Remove `vue_2fa_recovery_codes` feature flag
What does this MR do?
Remove vue_2fa_recovery_codes
feature flag that was introduced in !49078 (merged) and defaulted to on
in !49493 (merged)
Local testing
- Navigate to
/-/profile/account
- Click "Enable two-factor authentication"
- Open up 1Password
- Click + icon and then "Login"
- Create a new "One-Time Password" section
- Click the QR icon left of the dropdown that was just used
- Drag the QR window over the QR code
- Paste the OTP in the "Pin code" field and click "Register with two-factor app"
Lock yourself out of GDK by accident?
No need to panic
bin/rails console
-
user = User.find(1)
(or whatever ID your user is, default admin is1
) TwoFactor::DestroyService.new(user, user: user).execute
Screenshots (strongly suggested)
No visual changes, screenshot below for context
(not real recovery codes)
Old view (before vue_2fa_recovery_codes was introduced) |
New view |
---|---|
Does this MR meet the acceptance criteria?
Conformity
- [-] Changelog entry
- Not needed, already added when FF was defaulted to
on
- Not needed, already added when FF was defaulted to
- [-] Documentation (if required)
- Already updated in !49957 (merged)
-
Code review guidelines -
Merge request performance guidelines -
Style guides - [-] Database guides
-
Separation of EE specific content
Availability and Testing
-
Review and add/update tests for this feature/bug. Consider all test levels. See the Test Planning Process. -
Tested in all supported browsers - [-] Informed Infrastructure department of a default or new setting change, if applicable per definition of done
Security
If this MR contains changes to processing or storing of credentials or tokens, authorization and authentication methods and other items described in the security review guidelines:
-
Label as security and @ mention @gitlab-com/gl-security/appsec
- Already reviewed in !49078 (merged)
-
The MR includes necessary changes to maintain consistency between UI, API, email, or other methods -
Security reports checked/validated by a reviewer from the AppSec team
Related to #290113 (closed)
Edited by Peter Hegman