diff options
| author | Timothy Andrew <mail@timothyandrew.net> | 2016-06-06 07:52:06 +0300 |
|---|---|---|
| committer | Timothy Andrew <mail@timothyandrew.net> | 2016-06-06 10:20:31 +0300 |
| commit | 4db19bb4455cd21e80097a3e547d8b266a884aea (patch) | |
| tree | 7de6810d76a9b6e6b0b4103d63a71a32cadde6a4 /app/controllers/sessions_controller.rb | |
| parent | 86b07caa599a7f064e9077770b1a87c670d7607c (diff) | |
Add a U2F-specific audit log entry after logging in.
- "two-factor" for OTP-based 2FA
- "two-factor-via-u2f-device" for U2F-based 2FA
- "standard" for non-2FA login
Diffstat (limited to 'app/controllers/sessions_controller.rb')
| -rw-r--r-- | app/controllers/sessions_controller.rb | 13 |
1 files changed, 11 insertions, 2 deletions
diff --git a/app/controllers/sessions_controller.rb b/app/controllers/sessions_controller.rb index 1c19c1cc1a8..f6eedb1773c 100644 --- a/app/controllers/sessions_controller.rb +++ b/app/controllers/sessions_controller.rb @@ -30,8 +30,7 @@ class SessionsController < Devise::SessionsController resource.update_attributes(reset_password_token: nil, reset_password_sent_at: nil) end - authenticated_with = user_params[:otp_attempt] ? "two-factor" : "standard" - log_audit_event(current_user, with: authenticated_with) + log_audit_event(current_user, with: authentication_method) end end @@ -117,4 +116,14 @@ class SessionsController < Devise::SessionsController def load_recaptcha Gitlab::Recaptcha.load_configurations! end + + def authentication_method + if user_params[:otp_attempt] + "two-factor" + elsif user_params[:device_response] + "two-factor-via-u2f-device" + else + "standard" + end + end end |