Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
1
Merge Requests
1
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
nexedi
gitlab-ce
Commits
d6ef6c63
Commit
d6ef6c63
authored
Feb 03, 2016
by
Robert Speicher
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Support Two-factor Authentication for LDAP users
Closes #12653
parent
d506b3f9
Changes
3
Show whitespace changes
Inline
Side-by-side
Showing
3 changed files
with
33 additions
and
28 deletions
+33
-28
CHANGELOG
CHANGELOG
+1
-0
app/controllers/omniauth_callbacks_controller.rb
app/controllers/omniauth_callbacks_controller.rb
+7
-2
app/views/profiles/accounts/show.html.haml
app/views/profiles/accounts/show.html.haml
+25
-26
No files found.
CHANGELOG
View file @
d6ef6c63
...
...
@@ -16,6 +16,7 @@ v 8.5.0 (unreleased)
- Don't vendor minified JS
- Display 404 error on group not found
- Track project import failure
- Support Two-factor Authentication for LDAP users
- Fix visibility level text in admin area (Zeger-Jan van de Weg)
- Warn admin during OAuth of granting admin rights (Zeger-Jan van de Weg)
- Update the ExternalIssue regex pattern (Blake Hitchcock)
...
...
app/controllers/omniauth_callbacks_controller.rb
View file @
d6ef6c63
class
OmniauthCallbacksController
<
Devise
::
OmniauthCallbacksController
include
AuthenticatesWithTwoFactor
protect_from_forgery
except:
[
:kerberos
,
:saml
,
:cas3
]
...
...
@@ -29,8 +30,12 @@ class OmniauthCallbacksController < Devise::OmniauthCallbacksController
# Do additional LDAP checks for the user filter and EE features
if
ldap_user
.
allowed?
if
@user
.
two_factor_enabled?
prompt_for_two_factor
(
@user
)
else
log_audit_event
(
@user
,
with: :ldap
)
sign_in_and_redirect
(
@user
)
end
else
flash
[
:alert
]
=
"Access denied for your LDAP account."
redirect_to
new_user_session_path
...
...
app/views/profiles/accounts/show.html.haml
View file @
d6ef6c63
...
...
@@ -31,7 +31,6 @@
-
else
=
f
.
submit
'Generate'
,
class:
"btn btn-default"
-
unless
current_user
.
ldap_user?
.panel.panel-default
.panel-heading
Two-factor Authentication
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment