diff options
| author | Eugen Rochko <eugen@zeonfederated.com> | 2019-09-18 02:48:40 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2019-09-18 02:48:40 +0200 |
| commit | a4b60e9ba4874b9ab427bec41d8b2cd252ec4782 (patch) | |
| tree | 81eb8efab6523e8ac3b713feed1b5d4e90b6d77b /app/controllers/settings | |
| parent | 3919571c3958f7808a7830b7d19d1605fc7c0ef9 (diff) | |
Fix TOTP codes not being filtered from logs during enabling/disabling (#11877)
Not a serious issue because they are meaningless past single use
Diffstat (limited to 'app/controllers/settings')
| -rw-r--r-- | app/controllers/settings/two_factor_authentication/confirmations_controller.rb | 4 | ||||
| -rw-r--r-- | app/controllers/settings/two_factor_authentications_controller.rb | 6 |
2 files changed, 5 insertions, 5 deletions
diff --git a/app/controllers/settings/two_factor_authentication/confirmations_controller.rb b/app/controllers/settings/two_factor_authentication/confirmations_controller.rb index 3145e092d..46c90bf74 100644 --- a/app/controllers/settings/two_factor_authentication/confirmations_controller.rb +++ b/app/controllers/settings/two_factor_authentication/confirmations_controller.rb @@ -15,7 +15,7 @@ module Settings end def create - if current_user.validate_and_consume_otp!(confirmation_params[:code]) + if current_user.validate_and_consume_otp!(confirmation_params[:otp_attempt]) flash.now[:notice] = I18n.t('two_factor_authentication.enabled_success') current_user.otp_required_for_login = true @@ -33,7 +33,7 @@ module Settings private def confirmation_params - params.require(:form_two_factor_confirmation).permit(:code) + params.require(:form_two_factor_confirmation).permit(:otp_attempt) end def prepare_two_factor_form diff --git a/app/controllers/settings/two_factor_authentications_controller.rb b/app/controllers/settings/two_factor_authentications_controller.rb index 6904076e4..c93b17577 100644 --- a/app/controllers/settings/two_factor_authentications_controller.rb +++ b/app/controllers/settings/two_factor_authentications_controller.rb @@ -34,7 +34,7 @@ module Settings private def confirmation_params - params.require(:form_two_factor_confirmation).permit(:code) + params.require(:form_two_factor_confirmation).permit(:otp_attempt) end def verify_otp_required @@ -42,8 +42,8 @@ module Settings end def acceptable_code? - current_user.validate_and_consume_otp!(confirmation_params[:code]) || - current_user.invalidate_otp_backup_code!(confirmation_params[:code]) + current_user.validate_and_consume_otp!(confirmation_params[:otp_attempt]) || + current_user.invalidate_otp_backup_code!(confirmation_params[:otp_attempt]) end end end |