Merge remote-tracking branch 'upstream/master' into pipeline-hooks

* upstream/master: (107 commits)
  Fix external issue tracker "Issues" link leading to 404s
  Fix CHANGELOG entries related to 8.11 release.
  Fix changelog
  Reduce contributions calendar data payload
  Add lock_version to merge_requests table
  Add hover color to emoji icon
  Fix wrong Koding link
  Capitalize mentioned issue timeline notes
  Fix groups sort dropdown alignment
  Use icon helper
  Fix inline emoji text alignment
  Adds response mime type to transaction metric action when it's not HTML
  Moved two 8.11 changelog entries to 8.12
  Fix markdown link in doc_styleguide.md
  Display project icon from default branch
  Reduce number of database queries on builds tab
  Update CHANGELOG
  Update Issue board documentation
  Label list shows all issues (opened or closed) with that label
  Update CHANGELOG
  ...

1 files changed, 25 insertions, 0 deletions

diff --git a/lib/api/internal.rb b/lib/api/internal.rb
index d8e9ac406c4..5b54c11ef62 100644
--- a/lib/api/internal.rb
+++ b/lib/api/internal.rb
@@ -101,6 +101,31 @@ module API
           {}
         end
       end
+
+      post '/two_factor_recovery_codes' do
+        status 200
+
+        key = Key.find(params[:key_id])
+        user = key.user
+
+        # Make sure this isn't a deploy key
+        unless key.type.nil?
+          return { success: false, message: 'Deploy keys cannot be used to retrieve recovery codes' }
+        end
+
+        unless user.present?
+          return { success: false, message: 'Could not find a user for the given key' }
+        end
+
+        unless user.two_factor_enabled?
+          return { success: false, message: 'Two-factor authentication is not enabled for this user' }
+        end
+
+        codes = user.generate_otp_backup_codes!
+        user.save!
+
+        { success: true, recovery_codes: codes }
+      end
     end
   end
 end