Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
Boxiang Sun
gitlab-ce
Commits
a4137411
Commit
a4137411
authored
Aug 17, 2016
by
Patricio Cano
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Small refactor and syntax fixes.
parent
c2978008
Changes
5
Hide whitespace changes
Inline
Side-by-side
Showing
5 changed files
with
5 additions
and
6 deletions
+5
-6
config/initializers/doorkeeper.rb
config/initializers/doorkeeper.rb
+1
-1
lib/api/helpers.rb
lib/api/helpers.rb
+0
-4
lib/api/session.rb
lib/api/session.rb
+1
-1
spec/requests/api/oauth_tokens_spec.rb
spec/requests/api/oauth_tokens_spec.rb
+2
-0
spec/requests/api/session_spec.rb
spec/requests/api/session_spec.rb
+1
-0
No files found.
config/initializers/doorkeeper.rb
View file @
a4137411
...
@@ -13,7 +13,7 @@ Doorkeeper.configure do
...
@@ -13,7 +13,7 @@ Doorkeeper.configure do
resource_owner_from_credentials
do
|
routes
|
resource_owner_from_credentials
do
|
routes
|
user
=
Gitlab
::
Auth
.
find_with_user_password
(
params
[
:username
],
params
[
:password
])
user
=
Gitlab
::
Auth
.
find_with_user_password
(
params
[
:username
],
params
[
:password
])
user
unless
user
&&
user
.
two_factor_enabled?
user
unless
user
.
try
(
:two_factor_enabled?
)
end
end
# If you want to restrict access to the web interface for adding oauth authorized applications, you need to declare the block below.
# If you want to restrict access to the web interface for adding oauth authorized applications, you need to declare the block below.
...
...
lib/api/helpers.rb
View file @
a4137411
...
@@ -275,10 +275,6 @@ module API
...
@@ -275,10 +275,6 @@ module API
end
end
end
end
def
render_2fa_error!
render_api_error!
(
'401 Unauthorized. You have 2FA enabled. Please use a personal access token to access the API'
,
401
)
end
def
render_api_error!
(
message
,
status
)
def
render_api_error!
(
message
,
status
)
error!
({
'message'
=>
message
},
status
)
error!
({
'message'
=>
message
},
status
)
end
end
...
...
lib/api/session.rb
View file @
a4137411
...
@@ -14,7 +14,7 @@ module API
...
@@ -14,7 +14,7 @@ module API
user
=
Gitlab
::
Auth
.
find_with_user_password
(
params
[
:email
]
||
params
[
:login
],
params
[
:password
])
user
=
Gitlab
::
Auth
.
find_with_user_password
(
params
[
:email
]
||
params
[
:login
],
params
[
:password
])
return
unauthorized!
unless
user
return
unauthorized!
unless
user
return
render_
2fa_error!
if
user
.
two_factor_enabled?
return
render_
api_error!
(
'401 Unauthorized. You have 2FA enabled. Please use a personal access token to access the API'
,
401
)
if
user
.
two_factor_enabled?
present
user
,
with:
Entities
::
UserLogin
present
user
,
with:
Entities
::
UserLogin
end
end
end
end
...
...
spec/requests/api/oauth_tokens_spec.rb
View file @
a4137411
...
@@ -11,6 +11,7 @@ describe API::API, api: true do
...
@@ -11,6 +11,7 @@ describe API::API, api: true do
context
'when user has 2FA enabled'
do
context
'when user has 2FA enabled'
do
it
'does not create an access token'
do
it
'does not create an access token'
do
user
=
create
(
:user
,
:two_factor
)
user
=
create
(
:user
,
:two_factor
)
request_oauth_token
(
user
)
request_oauth_token
(
user
)
expect
(
response
).
to
have_http_status
(
401
)
expect
(
response
).
to
have_http_status
(
401
)
...
@@ -21,6 +22,7 @@ describe API::API, api: true do
...
@@ -21,6 +22,7 @@ describe API::API, api: true do
context
'when user does not have 2FA enabled'
do
context
'when user does not have 2FA enabled'
do
it
'creates an access token'
do
it
'creates an access token'
do
user
=
create
(
:user
)
user
=
create
(
:user
)
request_oauth_token
(
user
)
request_oauth_token
(
user
)
expect
(
response
).
to
have_http_status
(
200
)
expect
(
response
).
to
have_http_status
(
200
)
...
...
spec/requests/api/session_spec.rb
View file @
a4137411
...
@@ -25,6 +25,7 @@ describe API::API, api: true do
...
@@ -25,6 +25,7 @@ describe API::API, api: true do
post
api
(
'/session'
),
email:
user
.
email
,
password:
user
.
password
post
api
(
'/session'
),
email:
user
.
email
,
password:
user
.
password
expect
(
response
).
to
have_http_status
(
401
)
expect
(
response
).
to
have_http_status
(
401
)
expect
(
response
.
body
).
to
include
(
'You have 2FA enabled.'
)
end
end
end
end
end
end
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment