diff options
author | Eugen Rochko <eugen@zeonfederated.com> | 2021-07-08 05:31:28 +0200 |
---|---|---|
committer | GitHub <noreply@github.com> | 2021-07-08 05:31:28 +0200 |
commit | 771c9d4ba87a388dc306c58139d11bf510680c98 (patch) | |
tree | aca7d7031d7b462b27af6b47e2099ace81be1beb /app/controllers/admin/sign_in_token_authentications_controller.rb | |
parent | 2e0eac71ddf0f5b61b6e395f57b7bc3f805cbf87 (diff) |
Add ability to skip sign-in token authentication for specific users (#16427)
Remove "active within last two weeks" exception for sign in token requirement Change admin reset password to lock access until the password is reset
Diffstat (limited to 'app/controllers/admin/sign_in_token_authentications_controller.rb')
-rw-r--r-- | app/controllers/admin/sign_in_token_authentications_controller.rb | 27 |
1 files changed, 27 insertions, 0 deletions
diff --git a/app/controllers/admin/sign_in_token_authentications_controller.rb b/app/controllers/admin/sign_in_token_authentications_controller.rb new file mode 100644 index 000000000..e620ab292 --- /dev/null +++ b/app/controllers/admin/sign_in_token_authentications_controller.rb @@ -0,0 +1,27 @@ +# frozen_string_literal: true + +module Admin + class SignInTokenAuthenticationsController < BaseController + before_action :set_target_user + + def create + authorize @user, :enable_sign_in_token_auth? + @user.update(skip_sign_in_token: false) + log_action :enable_sign_in_token_auth, @user + redirect_to admin_account_path(@user.account_id) + end + + def destroy + authorize @user, :disable_sign_in_token_auth? + @user.update(skip_sign_in_token: true) + log_action :disable_sign_in_token_auth, @user + redirect_to admin_account_path(@user.account_id) + end + + private + + def set_target_user + @user = User.find(params[:user_id]) + end + end +end |