Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
Léo-Paul Géneau
gitlab-ce
Commits
9c6aa0a0
Commit
9c6aa0a0
authored
Aug 01, 2018
by
Grzegorz Bizon
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Improve authentication events-related code readability
parent
4eb9d6a9
Changes
4
Hide whitespace changes
Inline
Side-by-side
Showing
4 changed files
with
11 additions
and
8 deletions
+11
-8
app/controllers/application_controller.rb
app/controllers/application_controller.rb
+7
-4
config/initializers/warden.rb
config/initializers/warden.rb
+1
-1
lib/gitlab/auth/blocked_user_tracker.rb
lib/gitlab/auth/blocked_user_tracker.rb
+1
-1
spec/lib/gitlab/auth/blocked_user_tracker_spec.rb
spec/lib/gitlab/auth/blocked_user_tracker_spec.rb
+2
-2
No files found.
app/controllers/application_controller.rb
View file @
9c6aa0a0
...
...
@@ -128,12 +128,11 @@ class ApplicationController < ActionController::Base
# (e.g. tokens) to authenticate the user, whereas Devise sets current_user.
#
# `current_user` call is going to trigger Warden::Proxy authentication
# that is going to invoke warden callbacks, so we use Warden directly here.
# that is going to invoke warden callbacks, and we don't want to do it
# twice in case of authentication request.
#
def
auth_user
# TODO improve that
#
return
if
controller_name
==
'sessions'
&&
action_name
==
'create'
return
if
authentication_request?
if
user_signed_in?
current_user
...
...
@@ -142,6 +141,10 @@ class ApplicationController < ActionController::Base
end
end
def
authentication_request?
controller_name
==
'sessions'
&&
action_name
==
'create'
end
# This filter handles personal access tokens, and atom requests with rss tokens
def
authenticate_sessionless_user!
user
=
Gitlab
::
Auth
::
RequestAuthenticator
.
new
(
request
).
find_sessionless_user
...
...
config/initializers/warden.rb
View file @
9c6aa0a0
...
...
@@ -34,7 +34,7 @@ Rails.application.configure do |config|
if
user
.
blocked?
Gitlab
::
Auth
::
Activity
.
new
(
opts
).
user_blocked!
Gitlab
::
Auth
::
BlockedUserTracker
.
new
(
user
,
auth
).
log_
blocked_user_
activity!
Gitlab
::
Auth
::
BlockedUserTracker
.
new
(
user
,
auth
).
log_activity!
end
Gitlab
::
Auth
::
Activity
.
new
(
opts
).
user_session_destroyed!
...
...
lib/gitlab/auth/blocked_user_tracker.rb
View file @
9c6aa0a0
...
...
@@ -8,7 +8,7 @@ module Gitlab
@auth
=
auth
end
def
log_
blocked_user_
activity!
def
log_activity!
return
unless
@user
.
blocked?
Gitlab
::
AppLogger
.
info
<<~
INFO
...
...
spec/lib/gitlab/auth/blocked_user_tracker_spec.rb
View file @
9c6aa0a0
...
...
@@ -10,7 +10,7 @@ describe Gitlab::Auth::BlockedUserTracker do
user
=
create
(
:user
)
described_class
.
new
(
user
,
spy
(
'auth'
)).
log_
blocked_user_
activity!
described_class
.
new
(
user
,
spy
(
'auth'
)).
log_activity!
end
end
...
...
@@ -24,7 +24,7 @@ describe Gitlab::Auth::BlockedUserTracker do
expect
(
Gitlab
::
AppLogger
).
to
receive
(
:info
)
.
with
(
/Failed login for blocked user/
)
described_class
.
new
(
user
,
spy
(
'auth'
)).
log_
blocked_user_
activity!
described_class
.
new
(
user
,
spy
(
'auth'
)).
log_activity!
end
end
end
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment