diff options
| author | Claire <claire.github-309c@sitedethib.com> | 2021-11-06 00:15:38 +0100 |
|---|---|---|
| committer | Claire <claire.github-309c@sitedethib.com> | 2021-11-06 00:15:38 +0100 |
| commit | 4bb6b1a1e788abac7d1745e0f4eb72ad4d4ec110 (patch) | |
| tree | a329d65c115e752c3be5c262ebf96f69cd13861a /config/initializers | |
| parent | e0f39626973fd9f5cce2d4cd3b166fb47e9c9059 (diff) | |
| parent | 6da135a493cc039d92bb5925c2a1ef66025623bf (diff) | |
Merge branch 'main' into glitch-soc/merge-upstream
Diffstat (limited to 'config/initializers')
| -rw-r--r-- | config/initializers/devise.rb | 39 |
1 files changed, 36 insertions, 3 deletions
diff --git a/config/initializers/devise.rb b/config/initializers/devise.rb index ef612e177..5232e6cfd 100644 --- a/config/initializers/devise.rb +++ b/config/initializers/devise.rb @@ -1,3 +1,5 @@ +require 'devise/strategies/authenticatable' + Warden::Manager.after_set_user except: :fetch do |user, warden| if user.session_active?(warden.cookies.signed['_session_id'] || warden.raw_session['auth_id']) session_id = warden.cookies.signed['_session_id'] || warden.raw_session['auth_id'] @@ -72,17 +74,48 @@ module Devise mattr_accessor :ldap_uid_conversion_replace @@ldap_uid_conversion_replace = nil - class Strategies::PamAuthenticatable - def valid? - super && ::Devise.pam_authentication + module Strategies + class PamAuthenticatable + def valid? + super && ::Devise.pam_authentication + end + end + + class SessionActivationRememberable < Authenticatable + def valid? + @session_cookie = nil + session_cookie.present? + end + + def authenticate! + resource = SessionActivation.find_by(session_id: session_cookie)&.user + + unless resource + cookies.delete('_session_id') + return pass + end + + if validate(resource) + success!(resource) + end + end + + private + + def session_cookie + @session_cookie ||= cookies.signed['_session_id'] + end end end end +Warden::Strategies.add(:session_activation_rememberable, Devise::Strategies::SessionActivationRememberable) + Devise.setup do |config| config.warden do |manager| manager.default_strategies(scope: :user).unshift :two_factor_ldap_authenticatable if Devise.ldap_authentication manager.default_strategies(scope: :user).unshift :two_factor_pam_authenticatable if Devise.pam_authentication + manager.default_strategies(scope: :user).unshift :session_activation_rememberable manager.default_strategies(scope: :user).unshift :two_factor_authenticatable manager.default_strategies(scope: :user).unshift :two_factor_backupable end |