diff options
Diffstat (limited to 'app/controllers/sessions_controller.rb')
-rw-r--r-- | app/controllers/sessions_controller.rb | 8 |
1 files changed, 5 insertions, 3 deletions
diff --git a/app/controllers/sessions_controller.rb b/app/controllers/sessions_controller.rb index bbd7e5d5725..7e8e3ea8789 100644 --- a/app/controllers/sessions_controller.rb +++ b/app/controllers/sessions_controller.rb @@ -32,7 +32,7 @@ class SessionsController < Devise::SessionsController before_action :load_recaptcha before_action :set_invite_params, only: [:new] before_action do - push_frontend_feature_flag(:webauthn) + push_frontend_feature_flag(:webauthn, default_enabled: :yaml) end after_action :log_failed_login, if: :action_new_and_failed_login? @@ -84,6 +84,8 @@ class SessionsController < Devise::SessionsController end def destroy + headers['Clear-Site-Data'] = '"*"' + Gitlab::AppLogger.info("User Logout: username=#{current_user.username} ip=#{request.remote_ip}") super # hide the signed_out notice @@ -303,9 +305,9 @@ class SessionsController < Devise::SessionsController def authentication_method if user_params[:otp_attempt] AuthenticationEvent::TWO_FACTOR - elsif user_params[:device_response] && Feature.enabled?(:webauthn) + elsif user_params[:device_response] && Feature.enabled?(:webauthn, default_enabled: :yaml) AuthenticationEvent::TWO_FACTOR_WEBAUTHN - elsif user_params[:device_response] && !Feature.enabled?(:webauthn) + elsif user_params[:device_response] && !Feature.enabled?(:webauthn, default_enabled: :yaml) AuthenticationEvent::TWO_FACTOR_U2F else AuthenticationEvent::STANDARD |