github-mirror/discourse
2
0
Fork 0
mirror of https://github.com/discourse/discourse.git synced 2025-05-22 04:31:10 +08:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity

DEV: Remove redundant admin_login route, share with email_login

Browse Source
This commit is contained in:
Martin Brennan
2020-01-13 12:10:07 +10:00
parent d50eb82d51
commit 9e399b42b9
25 changed files with 55 additions and 318 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
app/controllers/session_controller.rb
View File

@ -345,11 +345,14 @@ class SessionController < ApplicationController
end
def email_login_info
raise Discourse::NotFound if !SiteSetting.enable_local_logins_via_email
token = params[:token]
matched_token = EmailToken.confirmable(token)
if !SiteSetting.enable_local_logins_via_email &&
!matched_token.user.admin? # admin-login uses this route, so allow them even if disabled
raise Discourse::NotFound
end
if matched_token
response = {
can_login: true,
@ -382,13 +385,17 @@ class SessionController < ApplicationController
end
def email_login
raise Discourse::NotFound if !SiteSetting.enable_local_logins_via_email
second_factor_token = params[:second_factor_token]
second_factor_method = params[:second_factor_method].to_i
security_key_credential = params[:security_key_credential]
token = params[:token]
matched_token = EmailToken.confirmable(token)
if !SiteSetting.enable_local_logins_via_email &&
!matched_token&.user&.admin? # admin-login uses this route, so allow them even if disabled
raise Discourse::NotFound
end
if security_key_credential.present?
if matched_token&.user&.security_keys_enabled?
security_key_valid = ::Webauthn::SecurityKeyAuthenticationService.new(