Merge branch 'main' into glitch-soc/merge-upstream

author: Claire <claire.github-309c@sitedethib.com> 2021-08-27 11:29:03 +0200
committer: Claire <claire.github-309c@sitedethib.com> 2021-08-27 11:29:03 +0200
commit: 463d23dfd5bdad1941807a8caf988f95a97050fd (patch)
tree: 180fda300a6d5782329e5e505e57fff6fd3de202 /app/controllers/auth
parent: 70909c5b094523b0cf77123a2566310b2f148e24 (diff)
parent: 7283a5d3b94b655172744996ffa43ec80aff0e08 (diff)
2 files changed, 15 insertions, 8 deletions
diff --git a/app/controllers/auth/omniauth_callbacks_controller.rb b/app/controllers/auth/omniauth_callbacks_controller.rb
index 7925e23cb..991a50b03 100644
--- a/app/controllers/auth/omniauth_callbacks_controller.rb
+++ b/app/controllers/auth/omniauth_callbacks_controller.rb
@@ -11,7 +11,7 @@ class Auth::OmniauthCallbacksController < Devise::OmniauthCallbacksController
 
       if @user.persisted?
         LoginActivity.create(
-          user: user,
+          user: @user,
           success: true,
           authentication_method: :omniauth,
           provider: provider,
diff --git a/app/controllers/auth/sessions_controller.rb b/app/controllers/auth/sessions_controller.rb
index f07f38075..f2e88d363 100644
--- a/app/controllers/auth/sessions_controller.rb
+++ b/app/controllers/auth/sessions_controller.rb
@@ -47,7 +47,10 @@ class Auth::SessionsController < Devise::SessionsController
     user = find_user
 
     if user&.webauthn_enabled?
-      options_for_get = WebAuthn::Credential.options_for_get(allow: user.webauthn_credentials.pluck(:external_id))
+      options_for_get = WebAuthn::Credential.options_for_get(
+        allow: user.webauthn_credentials.pluck(:external_id),
+        user_verification: 'discouraged'
+      )
 
       session[:webauthn_challenge] = options_for_get.challenge
 
@@ -60,16 +63,20 @@ class Auth::SessionsController < Devise::SessionsController
   protected
 
   def find_user
-    if session[:attempt_user_id]
+    if user_params[:email].present?
+      find_user_from_params
+    elsif session[:attempt_user_id]
       User.find_by(id: session[:attempt_user_id])
-    else
-      user   = User.authenticate_with_ldap(user_params) if Devise.ldap_authentication
-      user ||= User.authenticate_with_pam(user_params) if Devise.pam_authentication
-      user ||= User.find_for_authentication(email: user_params[:email])
-      user
     end
   end
 
+  def find_user_from_params
+    user   = User.authenticate_with_ldap(user_params) if Devise.ldap_authentication
+    user ||= User.authenticate_with_pam(user_params) if Devise.pam_authentication
+    user ||= User.find_for_authentication(email: user_params[:email])
+    user
+  end
+
   def user_params
     params.require(:user).permit(:email, :password, :otp_attempt, :sign_in_token_attempt, credential: {})
   end
author	Claire <claire.github-309c@sitedethib.com>	2021-08-27 11:29:03 +0200
committer	Claire <claire.github-309c@sitedethib.com>	2021-08-27 11:29:03 +0200
commit	463d23dfd5bdad1941807a8caf988f95a97050fd (patch)
tree	180fda300a6d5782329e5e505e57fff6fd3de202 /app/controllers/auth
parent	70909c5b094523b0cf77123a2566310b2f148e24 (diff)
parent	7283a5d3b94b655172744996ffa43ec80aff0e08 (diff)