]> cat aescling's git repositories - mastodon.git/commit
cat aescling's git repositories / mastodon.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 9870b17) | patch
Fix 2FA/sign-in token sessions being valid after password change (#14802)
authorEugen Rochko <eugen@zeonfederated.com>
Thu, 12 Nov 2020 22:05:01 +0000 (23:05 +0100)
committerGitHub <noreply@github.com>
Thu, 12 Nov 2020 22:05:01 +0000 (23:05 +0100)
commit8532429af749339a3ff6af4130de3743cd8d1c68
tree72baeae5c43531708a03e2c504fcab3e24d5ec6ftree | snapshot
parent9870b175b477bbc984fc7945f1ebe07e3f2b0053commit | diff
Fix 2FA/sign-in token sessions being valid after password change (#14802)

If someone tries logging in to an account and is prompted for a 2FA
code or sign-in token, even if the account's password or e-mail is
updated in the meantime, the session will show the prompt and allow
the login process to complete with a valid 2FA code or sign-in token
app/controllers/api/base_controller.rb diff | blob | history
app/controllers/auth/sessions_controller.rb diff | blob | history
app/controllers/concerns/sign_in_token_authentication_concern.rb diff | blob | history
app/controllers/concerns/two_factor_authentication_concern.rb diff | blob | history
app/controllers/concerns/user_tracking_concern.rb diff | blob | history
app/models/user.rb diff | blob | history
spec/controllers/auth/sessions_controller_spec.rb diff | blob | history
source code fur Kibicat Mastodon