diff options
| author | Starfall <admin@plural.cafe> | 2020-06-19 13:14:45 -0500 |
|---|---|---|
| committer | Starfall <admin@plural.cafe> | 2020-06-19 13:14:45 -0500 |
| commit | 5668836f56cddf3257f38a2483c1d42cacbad3a8 (patch) | |
| tree | c241a44562f79ccecaf215eb572c22d559b08dd1 /app/models/user.rb | |
| parent | 76f79dd29909d39f1d36ef48e6892223d59e29d7 (diff) | |
| parent | c7da2cc5a1821e589e7241aec21d8bb426722c2a (diff) | |
Merge branch 'glitch' into main
Diffstat (limited to 'app/models/user.rb')
| -rw-r--r-- | app/models/user.rb | 28 |
1 files changed, 27 insertions, 1 deletions
diff --git a/app/models/user.rb b/app/models/user.rb index c8dbd2fd3..a05d98d88 100644 --- a/app/models/user.rb +++ b/app/models/user.rb @@ -38,6 +38,8 @@ # chosen_languages :string is an Array # created_by_application_id :bigint(8) # approved :boolean default(TRUE), not null +# sign_in_token :string +# sign_in_token_sent_at :datetime # class User < ApplicationRecord @@ -114,7 +116,7 @@ class User < ApplicationRecord :default_content_type, :system_emoji_font, to: :settings, prefix: :setting, allow_nil: false - attr_reader :invite_code + attr_reader :invite_code, :sign_in_token_attempt attr_writer :external def confirmed? @@ -168,6 +170,10 @@ class User < ApplicationRecord true end + def suspicious_sign_in?(ip) + !otp_required_for_login? && current_sign_in_at.present? && current_sign_in_at < 2.weeks.ago && !recent_ip?(ip) + end + def functional? confirmed? && approved? && !disabled? && !account.suspended? end @@ -270,6 +276,13 @@ class User < ApplicationRecord super end + def external_or_valid_password?(compare_password) + # If encrypted_password is blank, we got the user from LDAP or PAM, + # so credentials are already valid + + encrypted_password.blank? || valid_password?(compare_password) + end + def send_reset_password_instructions return false if encrypted_password.blank? @@ -305,6 +318,15 @@ class User < ApplicationRecord end end + def sign_in_token_expired? + sign_in_token_sent_at.nil? || sign_in_token_sent_at < 5.minutes.ago + end + + def generate_sign_in_token + self.sign_in_token = Devise.friendly_token(6) + self.sign_in_token_sent_at = Time.now.utc + end + protected def send_devise_notification(notification, *args) @@ -321,6 +343,10 @@ class User < ApplicationRecord private + def recent_ip?(ip) + recent_ips.any? { |(_, recent_ip)| recent_ip == ip } + end + def send_pending_devise_notifications pending_devise_notifications.each do |notification, args| render_and_send_devise_message(notification, *args) |