Class: SessionsController

Inherits:
Devise::SessionsController
  • Object
show all
Extended by:
Gitlab::Utils::Override
Includes:
AcceptsPendingInvitations, AuthenticatesWithTwoFactor, BizibleCSP, Devise::Controllers::Rememberable, Gitlab::Utils::StrongMemoize, GoogleAnalyticsCSP, GoogleSyndicationCSP, InternalRedirect, KnownSignIn, OneTrustCSP, PreferredLanguageSwitcher, Recaptcha::Adapters::ControllerMethods, Recaptcha::Adapters::ViewMethods, RendersLdapServers, SkipsAlreadySignedInMessage, VerifiesWithEmail
Defined in:
app/controllers/sessions_controller.rb

Constant Summary collapse

CAPTCHA_HEADER =
'X-GitLab-Show-Login-Captcha'
MAX_FAILED_LOGIN_ATTEMPTS =
5

Constants included from PreferredLanguageSwitcherHelper

PreferredLanguageSwitcherHelper::SWITCHER_MINIMUM_TRANSLATION_LEVEL

Constants included from GoogleSyndicationCSP

GoogleSyndicationCSP::ALLOWED_SRC

Constants included from KnownSignIn

KnownSignIn::KNOWN_SIGN_IN_COOKIE, KnownSignIn::KNOWN_SIGN_IN_COOKIE_EXPIRY

Constants included from CookiesHelper

CookiesHelper::COOKIE_TYPE_ENCRYPTED, CookiesHelper::COOKIE_TYPE_PERMANENT

Instance Method Summary collapse

Methods included from Gitlab::Utils::Override

extended, extensions, included, method_added, override, prepended, queue_verification, verify!

Methods included from AcceptsPendingInvitations

#accept_pending_invitations

Methods included from SkipsAlreadySignedInMessage

#require_no_authentication_without_flash

Methods included from PreferredLanguageSwitcherHelper

#ordered_selectable_locales

Methods included from VerifiesWithEmail

#resend_verification_code, #successful_verification, #update_email, #verify_with_email

Methods included from CookiesHelper

#set_secure_cookie

Methods included from RendersLdapServers

#ldap_servers

Methods included from AuthenticatesWithTwoFactor

#authenticate_with_two_factor, #handle_locked_user, #locked_user_redirect, #prompt_for_two_factor

Methods included from InternalRedirect

#full_path_for_uri, #host_allowed?, #referer_path, #safe_redirect_path, #safe_redirect_path_for_url, #sanitize_redirect

Instance Method Details

#createObject



68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
# File 'app/controllers/sessions_controller.rb', line 68

def create
  super do |resource|
    # User has successfully signed in, so clear any unused reset token
    if resource.reset_password_token.present?
      resource.update(reset_password_token: nil, reset_password_sent_at: nil)
    end

    if resource.deactivated?
      resource.activate
      flash[:notice] = _('Welcome back! Your account had been deactivated due to inactivity but is now reactivated.')
    else
      # hide the default signed-in notification
      flash[:notice] = nil
    end

    accept_pending_invitations

    log_audit_event(current_user, resource, with: authentication_method)
    log_user_activity(current_user)
  end
end

#destroyObject



90
91
92
93
94
95
96
97
# File 'app/controllers/sessions_controller.rb', line 90

def destroy
  headers['Clear-Site-Data'] = '"*"'

  Gitlab::AppLogger.info("User Logout: username=#{current_user.username} ip=#{request.remote_ip}")
  super
  # hide the signed_out notice
  flash[:notice] = nil
end

#newObject



62
63
64
65
66
# File 'app/controllers/sessions_controller.rb', line 62

def new
  set_minimum_password_length

  super
end