Fix #795, fix #704, fix #835 - 2FA requires confirmation to be enabled (#1278)

* Fix #795, fix #704, fix #835 - 2FA requires confirmation to be enabled
TOTP secret is not shown again after 2FA is enabled

* Clean up

config/locales/en.yml

@@ -94,6 +94,10 @@ en:
       following: Following list
     upload: Upload
   landing_strip_html: <strong>%{name}</strong> is a user on <strong>%{domain}</strong>. You can follow them or interact with them if you have an account anywhere in the fediverse. If you don't, you can <a href="%{sign_up_path}">sign up here</a>.
+  media_attachments:
+    validations:
+      images_and_video: Cannot attach a video to a status that already contains images
+      too_many: Cannot attach more than 4 files
   notification_mailer:
     digest:
       body: 'Here is a brief summary of what you missed on %{instance} since your last visit on %{since}:'
@@ -152,18 +156,18 @@ en:
     formats:
       default: "%b %d, %Y, %H:%M"
   two_factor_auth:
+    code_hint: Enter the code generated by your authenticator app to confirm
     description_html: If you enable <strong>two-factor authentication</strong>, logging in will require you to be in possession of your phone, which will generate tokens for you to enter.
     disable: Disable
     enable: Enable
-    instructions_html: "<strong>Scan this QR code into Google Authenticator or a similiar app on your phone</strong>. From now on, that app will generate tokens that you will have to enter when logging in."
-    plaintext_secret_html: 'Plain-text secret: <samp>%{secret}</samp>'
+    enabled_success: Two-factor authentication successfully enabled
+    instructions_html: "<strong>Scan this QR code into Google Authenticator or a similiar TOTP app on your phone</strong>. From now on, that app will generate tokens that you will have to enter when logging in."
+    manual_instructions: 'If you can''t scan the QR code and need to enter it manually, here is the plain-text secret:'
+    setup: Set up
     warning: If you cannot configure an authenticator app right now, you should click "disable" or you won't be able to login.
+    wrong_code: The entered code was invalid! Are server time and device time correct?
   users:
     invalid_email: The e-mail address is invalid
     invalid_otp_token: Invalid two-factor code
   will_paginate:
     page_gap: "&hellip;"
-  media_attachments:
-    validations:
-      too_many: Cannot attach more than 4 files
-      images_and_video: Cannot attach a video to a status that already contains images

config/navigation.rb

@@ -8,7 +8,7 @@ SimpleNavigation::Configuration.run do |navigation|
       settings.item :profile, safe_join([fa_icon('user fw'), t('settings.edit_profile')]), settings_profile_url
       settings.item :preferences, safe_join([fa_icon('sliders fw'), t('settings.preferences')]), settings_preferences_url
       settings.item :password, safe_join([fa_icon('cog fw'), t('auth.change_password')]), edit_user_registration_url
-      settings.item :two_factor_auth, safe_join([fa_icon('mobile fw'), t('settings.two_factor_auth')]), settings_two_factor_auth_url
+      settings.item :two_factor_auth, safe_join([fa_icon('mobile fw'), t('settings.two_factor_auth')]), settings_two_factor_auth_url, highlights_on: %r{/settings/two_factor_auth}
       settings.item :import, safe_join([fa_icon('cloud-upload fw'), t('settings.import')]), settings_import_url
       settings.item :export, safe_join([fa_icon('cloud-download fw'), t('settings.export')]), settings_export_url
       settings.item :authorized_apps, safe_join([fa_icon('list fw'), t('settings.authorized_apps')]), oauth_authorized_applications_url

config/routes.rb

@@ -60,9 +60,8 @@ Rails.application.routes.draw do
       end
     end
 
-    resource :two_factor_auth, only: [:show] do
+    resource :two_factor_auth, only: [:show, :new, :create] do
       member do
-        post :enable
         post :disable
       end
     end