summaryrefslogtreecommitdiff
path: root/app/controllers
diff options
context:
space:
mode:
authorGitLab Bot <gitlab-bot@gitlab.com>2020-09-04 03:16:09 +0000
committerGitLab Bot <gitlab-bot@gitlab.com>2020-09-04 03:16:09 +0000
commit242358bb7b8e031b9b975340750be33b19015cfa (patch)
tree55cf5342bc232ba517698a1f82e859d5fdf25fac /app/controllers
parent517f254952ababb661160d3afd659902d18e29cd (diff)
downloadgitlab-ce-242358bb7b8e031b9b975340750be33b19015cfa.tar.gz
Add latest changes from gitlab-org/gitlab@13-3-stable-ee
Diffstat (limited to 'app/controllers')
-rw-r--r--app/controllers/concerns/authenticates_with_two_factor.rb6
1 files changed, 5 insertions, 1 deletions
diff --git a/app/controllers/concerns/authenticates_with_two_factor.rb b/app/controllers/concerns/authenticates_with_two_factor.rb
index 2cc51c65c26..b93c98a4790 100644
--- a/app/controllers/concerns/authenticates_with_two_factor.rb
+++ b/app/controllers/concerns/authenticates_with_two_factor.rb
@@ -129,6 +129,10 @@ module AuthenticatesWithTwoFactor
def user_changed?(user)
return false unless session[:user_updated_at]
- user.updated_at != session[:user_updated_at]
+ # See: https://gitlab.com/gitlab-org/gitlab/-/issues/244638
+ # Rounding errors happen when the user is updated, as the Rails ActiveRecord
+ # object has higher precision than what is stored in the database, therefore
+ # using .to_i to force truncation to the timestamp
+ user.updated_at.to_i != session[:user_updated_at].to_i
end
end