Commit 9c6aa0a0 authored by Grzegorz Bizon's avatar Grzegorz Bizon

Improve authentication events-related code readability

parent 4eb9d6a9
...@@ -128,12 +128,11 @@ class ApplicationController < ActionController::Base ...@@ -128,12 +128,11 @@ class ApplicationController < ActionController::Base
# (e.g. tokens) to authenticate the user, whereas Devise sets current_user. # (e.g. tokens) to authenticate the user, whereas Devise sets current_user.
# #
# `current_user` call is going to trigger Warden::Proxy authentication # `current_user` call is going to trigger Warden::Proxy authentication
# that is going to invoke warden callbacks, so we use Warden directly here. # that is going to invoke warden callbacks, and we don't want to do it
# twice in case of authentication request.
# #
def auth_user def auth_user
# TODO improve that return if authentication_request?
#
return if controller_name == 'sessions' && action_name == 'create'
if user_signed_in? if user_signed_in?
current_user current_user
...@@ -142,6 +141,10 @@ class ApplicationController < ActionController::Base ...@@ -142,6 +141,10 @@ class ApplicationController < ActionController::Base
end end
end end
def authentication_request?
controller_name == 'sessions' && action_name == 'create'
end
# This filter handles personal access tokens, and atom requests with rss tokens # This filter handles personal access tokens, and atom requests with rss tokens
def authenticate_sessionless_user! def authenticate_sessionless_user!
user = Gitlab::Auth::RequestAuthenticator.new(request).find_sessionless_user user = Gitlab::Auth::RequestAuthenticator.new(request).find_sessionless_user
......
...@@ -34,7 +34,7 @@ Rails.application.configure do |config| ...@@ -34,7 +34,7 @@ Rails.application.configure do |config|
if user.blocked? if user.blocked?
Gitlab::Auth::Activity.new(opts).user_blocked! Gitlab::Auth::Activity.new(opts).user_blocked!
Gitlab::Auth::BlockedUserTracker.new(user, auth).log_blocked_user_activity! Gitlab::Auth::BlockedUserTracker.new(user, auth).log_activity!
end end
Gitlab::Auth::Activity.new(opts).user_session_destroyed! Gitlab::Auth::Activity.new(opts).user_session_destroyed!
......
...@@ -8,7 +8,7 @@ module Gitlab ...@@ -8,7 +8,7 @@ module Gitlab
@auth = auth @auth = auth
end end
def log_blocked_user_activity! def log_activity!
return unless @user.blocked? return unless @user.blocked?
Gitlab::AppLogger.info <<~INFO Gitlab::AppLogger.info <<~INFO
......
...@@ -10,7 +10,7 @@ describe Gitlab::Auth::BlockedUserTracker do ...@@ -10,7 +10,7 @@ describe Gitlab::Auth::BlockedUserTracker do
user = create(:user) user = create(:user)
described_class.new(user, spy('auth')).log_blocked_user_activity! described_class.new(user, spy('auth')).log_activity!
end end
end end
...@@ -24,7 +24,7 @@ describe Gitlab::Auth::BlockedUserTracker do ...@@ -24,7 +24,7 @@ describe Gitlab::Auth::BlockedUserTracker do
expect(Gitlab::AppLogger).to receive(:info) expect(Gitlab::AppLogger).to receive(:info)
.with(/Failed login for blocked user/) .with(/Failed login for blocked user/)
described_class.new(user, spy('auth')).log_blocked_user_activity! described_class.new(user, spy('auth')).log_activity!
end end
end end
end end
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment