diff options
Diffstat (limited to 'app/controllers/sessions_controller.rb')
| -rw-r--r-- | app/controllers/sessions_controller.rb | 10 |
1 files changed, 9 insertions, 1 deletions
diff --git a/app/controllers/sessions_controller.rb b/app/controllers/sessions_controller.rb index b8842b2efdb..4fcf82c605b 100644 --- a/app/controllers/sessions_controller.rb +++ b/app/controllers/sessions_controller.rb @@ -22,6 +22,7 @@ class SessionsController < Devise::SessionsController prepend_before_action :check_captcha, only: [:create] prepend_before_action :store_redirect_uri, only: [:new] prepend_before_action :require_no_authentication_without_flash, only: [:new, :create] + prepend_before_action :check_forbidden_password_based_login, if: -> { action_name == 'create' && password_based_login? } prepend_before_action :ensure_password_authentication_enabled!, if: -> { action_name == 'create' && password_based_login? } before_action :auto_sign_in_with_provider, only: [:new] @@ -313,6 +314,13 @@ class SessionsController < Devise::SessionsController def set_invite_params @invite_email = ActionController::Base.helpers.sanitize(params[:invite_email]) end + + def check_forbidden_password_based_login + if find_user&.password_based_login_forbidden? + flash[:alert] = _('You are not allowed to log in using password') + redirect_to new_user_session_path + end + end end -SessionsController.prepend_if_ee('EE::SessionsController') +SessionsController.prepend_mod_with('SessionsController') |