Class: SessionsController

Inherits:
Devise::SessionsController
  • Object
show all
Includes:
AuthenticatesWithTwoFactor, Devise::Controllers::Rememberable, Gitlab::Utils::StrongMemoize, InternalRedirect, KnownSignIn, Recaptcha::ClientHelper, Recaptcha::Verify, RendersLdapServers
Defined in:
app/controllers/sessions_controller.rb

Constant Summary collapse

CAPTCHA_HEADER =
'X-GitLab-Show-Login-Captcha'
MAX_FAILED_LOGIN_ATTEMPTS =
5

Constants included from KnownSignIn

KnownSignIn::KNOWN_SIGN_IN_COOKIE, KnownSignIn::KNOWN_SIGN_IN_COOKIE_EXPIRY

Constants included from CookiesHelper

CookiesHelper::COOKIE_TYPE_ENCRYPTED, CookiesHelper::COOKIE_TYPE_PERMANENT

Instance Method Summary collapse

Methods included from Gitlab::Utils::StrongMemoize

#clear_memoization, #strong_memoize, #strong_memoized?

Methods included from CookiesHelper

#set_secure_cookie

Methods included from RendersLdapServers

#ldap_servers

Methods included from AuthenticatesWithTwoFactor

#authenticate_with_two_factor, #handle_locked_user, #locked_user_redirect, #prompt_for_two_factor

Methods included from InternalRedirect

#full_path_for_uri, #host_allowed?, #referer_path, #safe_redirect_path, #safe_redirect_path_for_url, #sanitize_redirect

Instance Method Details

#createObject


61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
# File 'app/controllers/sessions_controller.rb', line 61

def create
  super do |resource|
    # User has successfully signed in, so clear any unused reset token
    if resource.reset_password_token.present?
      resource.update(reset_password_token: nil,
                      reset_password_sent_at: nil)
    end

    if resource.deactivated?
      resource.activate
      flash[:notice] = _('Welcome back! Your account had been deactivated due to inactivity but is now reactivated.')
    else
      # hide the default signed-in notification
      flash[:notice] = nil
    end

    log_audit_event(current_user, resource, with: authentication_method)
    log_user_activity(current_user)
  end
end

#destroyObject


82
83
84
85
86
87
# File 'app/controllers/sessions_controller.rb', line 82

def destroy
  Gitlab::AppLogger.info("User Logout: username=#{current_user.username} ip=#{request.remote_ip}")
  super
  # hide the signed_out notice
  flash[:notice] = nil
end

#newObject


55
56
57
58
59
# File 'app/controllers/sessions_controller.rb', line 55

def new
  set_minimum_password_length

  super
end