diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2022-04-20 10:00:54 +0000 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2022-04-20 10:00:54 +0000 |
commit | 3cccd102ba543e02725d247893729e5c73b38295 (patch) | |
tree | f36a04ec38517f5deaaacb5acc7d949688d1e187 /app/controllers/profiles/two_factor_auths_controller.rb | |
parent | 205943281328046ef7b4528031b90fbda70c75ac (diff) | |
download | gitlab-ce-3cccd102ba543e02725d247893729e5c73b38295.tar.gz |
Add latest changes from gitlab-org/gitlab@14-10-stable-eev14.10.0-rc42
Diffstat (limited to 'app/controllers/profiles/two_factor_auths_controller.rb')
-rw-r--r-- | app/controllers/profiles/two_factor_auths_controller.rb | 24 |
1 files changed, 14 insertions, 10 deletions
diff --git a/app/controllers/profiles/two_factor_auths_controller.rb b/app/controllers/profiles/two_factor_auths_controller.rb index 77fae34e2d2..48b0d313d3c 100644 --- a/app/controllers/profiles/two_factor_auths_controller.rb +++ b/app/controllers/profiles/two_factor_auths_controller.rb @@ -4,6 +4,7 @@ class Profiles::TwoFactorAuthsController < Profiles::ApplicationController skip_before_action :check_two_factor_requirement before_action :ensure_verified_primary_email, only: [:show, :create] before_action :validate_current_password, only: [:create, :codes, :destroy], if: :current_password_required? + before_action :update_current_user_otp!, only: [:show] helper_method :current_password_required? @@ -14,16 +15,6 @@ class Profiles::TwoFactorAuthsController < Profiles::ApplicationController feature_category :authentication_and_authorization def show - unless current_user.two_factor_enabled? - current_user.otp_secret = User.generate_otp_secret(32) - end - - unless current_user.otp_grace_period_started_at && two_factor_grace_period - current_user.otp_grace_period_started_at = Time.current - end - - Users::UpdateService.new(current_user, user: current_user).execute! - if two_factor_authentication_required? && !current_user.two_factor_enabled? two_factor_authentication_reason( global: lambda do @@ -68,6 +59,7 @@ class Profiles::TwoFactorAuthsController < Profiles::ApplicationController else @error = { message: _('Invalid pin code.') } @qr_code = build_qr_code + @account_string = account_string if Feature.enabled?(:webauthn, default_enabled: :yaml) setup_webauthn_registration @@ -138,6 +130,18 @@ class Profiles::TwoFactorAuthsController < Profiles::ApplicationController private + def update_current_user_otp! + if current_user.needs_new_otp_secret? + current_user.update_otp_secret! + end + + unless current_user.otp_grace_period_started_at && two_factor_grace_period + current_user.otp_grace_period_started_at = Time.current + end + + Users::UpdateService.new(current_user, user: current_user).execute! + end + def validate_current_password return if current_user.valid_password?(params[:current_password]) |