Merge branch 'security-59549-add-capcha-for-failed-logins' into 'master'

Require a captcha after unique failed logins from the same IP See merge request gitlab/gitlabhq!3270
author: GitLab Release Tools Bot <robert+release-tools@gitlab.com> 2019-08-29 21:34:12 +0000
committer: GitLab Release Tools Bot <robert+release-tools@gitlab.com> 2019-08-29 21:34:12 +0000
commit: a5b2a3786056ddf99de06c8315e9a42c3bf86cd5 (patch)
tree: b2e02a060e3df9a078706230ee7a6064ac4bbd85 /config
parent: e20fb7cb395e9c6594a098eddd816079259f64d9 (diff)
parent: dfcf4cf5f1e87a29f0d9fcc5ff2bba47258893bb (diff)
download: gitlab-ce-a5b2a3786056ddf99de06c8315e9a42c3bf86cd5.tar.gz
1 files changed, 1 insertions, 0 deletions
diff --git a/config/initializers/warden.rb b/config/initializers/warden.rb
index 1d2bb2bce0a..d8a4da8cdf9 100644
--- a/config/initializers/warden.rb
+++ b/config/initializers/warden.rb
@@ -19,6 +19,7 @@ Rails.application.configure do |config|
 
   Warden::Manager.after_authentication(scope: :user) do |user, auth, opts|
     ActiveSession.cleanup(user)
+    Gitlab::AnonymousSession.new(auth.request.remote_ip, session_id: auth.request.session.id).cleanup_session_per_ip_entries
   end
 
   Warden::Manager.after_set_user(scope: :user, only: :fetch) do |user, auth, opts|
author	GitLab Release Tools Bot <robert+release-tools@gitlab.com>	2019-08-29 21:34:12 +0000
committer	GitLab Release Tools Bot <robert+release-tools@gitlab.com>	2019-08-29 21:34:12 +0000
commit	a5b2a3786056ddf99de06c8315e9a42c3bf86cd5 (patch)
tree	b2e02a060e3df9a078706230ee7a6064ac4bbd85 /config
parent	e20fb7cb395e9c6594a098eddd816079259f64d9 (diff)
parent	dfcf4cf5f1e87a29f0d9fcc5ff2bba47258893bb (diff)
download	gitlab-ce-a5b2a3786056ddf99de06c8315e9a42c3bf86cd5.tar.gz