diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2020-03-26 12:07:48 +0000 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2020-03-26 12:07:48 +0000 |
commit | ef31adeb0fb9a02b2c6a4529ec4e38d7082a4b2b (patch) | |
tree | f0ee2b8bdffd7f91ad0b31388562c90825179585 /app/models/user.rb | |
parent | 7e019504f5ac6decde690565857238e7e59aa034 (diff) | |
download | gitlab-ce-ef31adeb0fb9a02b2c6a4529ec4e38d7082a4b2b.tar.gz |
Add latest changes from gitlab-org/gitlab@master
Diffstat (limited to 'app/models/user.rb')
-rw-r--r-- | app/models/user.rb | 17 |
1 files changed, 17 insertions, 0 deletions
diff --git a/app/models/user.rb b/app/models/user.rb index 9fb3c47e143..65ff4c98b15 100644 --- a/app/models/user.rb +++ b/app/models/user.rb @@ -1715,6 +1715,23 @@ class User < ApplicationRecord super end + # This is copied from Devise::Models::TwoFactorAuthenticatable#consume_otp! + # + # An OTP cannot be used more than once in a given timestep + # Storing timestep of last valid OTP is sufficient to satisfy this requirement + # + # See: + # <https://github.com/tinfoil/devise-two-factor/blob/master/lib/devise_two_factor/models/two_factor_authenticatable.rb#L66> + # + def consume_otp! + if self.consumed_timestep != current_otp_timestep + self.consumed_timestep = current_otp_timestep + return Gitlab::Database.read_only? ? true : save(validate: false) + end + + false + end + private def default_private_profile_to_false |