baarkerlounger
/
two_factor_authentication
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
Browse Source

Merge pull request #100 from msx2/custom-resource-id-field 

Fixed sign in via remember 2fa cookie
master
Dmitrii Golub 8 years ago committed by GitHub
parent
9c7dff84c6 234f622f09
commit
ed343cd20a
1 changed files with 1 additions and 1 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 2
      lib/two_factor_authentication/hooks/two_factor_authenticatable.rb

2
lib/two_factor_authentication/hooks/two_factor_authenticatable.rb
Unescape View File

@ -1,6 +1,6 @@
Warden::Manager.after_authentication do |user, auth, options|
if auth.env["action_dispatch.cookies"]
expected_cookie_value = "#{user.class}-#{user.public_send(Devise.second_factor_resource_id)}",
expected_cookie_value = "#{user.class}-#{user.public_send(Devise.second_factor_resource_id)}"
actual_cookie_value = auth.env["action_dispatch.cookies"].signed[TwoFactorAuthentication::REMEMBER_TFA_COOKIE_NAME]
bypass_by_cookie = actual_cookie_value == expected_cookie_value
end

Write Preview
Loading…
Cancel
Save