diff options
| author | Eugen Rochko <eugen@zeonfederated.com> | 2019-09-24 04:35:36 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2019-09-24 04:35:36 +0200 |
| commit | a1f04c1e3497e9dff5970038461d9f454f2650df (patch) | |
| tree | 926ec210c5f8f794b9991c6aee80571c29e2bb2e /lib/devise/two_factor_pam_authenticatable.rb | |
| parent | 67bef15e53a77b6f1557fdd0efa65f3e916c20df (diff) | |
Fix authentication before 2FA challenge (#11943)
Regression from #11831
Diffstat (limited to 'lib/devise/two_factor_pam_authenticatable.rb')
| -rw-r--r-- | lib/devise/two_factor_pam_authenticatable.rb | 31 |
1 files changed, 31 insertions, 0 deletions
diff --git a/lib/devise/two_factor_pam_authenticatable.rb b/lib/devise/two_factor_pam_authenticatable.rb new file mode 100644 index 000000000..5ce723b33 --- /dev/null +++ b/lib/devise/two_factor_pam_authenticatable.rb @@ -0,0 +1,31 @@ +# frozen_string_literal: true + +require 'devise/strategies/base' + +module Devise + module Strategies + class TwoFactorPamAuthenticatable < Base + def valid? + valid_params? && mapping.to.respond_to?(:authenticate_with_pam) + end + + def authenticate! + resource = mapping.to.authenticate_with_pam(params[scope]) + + if resource && !resource.otp_required_for_login? + success!(resource) + else + fail(:invalid) + end + end + + protected + + def valid_params? + params[scope] && params[scope][:password].present? + end + end + end +end + +Warden::Strategies.add(:two_factor_pam_authenticatable, Devise::Strategies::TwoFactorPamAuthenticatable) |