From e2f9c87600e34a415d43c981e0182094b123771f Mon Sep 17 00:00:00 2001
From: Patricio Cano <suprnova32@gmail.com>
Date: Fri, 12 Aug 2016 16:16:12 -0500
Subject: Added checks for 2FA to the API `/sessions` endpoint and the Resource
 Owner Password Credentials flow.

---
 config/initializers/doorkeeper.rb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'config/initializers')

diff --git a/config/initializers/doorkeeper.rb b/config/initializers/doorkeeper.rb
index 618dba74151..f78f0cf7c5c 100644
--- a/config/initializers/doorkeeper.rb
+++ b/config/initializers/doorkeeper.rb
@@ -12,7 +12,7 @@ Doorkeeper.configure do
   end
 
   resource_owner_from_credentials do |routes|
-    Gitlab::Auth.find_with_user_password(params[:username], params[:password])
+    UserRetrievalService.new(params[:username], params[:password]).execute
   end
 
   # If you want to restrict access to the web interface for adding oauth authorized applications, you need to declare the block below.
-- 
cgit v1.2.1


From c29780086201b331091be3ba5df0653381cf0c2c Mon Sep 17 00:00:00 2001
From: Patricio Cano <suprnova32@gmail.com>
Date: Wed, 17 Aug 2016 11:56:50 -0500
Subject: Removed unnecessary service for user retrieval and improved API error
 message.

---
 config/initializers/doorkeeper.rb | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

(limited to 'config/initializers')

diff --git a/config/initializers/doorkeeper.rb b/config/initializers/doorkeeper.rb
index f78f0cf7c5c..6d08714dcf7 100644
--- a/config/initializers/doorkeeper.rb
+++ b/config/initializers/doorkeeper.rb
@@ -12,7 +12,8 @@ Doorkeeper.configure do
   end
 
   resource_owner_from_credentials do |routes|
-    UserRetrievalService.new(params[:username], params[:password]).execute
+    user = Gitlab::Auth.find_with_user_password(params[:username], params[:password])
+    user unless user && user.two_factor_enabled?
   end
 
   # If you want to restrict access to the web interface for adding oauth authorized applications, you need to declare the block below.
-- 
cgit v1.2.1


From a4137411c62d093a55dc171665dc90325182bb04 Mon Sep 17 00:00:00 2001
From: Patricio Cano <suprnova32@gmail.com>
Date: Wed, 17 Aug 2016 17:39:20 -0500
Subject: Small refactor and syntax fixes.

---
 config/initializers/doorkeeper.rb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'config/initializers')

diff --git a/config/initializers/doorkeeper.rb b/config/initializers/doorkeeper.rb
index 6d08714dcf7..fc4b0a72add 100644
--- a/config/initializers/doorkeeper.rb
+++ b/config/initializers/doorkeeper.rb
@@ -13,7 +13,7 @@ Doorkeeper.configure do
 
   resource_owner_from_credentials do |routes|
     user = Gitlab::Auth.find_with_user_password(params[:username], params[:password])
-    user unless user && user.two_factor_enabled?
+    user unless user.try(:two_factor_enabled?)
   end
 
   # If you want to restrict access to the web interface for adding oauth authorized applications, you need to declare the block below.
-- 
cgit v1.2.1