Catch custom warden events too to increment metrics

config/initializers/warden.rb

 Rails.application.configure do |config|
   Warden::Manager.after_set_user(scope: :user) do |user, auth, opts|
     Gitlab::Auth::UniqueIpsLimiter.limit_user!(user)
-  end
-
-  Warden::Manager.before_failure(scope: :user) do |env, opts|
-    Gitlab::Auth::BlockedUserTracker.new(env).tap do |tracker|
-      tracker.log_blocked_user_activity! if tracker.user_blocked?
 
-      Gitlab::Auth::Activity.new(tracker.user, opts).user_authentication_failed!
+    case opts[:event]
+    when :authentication
+      Gitlab::Auth::Activity.new(user, opts).user_authenticated!
+    when :set_user
+      Gitlab::Auth::Activity.new(user, opts).user_authenticated!
+      Gitlab::Auth::Activity.new(user, opts).user_session_override!
+    when :fetch
+      # no-op
+    else
+      Gitlab::Auth::Activity.new(user, opts).user_session_override!
     end
   end
 
   Warden::Manager.after_authentication(scope: :user) do |user, auth, opts|
     ActiveSession.cleanup(user)
-    Gitlab::Auth::Activity.new(user, opts).user_authenticated!
   end
 
   Warden::Manager.after_set_user(scope: :user, only: :fetch) do |user, auth, opts|
     ActiveSession.set(user, auth.request)
   end
 
-  Warden::Manager.after_set_user(scope: :user, only: :set_user) do |user, auth, opts|
-    Gitlab::Auth::Activity.new(user, opts).user_session_override!
+  Warden::Manager.before_failure(scope: :user) do |env, opts|
+    tracker = Gitlab::Auth::BlockedUserTracker.new(env)
+    tracker.log_blocked_user_activity! if tracker.user_blocked?
+
+    Gitlab::Auth::Activity.new(tracker.user, opts).user_authentication_failed!
   end
 
   Warden::Manager.before_logout(scope: :user) do |user_warden, auth, opts|

lib/gitlab/auth/activity.rb

@@ -42,7 +42,6 @@ module Gitlab
       end
 
       def user_session_override!
-        self.class.user_authenticated_counter_increment!
         self.class.user_session_override_counter_increment!
 
         if @opts[:message] == :two_factor_authenticated