Add latest changes from gitlab-org/gitlab@13-7-stable-eev13.7.0-rc42

author: GitLab Bot <gitlab-bot@gitlab.com> 2020-12-17 14:59:07 +0300
committer: GitLab Bot <gitlab-bot@gitlab.com> 2020-12-17 14:59:07 +0300
commit: 8b573c94895dc0ac0e1d9d59cf3e8745e8b539ca (patch)
tree: 544930fb309b30317ae9797a9683768705d664c4 /lib/api/internal/base.rb
parent: 4b1de649d0168371549608993deac953eb692019 (diff)
1 files changed, 3 insertions, 1 deletions
diff --git a/lib/api/internal/base.rb b/lib/api/internal/base.rb
index 61ef1d5bde0..332f2f1986f 100644
--- a/lib/api/internal/base.rb
+++ b/lib/api/internal/base.rb
@@ -300,7 +300,7 @@ module API
         post '/two_factor_otp_check', feature_category: :authentication_and_authorization do
           status 200
 
-          break { success: false } unless Feature.enabled?(:two_factor_for_cli)
+          break { success: false, message: 'Feature flag is disabled' } unless Feature.enabled?(:two_factor_for_cli)
 
           actor.update_last_used_at!
           user = actor.user
@@ -316,6 +316,8 @@ module API
           otp_validation_result = ::Users::ValidateOtpService.new(user).execute(params.fetch(:otp_attempt))
 
           if otp_validation_result[:status] == :success
+            ::Gitlab::Auth::Otp::SessionEnforcer.new(actor.key).update_session
+
             { success: true }
           else
             { success: false, message: 'Invalid OTP' }
author	GitLab Bot <gitlab-bot@gitlab.com>	2020-12-17 14:59:07 +0300
committer	GitLab Bot <gitlab-bot@gitlab.com>	2020-12-17 14:59:07 +0300
commit	8b573c94895dc0ac0e1d9d59cf3e8745e8b539ca (patch)
tree	544930fb309b30317ae9797a9683768705d664c4 /lib/api/internal/base.rb
parent	4b1de649d0168371549608993deac953eb692019 (diff)