diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2020-10-21 10:08:36 +0300 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2020-10-21 10:08:36 +0300 |
commit | 48aff82709769b098321c738f3444b9bdaa694c6 (patch) | |
tree | e00c7c43e2d9b603a5a6af576b1685e400410dee /app/controllers/profiles/two_factor_auths_controller.rb | |
parent | 879f5329ee916a948223f8f43d77fba4da6cd028 (diff) |
Add latest changes from gitlab-org/gitlab@13-5-stable-eev13.5.0-rc42
Diffstat (limited to 'app/controllers/profiles/two_factor_auths_controller.rb')
-rw-r--r-- | app/controllers/profiles/two_factor_auths_controller.rb | 7 |
1 files changed, 6 insertions, 1 deletions
diff --git a/app/controllers/profiles/two_factor_auths_controller.rb b/app/controllers/profiles/two_factor_auths_controller.rb index 5de6d84fdd9..e2f8baa8226 100644 --- a/app/controllers/profiles/two_factor_auths_controller.rb +++ b/app/controllers/profiles/two_factor_auths_controller.rb @@ -6,6 +6,8 @@ class Profiles::TwoFactorAuthsController < Profiles::ApplicationController push_frontend_feature_flag(:webauthn) end + feature_category :authentication_and_authorization + def show unless current_user.two_factor_enabled? current_user.otp_secret = User.generate_otp_secret(32) @@ -45,7 +47,10 @@ class Profiles::TwoFactorAuthsController < Profiles::ApplicationController end def create - if current_user.validate_and_consume_otp!(params[:pin_code]) + otp_validation_result = + ::Users::ValidateOtpService.new(current_user).execute(params[:pin_code]) + + if otp_validation_result[:status] == :success ActiveSession.destroy_all_but_current(current_user, session) Users::UpdateService.new(current_user, user: current_user, otp_required_for_login: true).execute! do |user| |