diff options
author | Rémy Coutable <remy@rymai.me> | 2016-10-04 15:04:57 +0000 |
---|---|---|
committer | Rémy Coutable <remy@rymai.me> | 2016-10-04 15:04:57 +0000 |
commit | b8005b6112d7322ff8b2cf0a1e55e6c56f0fcba3 (patch) | |
tree | a802cabde9fe3fe9efe4a25cc09e7360399b27b8 /app/models | |
parent | 385817a11f568ca8fa165eaf57fa88789fc6fcd5 (diff) | |
parent | 194fbc3c3d4b068f191fca75488b986df88c5333 (diff) | |
download | gitlab-ce-b8005b6112d7322ff8b2cf0a1e55e6c56f0fcba3.tar.gz |
Merge branch 'restrict-failed-2fa-attempts' into 'master'
Restrict failed login attempts from users with 2FA enabled.
Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/19799.
See merge request !6668
Diffstat (limited to 'app/models')
-rw-r--r-- | app/models/user.rb | 16 |
1 files changed, 16 insertions, 0 deletions
diff --git a/app/models/user.rb b/app/models/user.rb index 6996740eebd..7f5a8562907 100644 --- a/app/models/user.rb +++ b/app/models/user.rb @@ -827,6 +827,22 @@ class User < ActiveRecord::Base todos_pending_count(force: true) end + # This is copied from Devise::Models::Lockable#valid_for_authentication?, as our auth + # flow means we don't call that automatically (and can't conveniently do so). + # + # See: + # <https://github.com/plataformatec/devise/blob/v4.0.0/lib/devise/models/lockable.rb#L92> + # + def increment_failed_attempts! + self.failed_attempts ||= 0 + self.failed_attempts += 1 + if attempts_exceeded? + lock_access! unless access_locked? + else + save(validate: false) + end + end + private def projects_union(min_access_level = nil) |