-
- Downloads
Fix authentication failures after going halfway through a sign-in attempt (#16607)
* Add tests * Add security-related tests My first (unpublished) attempt at fixing the issues introduced (extremely hard-to-exploit) security vulnerabilities, addressing them in a test. * Fix authentication failures after going halfway through a sign-in attempt * Refactor `authenticate_with_sign_in_token` and `authenticate_with_two_factor` to make the two authentication steps more obvious
Showing
- app/controllers/auth/sessions_controller.rb 10 additions, 6 deletionsapp/controllers/auth/sessions_controller.rb
- app/controllers/concerns/sign_in_token_authentication_concern.rb 12 additions, 8 deletions...trollers/concerns/sign_in_token_authentication_concern.rb
- app/controllers/concerns/two_factor_authentication_concern.rb 13 additions, 9 deletions...controllers/concerns/two_factor_authentication_concern.rb
- spec/controllers/auth/sessions_controller_spec.rb 109 additions, 0 deletionsspec/controllers/auth/sessions_controller_spec.rb
Loading
Please register or sign in to comment