Browse Source

Fix crash in warden hook

It seems that in some cases `action_dispatch.cookies` is not
set in the environment during the `after_authentication`
hook.
master
Sam Clegg 9 years ago
parent
commit
1a27f42140
  1. 4
      lib/two_factor_authentication/hooks/two_factor_authenticatable.rb

4
lib/two_factor_authentication/hooks/two_factor_authenticatable.rb

@ -1,11 +1,9 @@
Warden::Manager.after_authentication do |user, auth, options| Warden::Manager.after_authentication do |user, auth, options|
reset_otp_state_for(user) reset_otp_state_for(user)
if auth.env["action_dispatch.cookies"]
expected_cookie_value = "#{user.class}-#{user.id}" expected_cookie_value = "#{user.class}-#{user.id}"
actual_cookie_value = auth.env["action_dispatch.cookies"].signed[TwoFactorAuthentication::REMEMBER_TFA_COOKIE_NAME] actual_cookie_value = auth.env["action_dispatch.cookies"].signed[TwoFactorAuthentication::REMEMBER_TFA_COOKIE_NAME]
if actual_cookie_value.nil?
bypass_by_cookie = false
else
bypass_by_cookie = actual_cookie_value == expected_cookie_value bypass_by_cookie = actual_cookie_value == expected_cookie_value
end end

Loading…
Cancel
Save