadow-sm focus:border-blue-500 focus:ring-blue-500 sm:text-sm" %>
<%= form.label :password, "New Password", class: "block text-sm font-medium text-gray-700" %> <%= form.password_field :password, autocomplete: "new-password", placeholder: "Enter new password", class: "mt-1 block w-full rounded-md border-gray-300 shadow-sm focus:border-blue-500 focus:ring-blue-500 sm:text-sm" %>

Must be at least 8 characters

<%= form.label :password_confirmation, "Confirm New Password", class: "block text-sm font-medium text-gray-700" %> <%= form.password_field :password_confirmation, autocomplete: "new-password", placeholder: "Confirm new password", class: "mt-1 block w-full rounded-md border-gray-300 shadow-sm focus:border-blue-500 focus:ring-blue-500 sm:text-sm" %>
<%= form.submit "Update Password", class: "inline-flex justify-center rounded-md border border-transparent bg-blue-600 py-2 px-4 text-sm font-medium text-white shadow-sm hover:bg-blue-700 focus:outline-none focus:ring-2 focus:ring-blue-500 focus:ring-offset-2" %>
<% end %>

Two-Factor Authentication

Add an extra layer of security to your account by enabling two-factor authentication.

<% if @user.totp_enabled? %>

Two-factor authentication is enabled

<% else %> <%= link_to new_totp_path, class: "inline-flex items-center rounded-md border border-transparent bg-blue-600 px-4 py-2 text-sm font-medium text-white shadow-sm hover:bg-blue-700 focus:outline-none focus:ring-2 focus:ring-blue-500 focus:ring-offset-2" do %> Enable 2FA <% end %> <% end %>

Connected Applications

These applications have access to your account. You can revoke access at any time.

<% if @connected_applications.any? %>
    <% @connected_applications.each do |consent| %>

  • <%= consent.application.name %>

    Access to: <%= consent.formatted_scopes %>

    Authorized <%= time_ago_in_words(consent.granted_at) %> ago

    <%= button_to "Revoke Access", revoke_consent_profile_path(application_id: consent.application.id), method: :delete, class: "inline-flex items-center rounded-md border border-red-300 bg-white px-3 py-2 text-sm font-medium text-red-700 shadow-sm hover:bg-red-50 focus:outline-none focus:ring-2 focus:ring-red-500 focus:ring-offset-2", form: { data: { turbo_confirm: "Are you sure you want to revoke access to #{consent.application.name}? You'll need to re-authorize this application to use it again." } } %>
    • <% end %>
<% else %>

No connected applications.

<% end %>

Active Sessions

These devices are currently signed in to your account. Revoke any sessions that you don't recognize.

<% if @active_sessions.any? %>
    <% @active_sessions.each do |session| %>

  • <%= session.device_name || "Unknown Device" %> <% if session.id == Current.session.id %> This device <% end %>

    <%= session.ip_address %>

    Last active <%= time_ago_in_words(session.last_activity_at || session.updated_at) %> ago

    <% if session.id != Current.session.id %> <%= button_to "Revoke", session_path(session), method: :delete, class: "inline-flex items-center rounded-md border border-gray-300 bg-white px-3 py-2 text-sm font-medium text-gray-700 shadow-sm hover:bg-gray-50 focus:outline-none focus:ring-2 focus:ring-blue-500 focus:ring-offset-2", form: { data: { turbo_confirm: "Are you sure you want to revoke this session?" } } %> <% end %>
    • <% end %>
<% else %>

No other active sessions.

<% end %>

Security Actions

Use these actions to quickly secure your account. Be careful - these actions cannot be undone.

<% if @active_sessions.count > 1 %> <%= button_to "Sign Out Everywhere Else", session_path(Current.session), method: :delete, class: "inline-flex items-center rounded-md border border-orange-300 bg-white px-4 py-2 text-sm font-medium text-orange-700 shadow-sm hover:bg-orange-50 focus:outline-none focus:ring-2 focus:ring-orange-500 focus:ring-offset-2", form: { data: { turbo_confirm: "This will sign you out from all other devices except this one. Are you sure?" } } %> <% end %> <% if @connected_applications.any? %> <%= button_to "Revoke All App Access", revoke_all_consents_profile_path, method: :delete, class: "inline-flex items-center rounded-md border border-red-300 bg-white px-4 py-2 text-sm font-medium text-red-700 shadow-sm hover:bg-red-50 focus:outline-none focus:ring-2 focus:ring-red-500 focus:ring-offset-2", form: { data: { turbo_confirm: "This will revoke access from all connected applications. You'll need to re-authorize each application to use them again. Are you sure?" } } %> <% end %>