Merge branch 'fj-28141-redirection-loop' into 'master'

Removing the two factor check when the user sets a new password

Closes #28141

See merge request gitlab-org/gitlab-ce!17457

3 files changed, 16 insertions, 0 deletions

diff --git a/app/controllers/profiles/passwords_controller.rb b/app/controllers/profiles/passwords_controller.rb
index fa72f67c77e..b8ccc6e3c99 100644
--- a/app/controllers/profiles/passwords_controller.rb
+++ b/app/controllers/profiles/passwords_controller.rb
@@ -1,5 +1,6 @@
 class Profiles::PasswordsController < Profiles::ApplicationController
   skip_before_action :check_password_expiration, only: [:new, :create]
+  skip_before_action :check_two_factor_requirement, only: [:new, :create]
 
   before_action :set_user
   before_action :authorize_change_password!
diff --git a/changelogs/unreleased/fj-28141-redirection-loop.yml b/changelogs/unreleased/fj-28141-redirection-loop.yml
new file mode 100644
index 00000000000..db7e109a06e
--- /dev/null
+++ b/changelogs/unreleased/fj-28141-redirection-loop.yml
@@ -0,0 +1,5 @@
+---
+title: Removing the two factor check when the user sets a new password
+merge_request: 17457
+author:
+type: fixed
diff --git a/spec/features/profiles/password_spec.rb b/spec/features/profiles/password_spec.rb
index 1d7700b6767..f9c6ff90ca1 100644
--- a/spec/features/profiles/password_spec.rb
+++ b/spec/features/profiles/password_spec.rb
@@ -134,5 +134,15 @@ describe 'Profile > Password' do
 
       expect(current_path).to eq new_user_session_path
     end
+
+    context 'when global require_two_factor_authentication is enabled' do
+      it 'needs change user password' do
+        stub_application_setting(require_two_factor_authentication: true)
+
+        visit profile_path
+
+        expect(current_path).to eq new_profile_password_path
+      end
+    end
   end
 end