iachat/config/initializers
Tanmay Deep Sharma 239c4dcb91
feat: MFA (#12290)
## Linear:
- https://github.com/chatwoot/chatwoot/issues/486

## Description
This PR implements Multi-Factor Authentication (MFA) support for user
accounts, enhancing security by requiring a second form of verification
during login. The feature adds TOTP (Time-based One-Time Password)
authentication with QR code generation and backup codes for account
recovery.

## Type of change

- [ ] New feature (non-breaking change which adds functionality)

## How Has This Been Tested?

- Added comprehensive RSpec tests for MFA controller functionality
- Tested MFA setup flow with QR code generation
- Verified OTP validation and backup code generation
- Tested login flow with MFA enabled/disabled

## Checklist:

- [ ] My code follows the style guidelines of this project
- [ ] I have performed a self-review of my code
- [ ] I have commented on my code, particularly in hard-to-understand
areas
- [ ] I have made corresponding changes to the documentation
- [ ] My changes generate no new warnings
- [ ] I have added tests that prove my fix is effective or that my
feature works
- [ ] New and existing unit tests pass locally with my changes
- [ ] Any dependent changes have been merged and published in downstream
modules

---------

Co-authored-by: Pranav <pranav@chatwoot.com>
Co-authored-by: Sojan Jose <sojan@pepalo.com>
Co-authored-by: Muhsin Keloth <muhsinkeramam@gmail.com>
2025-09-18 20:19:24 +05:30
..
monkey_patches feat(ee): Add Captain features (#10665) 2025-01-14 16:15:47 -08:00
00_init.rb
01_inject_enterprise_edition_module.rb
01_redis.rb fix: Rack-attack disable double Redis pooling (#11545) 2025-05-21 20:00:11 -07:00
actioncable.rb chore: Enable the new Rubocop rules (#7122) 2023-05-19 14:37:10 +05:30
active_record_query_trace.rb
ai_agents.rb feat: scenario agents & runner (#11944) 2025-08-14 12:39:21 +05:30
application_controller_renderer.rb
assets.rb
audited.rb
backtrace_silencers.rb
content_security_policy.rb feat: Vite + vue 3 💚 (#10047) 2024-10-02 00:36:30 -07:00
cookies_serializer.rb
cors.rb feat: Allow CORS api access (#11546) 2025-05-22 10:13:15 +05:30
custom_error_codes.rb
datadog.rb
devise_token_auth.rb
devise.rb
event_handlers.rb
facebook_messenger.rb fix: Add delay to instagram/messenger echo events to prevent duplicate messages (#12032) 2025-07-24 21:11:02 +04:00
feature_policy.rb
filter_parameter_logging.rb feat: MFA (#12290) 2025-09-18 20:19:24 +05:30
geocoder.rb fix: ip-lookup database lazy loading for all environments (#8052) 2024-10-22 23:18:30 -07:00
git_sha.rb chore: fix git_sha in instance health (#8893) 2024-02-12 14:33:15 +05:30
inflections.rb
languages.rb chore: Add bulgarian (bg) language (#12189) 2025-08-13 10:23:25 -07:00
liquid_handler.rb
lograge.rb fix: Lograge issue on non api pages (#10193) 2024-10-01 16:53:27 -07:00
mailer.rb feat: Add smtp timeout options (#9613) 2024-06-17 22:36:37 -07:00
mime_types.rb
omniauth.rb feat: SAML authentication controllers [CW-2958] (#12319) 2025-09-10 20:02:27 +05:30
permissions_policy.rb
rack_attack.rb feat: MFA (#12290) 2025-09-18 20:19:24 +05:30
rack_profiler.rb chore: Improvements for codespace (#11667) 2025-06-04 00:21:23 -05:00
rack_timeout.rb chore: Set rack-timeout to log at ERROR level (#10400) 2024-11-11 12:35:05 -08:00
searchkick.rb feat(ee): Setup advanced, performant message search (#12193) 2025-08-28 10:10:28 +05:30
secure_password.rb
sentry.rb
session_store.rb
sidekiq.rb feat(ee): Add Captain features (#10665) 2025-01-14 16:15:47 -08:00
stripe.rb
warden_hooks.rb
wrap_parameters.rb