diff options
author | ThibG <thib@sitedethib.com> | 2020-06-09 13:00:24 +0200 |
---|---|---|
committer | GitHub <noreply@github.com> | 2020-06-09 13:00:24 +0200 |
commit | 3287a10fe9658a6c370431a925abc50d4f68ea08 (patch) | |
tree | 88a408a943aa421a6ba844d309f673150cd92434 /app/models/user.rb | |
parent | f328f2faa3fbdb182921366c6a20e745c069b840 (diff) | |
parent | e9d7ca7645fc37534df1222e8d7ab8f3d533b852 (diff) |
Merge pull request #1350 from ThibG/glitch-soc/merge-upstream
Merge upstream changes
Diffstat (limited to 'app/models/user.rb')
-rw-r--r-- | app/models/user.rb | 28 |
1 files changed, 27 insertions, 1 deletions
diff --git a/app/models/user.rb b/app/models/user.rb index c8dbd2fd3..a05d98d88 100644 --- a/app/models/user.rb +++ b/app/models/user.rb @@ -38,6 +38,8 @@ # chosen_languages :string is an Array # created_by_application_id :bigint(8) # approved :boolean default(TRUE), not null +# sign_in_token :string +# sign_in_token_sent_at :datetime # class User < ApplicationRecord @@ -114,7 +116,7 @@ class User < ApplicationRecord :default_content_type, :system_emoji_font, to: :settings, prefix: :setting, allow_nil: false - attr_reader :invite_code + attr_reader :invite_code, :sign_in_token_attempt attr_writer :external def confirmed? @@ -168,6 +170,10 @@ class User < ApplicationRecord true end + def suspicious_sign_in?(ip) + !otp_required_for_login? && current_sign_in_at.present? && current_sign_in_at < 2.weeks.ago && !recent_ip?(ip) + end + def functional? confirmed? && approved? && !disabled? && !account.suspended? end @@ -270,6 +276,13 @@ class User < ApplicationRecord super end + def external_or_valid_password?(compare_password) + # If encrypted_password is blank, we got the user from LDAP or PAM, + # so credentials are already valid + + encrypted_password.blank? || valid_password?(compare_password) + end + def send_reset_password_instructions return false if encrypted_password.blank? @@ -305,6 +318,15 @@ class User < ApplicationRecord end end + def sign_in_token_expired? + sign_in_token_sent_at.nil? || sign_in_token_sent_at < 5.minutes.ago + end + + def generate_sign_in_token + self.sign_in_token = Devise.friendly_token(6) + self.sign_in_token_sent_at = Time.now.utc + end + protected def send_devise_notification(notification, *args) @@ -321,6 +343,10 @@ class User < ApplicationRecord private + def recent_ip?(ip) + recent_ips.any? { |(_, recent_ip)| recent_ip == ip } + end + def send_pending_devise_notifications pending_devise_notifications.each do |notification, args| render_and_send_devise_message(notification, *args) |