Merge branch 'dm-session-delete-challenge' into 'master'

Delete correct key from `session` after authenticating using U2F Closes #36096 See merge request !13499
author: Robert Speicher <robert@gitlab.com> 2017-08-11 17:56:40 +0300
committer: Robert Speicher <robert@gitlab.com> 2017-08-11 17:56:40 +0300
commit: 69eb4be7ec8d978580c51d4ead157001511d4768 (patch)
tree: cbdaab2477a0c6625de2c8ee6214010aa72c9d7b
parent: e80a893ff0ea8466099f6478183631af55933db2 (diff)
parent: 8bfae74e9c6b6dde6f2e33d9ea45e43c8c4004a7 (diff)
1 files changed, 1 insertions, 1 deletions
diff --git a/app/controllers/concerns/authenticates_with_two_factor.rb b/app/controllers/concerns/authenticates_with_two_factor.rb
index ea441b1736b..b75e401a8df 100644
--- a/app/controllers/concerns/authenticates_with_two_factor.rb
+++ b/app/controllers/concerns/authenticates_with_two_factor.rb
@@ -69,7 +69,7 @@ module AuthenticatesWithTwoFactor
     if U2fRegistration.authenticate(user, u2f_app_id, user_params[:device_response], session[:challenge])
       # Remove any lingering user data from login
       session.delete(:otp_user_id)
-      session.delete(:challenges)
+      session.delete(:challenge)
 
       remember_me(user) if user_params[:remember_me] == '1'
       sign_in(user)
author	Robert Speicher <robert@gitlab.com>	2017-08-11 17:56:40 +0300
committer	Robert Speicher <robert@gitlab.com>	2017-08-11 17:56:40 +0300
commit	69eb4be7ec8d978580c51d4ead157001511d4768 (patch)
tree	cbdaab2477a0c6625de2c8ee6214010aa72c9d7b
parent	e80a893ff0ea8466099f6478183631af55933db2 (diff)
parent	8bfae74e9c6b6dde6f2e33d9ea45e43c8c4004a7 (diff)