Improve authentication events-related code readability

9c6aa0a0 · Grzegorz Bizon · 4eb9d6a9 · 9c6aa0a0 · 9c6aa0a0 · 9c6aa0a0
Commit 9c6aa0a0 authored Aug 01, 2018 by Grzegorz Bizon
4 changed files
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -128,12 +128,11 @@ class ApplicationController < ActionController::Base
  # (e.g. tokens) to authenticate the user, whereas Devise sets current_user.
  #
  #  `current_user` call is going to trigger Warden::Proxy authentication
-  #  that is going to invoke warden callbacks, so we use Warden directly here.
+  #  that is going to invoke warden callbacks, and we don't want to do it
+  #  twice in case of authentication request.
  #
  def auth_user
-    # TODO improve that
-    #
-    return if controller_name == 'sessions' && action_name == 'create'
+    return if authentication_request?

    if user_signed_in?
      current_user
@@ -142,6 +141,10 @@ class ApplicationController < ActionController::Base
    end
  end

+  def authentication_request?
+    controller_name == 'sessions' && action_name == 'create'
+  end
+
  # This filter handles personal access tokens, and atom requests with rss tokens
  def authenticate_sessionless_user!
    user = Gitlab::Auth::RequestAuthenticator.new(request).find_sessionless_user

--- a/config/initializers/warden.rb
+++ b/config/initializers/warden.rb
@@ -34,7 +34,7 @@ Rails.application.configure do |config|

    if user.blocked?
      Gitlab::Auth::Activity.new(opts).user_blocked!
-      Gitlab::Auth::BlockedUserTracker.new(user, auth).log_blocked_user_activity!
+      Gitlab::Auth::BlockedUserTracker.new(user, auth).log_activity!
    end

    Gitlab::Auth::Activity.new(opts).user_session_destroyed!

--- a/lib/gitlab/auth/blocked_user_tracker.rb
+++ b/lib/gitlab/auth/blocked_user_tracker.rb
@@ -8,7 +8,7 @@ module Gitlab
        @auth = auth
      end

-      def log_blocked_user_activity!
+      def log_activity!
        return unless @user.blocked?

        Gitlab::AppLogger.info <<~INFO

--- a/spec/lib/gitlab/auth/blocked_user_tracker_spec.rb
+++ b/spec/lib/gitlab/auth/blocked_user_tracker_spec.rb
@@ -10,7 +10,7 @@ describe Gitlab::Auth::BlockedUserTracker do

        user = create(:user)

-        described_class.new(user, spy('auth')).log_blocked_user_activity!
+        described_class.new(user, spy('auth')).log_activity!
      end
    end

@@ -24,7 +24,7 @@ describe Gitlab::Auth::BlockedUserTracker do
        expect(Gitlab::AppLogger).to receive(:info)
          .with(/Failed login for blocked user/)

-        described_class.new(user, spy('auth')).log_blocked_user_activity!
+        described_class.new(user, spy('auth')).log_activity!
      end
    end
  end