diff options
| author | Douwe Maan <douwe@gitlab.com> | 2017-08-11 10:54:03 +0000 |
|---|---|---|
| committer | Douwe Maan <douwe@gitlab.com> | 2017-08-11 10:54:03 +0000 |
| commit | 8bfae74e9c6b6dde6f2e33d9ea45e43c8c4004a7 (patch) | |
| tree | 7e5a3d4275515f7d3c2d866c61b4743a4b00353f | |
| parent | 86f5a4aaf19935b4d23a81426c1576bc16024696 (diff) | |
| download | gitlab-ce-dm-session-delete-challenge.tar.gz | |
Delete correct key from `session` after authenticating using U2Fdm-session-delete-challenge
| -rw-r--r-- | app/controllers/concerns/authenticates_with_two_factor.rb | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/app/controllers/concerns/authenticates_with_two_factor.rb b/app/controllers/concerns/authenticates_with_two_factor.rb index ea441b1736b..b75e401a8df 100644 --- a/app/controllers/concerns/authenticates_with_two_factor.rb +++ b/app/controllers/concerns/authenticates_with_two_factor.rb @@ -69,7 +69,7 @@ module AuthenticatesWithTwoFactor if U2fRegistration.authenticate(user, u2f_app_id, user_params[:device_response], session[:challenge]) # Remove any lingering user data from login session.delete(:otp_user_id) - session.delete(:challenges) + session.delete(:challenge) remember_me(user) if user_params[:remember_me] == '1' sign_in(user) |