Commit 892b371d authored by Grzegorz Bizon's avatar Grzegorz Bizon

Merge branch 'dm-warden-hook-scope' into 'master'

Only run session related Warden hooks for user scope

Closes gitlab-ee#5857

See merge request gitlab-org/gitlab-ce!18771
parents 2d84de9e d0bab339
Rails.application.configure do |config| Rails.application.configure do |config|
Warden::Manager.after_set_user do |user, auth, opts| Warden::Manager.after_set_user(scope: :user) do |user, auth, opts|
Gitlab::Auth::UniqueIpsLimiter.limit_user!(user) Gitlab::Auth::UniqueIpsLimiter.limit_user!(user)
end end
Warden::Manager.before_failure do |env, opts| Warden::Manager.before_failure(scope: :user) do |env, opts|
Gitlab::Auth::BlockedUserTracker.log_if_user_blocked(env) Gitlab::Auth::BlockedUserTracker.log_if_user_blocked(env)
end end
Warden::Manager.after_authentication do |user, auth, opts| Warden::Manager.after_authentication(scope: :user) do |user, auth, opts|
ActiveSession.cleanup(user) ActiveSession.cleanup(user)
end end
Warden::Manager.after_set_user only: :fetch do |user, auth, opts| Warden::Manager.after_set_user(scope: :user, only: :fetch) do |user, auth, opts|
ActiveSession.set(user, auth.request) ActiveSession.set(user, auth.request)
end end
Warden::Manager.before_logout do |user, auth, opts| Warden::Manager.before_logout(scope: :user) do |user, auth, opts|
ActiveSession.destroy(user || auth.user, auth.request.session.id) ActiveSession.destroy(user || auth.user, auth.request.session.id)
end end
end end
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment