Fix 2FA/sign-in token sessions being valid after password change (#14802) - mastodon - Plural Café fork of Mastodon/Glitch Social

diff options

author	Eugen Rochko <eugen@zeonfederated.com>	2020-11-12 23:05:01 +0100
committer	GitHub <noreply@github.com>	2020-11-12 23:05:01 +0100
commit	8532429af749339a3ff6af4130de3743cd8d1c68 (patch)
tree	72baeae5c43531708a03e2c504fcab3e24d5ec6f /spec/controllers/settings/sessions_controller_spec.rb
parent	9870b175b477bbc984fc7945f1ebe07e3f2b0053 (diff)

Fix 2FA/sign-in token sessions being valid after password change (#14802)

If someone tries logging in to an account and is prompted for a 2FA
code or sign-in token, even if the account's password or e-mail is
updated in the meantime, the session will show the prompt and allow
the login process to complete with a valid 2FA code or sign-in token

Diffstat (limited to 'spec/controllers/settings/sessions_controller_spec.rb')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: