diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2021-10-12 15:35:06 +0000 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2021-10-12 15:35:06 +0000 |
commit | 012cbda407a30ab14e57ece581d720b22b47fe5a (patch) | |
tree | 62a559d2a0843d2d9700af1bb01a15cbfcee2190 /app/controllers | |
parent | 92acfb1b8a9019b3fa3c817d251b2624d55da26d (diff) | |
download | gitlab-ce-012cbda407a30ab14e57ece581d720b22b47fe5a.tar.gz |
Add latest changes from gitlab-org/gitlab@14-3-stable-ee
Diffstat (limited to 'app/controllers')
-rw-r--r-- | app/controllers/profiles/two_factor_auths_controller.rb | 8 |
1 files changed, 7 insertions, 1 deletions
diff --git a/app/controllers/profiles/two_factor_auths_controller.rb b/app/controllers/profiles/two_factor_auths_controller.rb index d1b9485f06d..de22a0e47d5 100644 --- a/app/controllers/profiles/two_factor_auths_controller.rb +++ b/app/controllers/profiles/two_factor_auths_controller.rb @@ -3,7 +3,9 @@ class Profiles::TwoFactorAuthsController < Profiles::ApplicationController skip_before_action :check_two_factor_requirement before_action :ensure_verified_primary_email, only: [:show, :create] - before_action :validate_current_password, only: [:create, :codes, :destroy] + before_action :validate_current_password, only: [:create, :codes, :destroy], if: :current_password_required? + + helper_method :current_password_required? before_action do push_frontend_feature_flag(:webauthn) @@ -144,6 +146,10 @@ class Profiles::TwoFactorAuthsController < Profiles::ApplicationController redirect_to profile_two_factor_auth_path, alert: _('You must provide a valid current password') end + def current_password_required? + !current_user.password_automatically_set? + end + def build_qr_code uri = current_user.otp_provisioning_uri(account_string, issuer: issuer_host) RQRCode.render_qrcode(uri, :svg, level: :m, unit: 3) |