Add latest changes from gitlab-org/gitlab@16-5-stable-eev16.5.0-rc42

author: GitLab Bot <gitlab-bot@gitlab.com> 2023-10-19 15:57:54 +0300
committer: GitLab Bot <gitlab-bot@gitlab.com> 2023-10-19 15:57:54 +0300
commit: 419c53ec62de6e97a517abd5fdd4cbde3a942a34 (patch)
tree: 1f43a548b46bca8a5fb8fe0c31cef1883d49c5b6 /config/initializers/doorkeeper.rb
parent: 1da20d9135b3ad9e75e65b028bffc921aaf8deb7 (diff)
1 files changed, 5 insertions, 4 deletions
diff --git a/config/initializers/doorkeeper.rb b/config/initializers/doorkeeper.rb
index f343c20dfe4..3572c30cdd3 100644
--- a/config/initializers/doorkeeper.rb
+++ b/config/initializers/doorkeeper.rb
@@ -22,13 +22,14 @@ Doorkeeper.configure do
     end
   end
 
-  resource_owner_from_credentials do |routes|
-    user = Gitlab::Auth.find_with_user_password(params[:username], params[:password], increment_failed_attempts: true)
-
+  resource_owner_from_credentials do |_routes|
+    user = User.find_by_login(params[:username])
     next unless user
+
+    next if user.password_automatically_set?
     next if user.two_factor_enabled? || Gitlab::Auth::TwoFactorAuthVerifier.new(user).two_factor_authentication_enforced?
 
-    user
+    Gitlab::Auth.find_with_user_password(params[:username], params[:password], increment_failed_attempts: true)
   end
 
   # If you want to restrict access to the web interface for adding oauth authorized applications, you need to declare the block below.
author	GitLab Bot <gitlab-bot@gitlab.com>	2023-10-19 15:57:54 +0300
committer	GitLab Bot <gitlab-bot@gitlab.com>	2023-10-19 15:57:54 +0300
commit	419c53ec62de6e97a517abd5fdd4cbde3a942a34 (patch)
tree	1f43a548b46bca8a5fb8fe0c31cef1883d49c5b6 /config/initializers/doorkeeper.rb
parent	1da20d9135b3ad9e75e65b028bffc921aaf8deb7 (diff)