diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2021-05-19 18:44:42 +0300 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2021-05-19 18:44:42 +0300 |
commit | 4555e1b21c365ed8303ffb7a3325d773c9b8bf31 (patch) | |
tree | 5423a1c7516cffe36384133ade12572cf709398d /app/controllers/sessions_controller.rb | |
parent | e570267f2f6b326480d284e0164a6464ba4081bc (diff) |
Add latest changes from gitlab-org/gitlab@13-12-stable-eev13.12.0-rc42
Diffstat (limited to 'app/controllers/sessions_controller.rb')
-rw-r--r-- | app/controllers/sessions_controller.rb | 10 |
1 files changed, 9 insertions, 1 deletions
diff --git a/app/controllers/sessions_controller.rb b/app/controllers/sessions_controller.rb index b8842b2efdb..4fcf82c605b 100644 --- a/app/controllers/sessions_controller.rb +++ b/app/controllers/sessions_controller.rb @@ -22,6 +22,7 @@ class SessionsController < Devise::SessionsController prepend_before_action :check_captcha, only: [:create] prepend_before_action :store_redirect_uri, only: [:new] prepend_before_action :require_no_authentication_without_flash, only: [:new, :create] + prepend_before_action :check_forbidden_password_based_login, if: -> { action_name == 'create' && password_based_login? } prepend_before_action :ensure_password_authentication_enabled!, if: -> { action_name == 'create' && password_based_login? } before_action :auto_sign_in_with_provider, only: [:new] @@ -313,6 +314,13 @@ class SessionsController < Devise::SessionsController def set_invite_params @invite_email = ActionController::Base.helpers.sanitize(params[:invite_email]) end + + def check_forbidden_password_based_login + if find_user&.password_based_login_forbidden? + flash[:alert] = _('You are not allowed to log in using password') + redirect_to new_user_session_path + end + end end -SessionsController.prepend_if_ee('EE::SessionsController') +SessionsController.prepend_mod_with('SessionsController') |