diff options
author | Robert Speicher <rspeicher@gmail.com> | 2016-02-03 13:31:12 -0500 |
---|---|---|
committer | Robert Speicher <rspeicher@gmail.com> | 2016-02-03 13:31:12 -0500 |
commit | d6ef6c634e58ae81113983c37a55515ad640f18f (patch) | |
tree | fc9e9a02df6046b3eb6670e2b1c5934b59fc82d1 /app/controllers/omniauth_callbacks_controller.rb | |
parent | d506b3f958654534de93f443b9a81ba4434c0b71 (diff) | |
download | gitlab-ce-rs-backport-ldap-2fa.tar.gz |
Support Two-factor Authentication for LDAP usersrs-backport-ldap-2fa
Closes #12653
Diffstat (limited to 'app/controllers/omniauth_callbacks_controller.rb')
-rw-r--r-- | app/controllers/omniauth_callbacks_controller.rb | 9 |
1 files changed, 7 insertions, 2 deletions
diff --git a/app/controllers/omniauth_callbacks_controller.rb b/app/controllers/omniauth_callbacks_controller.rb index 4c13228fce9..9cf76521a0d 100644 --- a/app/controllers/omniauth_callbacks_controller.rb +++ b/app/controllers/omniauth_callbacks_controller.rb @@ -1,4 +1,5 @@ class OmniauthCallbacksController < Devise::OmniauthCallbacksController + include AuthenticatesWithTwoFactor protect_from_forgery except: [:kerberos, :saml, :cas3] @@ -29,8 +30,12 @@ class OmniauthCallbacksController < Devise::OmniauthCallbacksController # Do additional LDAP checks for the user filter and EE features if ldap_user.allowed? - log_audit_event(@user, with: :ldap) - sign_in_and_redirect(@user) + if @user.two_factor_enabled? + prompt_for_two_factor(@user) + else + log_audit_event(@user, with: :ldap) + sign_in_and_redirect(@user) + end else flash[:alert] = "Access denied for your LDAP account." redirect_to new_user_session_path |