diff options
author | Robert Speicher <rspeicher@gmail.com> | 2015-05-14 21:24:05 +0300 |
---|---|---|
committer | Robert Speicher <rspeicher@gmail.com> | 2015-05-14 21:24:05 +0300 |
commit | c802d8eee171d3e4c0cd7e6a16f69f1001255d07 (patch) | |
tree | c3f41c33e644b04a4cd9bf2aaa5f3084ac62e0c7 /app/controllers/sessions_controller.rb | |
parent | 37bc4bb19934c4a0eb84fd5e2556363f55d4d601 (diff) |
Refactor SessionsController to use a controller concern
Diffstat (limited to 'app/controllers/sessions_controller.rb')
-rw-r--r-- | app/controllers/sessions_controller.rb | 12 |
1 files changed, 3 insertions, 9 deletions
diff --git a/app/controllers/sessions_controller.rb b/app/controllers/sessions_controller.rb index d4ff0d97561..b89b4c27350 100644 --- a/app/controllers/sessions_controller.rb +++ b/app/controllers/sessions_controller.rb @@ -1,11 +1,7 @@ class SessionsController < Devise::SessionsController - prepend_before_action :authenticate_with_two_factor, only: [:create] + include AuthenticatesWithTwoFactor - # This action comes from DeviseController, but because we call `sign_in` - # manually inside `authenticate_with_two_factor`, not skipping this action - # would cause a "You are already signed in." error message to be shown upon - # successful login. - skip_before_action :require_no_authentication, only: [:create] + prepend_before_action :authenticate_with_two_factor, only: [:create] def new redirect_path = @@ -74,9 +70,7 @@ class SessionsController < Devise::SessionsController end else if user && user.valid_password?(user_params[:password]) - # Save the user's ID to session so we can ask for a one-time password - session[:otp_user_id] = user.id - render :two_factor and return + prompt_for_two_factor(user) end end end |