Commit 00cae51e authored by Robert Speicher's avatar Robert Speicher Committed by Robert Speicher

Merge branch 'rs-fix-ldap-2fa-login' into 'master'

Fix 2FA-based login for LDAP users

The OTP input form is shared by both LDAP and standard logins, but when
coming from an LDAP-based form, the form parameters aren't nested in a
Hash based on the `resource_name` value.

Now we check for a nested `remember_me` parameter and use that if it
exists, or fall back to the non-nested parameters if it doesn't.

Somewhat confusingly, the OTP input form _does_ nest parameters under
the `resource_name`, regardless of what type of login we're coming from,
so that allows everything else to work as normal.


See merge request !4493
parent 374d212b
Please view this file on the master branch, on stable branches it's out of date.
v 8.8.4
- Fix LDAP-based login for users with 2FA enabled
v 8.8.3
- Fix 404 page when viewing TODOs that contain milestones or labels in different projects. !4312
- Fixed JS error when trying to remove discussion form. !4303
......@@ -4,7 +4,8 @@
%h3 Two-factor Authentication
= form_for(resource, as: resource_name, url: session_path(resource_name), method: :post) do |f|
= f.hidden_field :remember_me, value: params[resource_name][:remember_me]
- resource_params = params[resource_name].presence || params
= f.hidden_field :remember_me, value: resource_params.fetch(:remember_me, 0)
= f.text_field :otp_attempt, class: 'form-control', placeholder: 'Two-factor Authentication code', required: true, autofocus: true Enter the code from the two-factor app on your mobile device. If you've lost your device, you may enter one of your recovery codes.
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment