about summary refs log tree commit diff
path: root/app/controllers/admin/sign_in_token_authentications_controller.rb
diff options
context:
space:
mode:
authorEugen Rochko <eugen@zeonfederated.com>2021-07-08 05:31:28 +0200
committerGitHub <noreply@github.com>2021-07-08 05:31:28 +0200
commit771c9d4ba87a388dc306c58139d11bf510680c98 (patch)
treeaca7d7031d7b462b27af6b47e2099ace81be1beb /app/controllers/admin/sign_in_token_authentications_controller.rb
parent2e0eac71ddf0f5b61b6e395f57b7bc3f805cbf87 (diff)
Add ability to skip sign-in token authentication for specific users (#16427)
Remove "active within last two weeks" exception for sign in token requirement

Change admin reset password to lock access until the password is reset
Diffstat (limited to 'app/controllers/admin/sign_in_token_authentications_controller.rb')
-rw-r--r--app/controllers/admin/sign_in_token_authentications_controller.rb27
1 files changed, 27 insertions, 0 deletions
diff --git a/app/controllers/admin/sign_in_token_authentications_controller.rb b/app/controllers/admin/sign_in_token_authentications_controller.rb
new file mode 100644
index 000000000..e620ab292
--- /dev/null
+++ b/app/controllers/admin/sign_in_token_authentications_controller.rb
@@ -0,0 +1,27 @@
+# frozen_string_literal: true
+
+module Admin
+  class SignInTokenAuthenticationsController < BaseController
+    before_action :set_target_user
+
+    def create
+      authorize @user, :enable_sign_in_token_auth?
+      @user.update(skip_sign_in_token: false)
+      log_action :enable_sign_in_token_auth, @user
+      redirect_to admin_account_path(@user.account_id)
+    end
+
+    def destroy
+      authorize @user, :disable_sign_in_token_auth?
+      @user.update(skip_sign_in_token: true)
+      log_action :disable_sign_in_token_auth, @user
+      redirect_to admin_account_path(@user.account_id)
+    end
+
+    private
+
+    def set_target_user
+      @user = User.find(params[:user_id])
+    end
+  end
+end
generated by cgit-pink (git 2.37.1) at 2024-10-07 11:11:15 +0000