diff options
author | tiagonbotelho <tiagonbotelho@hotmail.com> | 2016-07-18 14:59:12 +0100 |
---|---|---|
committer | tiagonbotelho <tiagonbotelho@hotmail.com> | 2016-07-18 14:59:12 +0100 |
commit | 50f3d0d4f1392b3e45abe623506965016889cf8b (patch) | |
tree | 5e0dff94916042d4a3a33ffb4f42f21bd0d10535 /app/controllers/concerns | |
parent | c6097f24d32610d4c12ae0e9d16b72dc53cda9da (diff) | |
parent | 017ae313dc84682e260e960f93fb4a55af0df523 (diff) | |
download | gitlab-ce-50f3d0d4f1392b3e45abe623506965016889cf8b.tar.gz |
Merge branch 'master' into rename-repo-files
Diffstat (limited to 'app/controllers/concerns')
-rw-r--r-- | app/controllers/concerns/authenticates_with_two_factor.rb | 10 |
1 files changed, 4 insertions, 6 deletions
diff --git a/app/controllers/concerns/authenticates_with_two_factor.rb b/app/controllers/concerns/authenticates_with_two_factor.rb index 998b8adc411..ba07cea569c 100644 --- a/app/controllers/concerns/authenticates_with_two_factor.rb +++ b/app/controllers/concerns/authenticates_with_two_factor.rb @@ -57,7 +57,7 @@ module AuthenticatesWithTwoFactor # Authenticate using the response from a U2F (universal 2nd factor) device def authenticate_with_two_factor_via_u2f(user) - if U2fRegistration.authenticate(user, u2f_app_id, user_params[:device_response], session[:challenges]) + if U2fRegistration.authenticate(user, u2f_app_id, user_params[:device_response], session[:challenge]) # Remove any lingering user data from login session.delete(:otp_user_id) session.delete(:challenges) @@ -77,11 +77,9 @@ module AuthenticatesWithTwoFactor if key_handles.present? sign_requests = u2f.authentication_requests(key_handles) - challenges = sign_requests.map(&:challenge) - session[:challenges] = challenges - gon.push(u2f: { challenges: challenges, app_id: u2f_app_id, - sign_requests: sign_requests, - browser_supports_u2f: browser_supports_u2f? }) + session[:challenge] ||= u2f.challenge + gon.push(u2f: { challenge: session[:challenge], app_id: u2f_app_id, + sign_requests: sign_requests }) end end end |