diff options
Diffstat (limited to 'app/models/user.rb')
| -rw-r--r-- | app/models/user.rb | 17 |
1 files changed, 17 insertions, 0 deletions
diff --git a/app/models/user.rb b/app/models/user.rb index 9fb3c47e143..65ff4c98b15 100644 --- a/app/models/user.rb +++ b/app/models/user.rb @@ -1715,6 +1715,23 @@ class User < ApplicationRecord super end + # This is copied from Devise::Models::TwoFactorAuthenticatable#consume_otp! + # + # An OTP cannot be used more than once in a given timestep + # Storing timestep of last valid OTP is sufficient to satisfy this requirement + # + # See: + # <https://github.com/tinfoil/devise-two-factor/blob/master/lib/devise_two_factor/models/two_factor_authenticatable.rb#L66> + # + def consume_otp! + if self.consumed_timestep != current_otp_timestep + self.consumed_timestep = current_otp_timestep + return Gitlab::Database.read_only? ? true : save(validate: false) + end + + false + end + private def default_private_profile_to_false |