diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2021-09-29 15:57:02 +0300 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2021-09-29 15:57:02 +0300 |
commit | e0ab280b774e34fcfd6fd031616247714230ca68 (patch) | |
tree | 472ee2dcef05f242e1b861caa47a0a5179e92f4c /lib/gitlab/auth.rb | |
parent | 60b56b48afb89ed1890409b6c425f16549c4d28b (diff) |
Add latest changes from gitlab-org/security/gitlab@14-3-stable-ee
Diffstat (limited to 'lib/gitlab/auth.rb')
-rw-r--r-- | lib/gitlab/auth.rb | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/lib/gitlab/auth.rb b/lib/gitlab/auth.rb index 1afb2eda149..0970b92723b 100644 --- a/lib/gitlab/auth.rb +++ b/lib/gitlab/auth.rb @@ -172,7 +172,11 @@ module Gitlab user = find_with_user_password(login, password) return unless user - raise Gitlab::Auth::MissingPersonalAccessTokenError if user.two_factor_enabled? + verifier = TwoFactorAuthVerifier.new(user) + + if user.two_factor_enabled? || verifier.two_factor_authentication_enforced? + raise Gitlab::Auth::MissingPersonalAccessTokenError + end Gitlab::Auth::Result.new(user, nil, :gitlab_or_ldap, full_authentication_abilities) end |