diff options
author | Illya Klymov <xanf@xanf.me> | 2019-04-18 05:35:43 +0300 |
---|---|---|
committer | Illya Klymov <xanf@xanf.me> | 2019-04-18 06:24:50 +0300 |
commit | 272d99369bf936ce12121fcda8517317131e92bb (patch) | |
tree | 1f4e52e31dff30ca3d2de25c760eb298cb4a6722 | |
parent | 2d4d25f30f416fca2aacbbd9eb20d832eddb5fc9 (diff) | |
download | gitlab-ce-ce-remove-already-signed-in.tar.gz |
Alternate approach to removing bannerce-remove-already-signed-in
-rw-r--r-- | app/controllers/concerns/authenticates_with_two_factor.rb | 7 | ||||
-rw-r--r-- | app/controllers/sessions_controller.rb | 12 | ||||
-rw-r--r-- | spec/features/users/login_spec.rb | 8 |
3 files changed, 16 insertions, 11 deletions
diff --git a/app/controllers/concerns/authenticates_with_two_factor.rb b/app/controllers/concerns/authenticates_with_two_factor.rb index d5c4712bd78..4926062f9ca 100644 --- a/app/controllers/concerns/authenticates_with_two_factor.rb +++ b/app/controllers/concerns/authenticates_with_two_factor.rb @@ -8,13 +8,6 @@ module AuthenticatesWithTwoFactor extend ActiveSupport::Concern - included do - # This action comes from DeviseController, but because we call `sign_in` - # manually, not skipping this action would cause a "You are already signed - # in." error message to be shown upon successful login. - skip_before_action :require_no_authentication, only: [:create], raise: false - end - # Store the user's ID in the session for later retrieval and render the # two factor code prompt # diff --git a/app/controllers/sessions_controller.rb b/app/controllers/sessions_controller.rb index 6943795e8ac..6fea61cf45d 100644 --- a/app/controllers/sessions_controller.rb +++ b/app/controllers/sessions_controller.rb @@ -8,6 +8,8 @@ class SessionsController < Devise::SessionsController include Recaptcha::Verify skip_before_action :check_two_factor_requirement, only: [:destroy] + # replaced with :require_no_authentication_without_flash + skip_before_action :require_no_authentication, only: [:new, :create] prepend_before_action :check_initial_setup, only: [:new] prepend_before_action :authenticate_with_two_factor, @@ -15,6 +17,8 @@ class SessionsController < Devise::SessionsController prepend_before_action :check_captcha, only: [:create] prepend_before_action :store_redirect_uri, only: [:new] prepend_before_action :ldap_servers, only: [:new, :create] + prepend_before_action :require_no_authentication_without_flash, only: [:new, :create] + before_action :auto_sign_in_with_provider, only: [:new] before_action :load_recaptcha @@ -54,6 +58,14 @@ class SessionsController < Devise::SessionsController private + def require_no_authentication_without_flash + require_no_authentication + + if flash[:alert] == I18n.t('devise.failure.already_authenticated') + flash[:alert] = nil + end + end + def captcha_enabled? request.headers[CAPTCHA_HEADER] && Gitlab::Recaptcha.enabled? end diff --git a/spec/features/users/login_spec.rb b/spec/features/users/login_spec.rb index 122191af146..efba303033b 100644 --- a/spec/features/users/login_spec.rb +++ b/spec/features/users/login_spec.rb @@ -137,7 +137,7 @@ describe 'Login' do enter_code(user.current_otp) - expect(page).not_to have_content('You are already signed in.') + expect(page).not_to have_content(I18n.t('devise.failure.already_authenticated')) end context 'using one-time code' do @@ -317,7 +317,7 @@ describe 'Login' do gitlab_sign_in(user) expect(current_path).to eq root_path - expect(page).not_to have_content('You are already signed in.') + expect(page).not_to have_content(I18n.t('devise.failure.already_authenticated')) end it 'does not show already signed in message when opening sign in page after login' do @@ -327,7 +327,7 @@ describe 'Login' do gitlab_sign_in(user) visit new_user_session_path - expect(page).not_to have_content('You are already signed in.') + expect(page).not_to have_content(I18n.t('devise.failure.already_authenticated')) end end @@ -589,7 +589,7 @@ describe 'Login' do click_button 'Accept terms' expect(current_path).to eq(root_path) - expect(page).not_to have_content('You are already signed in.') + expect(page).not_to have_content(I18n.t('devise.failure.already_authenticated')) end it 'does not ask for terms when the user already accepted them' do |