diff options
author | Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> | 2015-03-31 04:19:01 +0300 |
---|---|---|
committer | Robert Speicher <rspeicher@gmail.com> | 2015-05-09 17:31:10 -0400 |
commit | de9e1c3bad18e4ca00cfdced75e5cc4c42905761 (patch) | |
tree | 5055c3d39cfda527139deda9758a8ee87ac5f03c /app/controllers/sessions_controller.rb | |
parent | 50a2a229e7b8b789a199bd0cf84ce76d25201198 (diff) | |
download | gitlab-ce-de9e1c3bad18e4ca00cfdced75e5cc4c42905761.tar.gz |
Turn 2-factor authentication into 2 steps process. Disabled 2fa UI for ldap users since it is not supported
Diffstat (limited to 'app/controllers/sessions_controller.rb')
-rw-r--r-- | app/controllers/sessions_controller.rb | 24 |
1 files changed, 24 insertions, 0 deletions
diff --git a/app/controllers/sessions_controller.rb b/app/controllers/sessions_controller.rb index 3f11d7afe6f..68cd02b2d79 100644 --- a/app/controllers/sessions_controller.rb +++ b/app/controllers/sessions_controller.rb @@ -1,4 +1,6 @@ class SessionsController < Devise::SessionsController + prepend_before_filter :two_factor_enabled?, only: :create + def new redirect_path = if request.referer.present? && (params['redirect_to_referer'] == 'yes') @@ -34,4 +36,26 @@ class SessionsController < Devise::SessionsController end end end + + private + + def two_factor_enabled? + user_params = params[:user] + @user = User.by_login(user_params[:login]) + + if user_params[:otp_attempt].present? + unless @user.valid_otp?(user_params[:otp_attempt]) + @error = 'Invalid two-factor code' + render :two_factor and return + end + else + if @user && @user.valid_password?(params[:user][:password]) + self.resource = @user + + if resource.otp_required_for_login + render :two_factor and return + end + end + end + end end |