github-mirror/discourse
2
0
Fork 0
mirror of https://github.com/discourse/discourse.git synced 2025-05-21 18:12:32 +08:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity

FIX: SSO code should respect IP address filters

Browse Source
This commit is contained in:
Robin Ward
2015-02-23 15:58:45 -05:00
parent d63aed69f7
commit ca5730018a
6 changed files with 33 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
app/controllers/session_controller.rb
View File

@ -66,7 +66,8 @@ class SessionController < ApplicationController
sso.expire_nonce!
begin
if user = sso.lookup_or_create_user
if user = sso.lookup_or_create_user(request.remote_ip)
if SiteSetting.must_approve_users? && !user.approved?
render text: I18n.t("sso.account_not_approved"), status: 403
else
@ -145,8 +146,7 @@ class SessionController < ApplicationController
end
if ScreenedIpAddress.block_login?(user, request.remote_ip)
not_allowed_from_ip_address(user)
return
return not_allowed_from_ip_address(user)
end
(user.active && user.email_confirmed?) ? login(user) : not_activated(user)