From 8e3523281051490ff696bfd85bea1195c046c87c Mon Sep 17 00:00:00 2001
From: GitLab Bot <gitlab-bot@gitlab.com>
Date: Wed, 2 Sep 2020 15:10:54 +0000
Subject: Add latest changes from gitlab-org/gitlab@master

---
 app/controllers/sessions_controller.rb | 13 +++++++++----
 1 file changed, 9 insertions(+), 4 deletions(-)

(limited to 'app/controllers/sessions_controller.rb')

diff --git a/app/controllers/sessions_controller.rb b/app/controllers/sessions_controller.rb
index baf7a05f8ba..5da2bafbcb3 100644
--- a/app/controllers/sessions_controller.rb
+++ b/app/controllers/sessions_controller.rb
@@ -8,6 +8,7 @@ class SessionsController < Devise::SessionsController
   include Recaptcha::Verify
   include RendersLdapServers
   include KnownSignIn
+  include Gitlab::Utils::StrongMemoize
 
   skip_before_action :check_two_factor_requirement, only: [:destroy]
   skip_before_action :check_password_expiration, only: [:destroy]
@@ -199,10 +200,14 @@ class SessionsController < Devise::SessionsController
   end
 
   def find_user
-    if session[:otp_user_id]
-      User.find(session[:otp_user_id])
-    elsif user_params[:login]
-      User.by_login(user_params[:login])
+    strong_memoize(:find_user) do
+      if session[:otp_user_id] && user_params[:login]
+        User.by_id_and_login(session[:otp_user_id], user_params[:login]).first
+      elsif session[:otp_user_id]
+        User.find(session[:otp_user_id])
+      elsif user_params[:login]
+        User.by_login(user_params[:login])
+      end
     end
   end
 
-- 
cgit v1.2.3