diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2022-07-27 22:03:35 +0300 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2022-07-27 22:03:56 +0300 |
commit | d625f4e9fe78a69be0d481c20cba33b6dd88ef1a (patch) | |
tree | 510ee7d62fa2d6084a5058446cf61d328900325a /config/initializers | |
parent | 9b60052467242bbc071bcb0f74b7437fb3dfc870 (diff) |
Add latest changes from gitlab-org/security/gitlab@15-2-stable-ee
Diffstat (limited to 'config/initializers')
-rw-r--r-- | config/initializers/doorkeeper.rb | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/config/initializers/doorkeeper.rb b/config/initializers/doorkeeper.rb index 6ad8b02bfea..761904009bb 100644 --- a/config/initializers/doorkeeper.rb +++ b/config/initializers/doorkeeper.rb @@ -24,7 +24,11 @@ Doorkeeper.configure do resource_owner_from_credentials do |routes| user = Gitlab::Auth.find_with_user_password(params[:username], params[:password], increment_failed_attempts: true) - user unless user.try(:two_factor_enabled?) + + next unless user + next if user.two_factor_enabled? || Gitlab::Auth::TwoFactorAuthVerifier.new(user).two_factor_authentication_enforced? + + user end # If you want to restrict access to the web interface for adding oauth authorized applications, you need to declare the block below. |