summaryrefslogtreecommitdiff
path: root/app/controllers/sessions_controller.rb
diff options
context:
space:
mode:
Diffstat (limited to 'app/controllers/sessions_controller.rb')
-rw-r--r--app/controllers/sessions_controller.rb9
1 files changed, 7 insertions, 2 deletions
diff --git a/app/controllers/sessions_controller.rb b/app/controllers/sessions_controller.rb
index 318553b5e0a..61120c5b7d1 100644
--- a/app/controllers/sessions_controller.rb
+++ b/app/controllers/sessions_controller.rb
@@ -49,6 +49,8 @@ class SessionsController < Devise::SessionsController
# token mismatch.
protect_from_forgery with: :exception, prepend: true, except: :destroy
+ feature_category :authentication_and_authorization
+
CAPTCHA_HEADER = 'X-GitLab-Show-Login-Captcha'
MAX_FAILED_LOGIN_ATTEMPTS = 5
@@ -262,8 +264,11 @@ class SessionsController < Devise::SessionsController
end
def valid_otp_attempt?(user)
- user.validate_and_consume_otp!(user_params[:otp_attempt]) ||
- user.invalidate_otp_backup_code!(user_params[:otp_attempt])
+ otp_validation_result =
+ ::Users::ValidateOtpService.new(user).execute(user_params[:otp_attempt])
+ return true if otp_validation_result[:status] == :success
+
+ user.invalidate_otp_backup_code!(user_params[:otp_attempt])
end
def log_audit_event(user, resource, options = {})
View Lorry Controller Status