-
Stan Hu authored
Users without GitLab 2FA enabled would be logged out after an hour due to a regression in https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/20700. The OAuth2 controller sets the current_user after the controller is finished, so we should only limit session times after this has been done. Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/50210
a7e2f96b