Module: SessionsHelper

Includes:
Gitlab::Utils::StrongMemoize, VerifiesWithEmailHelper
Included in:
ApplicationController, Gitlab::BaseDoorkeeperController
Defined in:
app/helpers/sessions_helper.rb

Instance Method Summary collapse

Methods included from VerifiesWithEmailHelper

#permitted_to_skip_email_otp_in_grace_period?, #treat_as_locked?, #trusted_ip_address?

Instance Method Details

#fallback_to_email_otp_permitted?(user) ⇒ Boolean

Returns:

  • (Boolean) 


41
42
43
44
45
 
# File 'app/helpers/sessions_helper.rb', line 41

def fallback_to_email_otp_permitted?(user)
  Feature.enabled?(:email_based_mfa, user) &&
    user.email_otp_required_after&.past? &&
    !treat_as_locked?(user)
end

#obfuscated_email(email) ⇒ Object 



11
12
13
14
 
# File 'app/helpers/sessions_helper.rb', line 11

def obfuscated_email(email)
  # Moved to Gitlab::Utils::Email in 15.9
  Gitlab::Utils::Email.obfuscated_email(email)
end

#passkey_authentication_data(params) ⇒ Object 



47
48
49
50
51
52
53
 
# File 'app/helpers/sessions_helper.rb', line 47

def passkey_authentication_data(params)
  {
    path: ,
    remember_me: params.fetch(:remember_me, '0'),
    sign_in_path: root_path
  }
end

#remember_me_enabled?Boolean

Returns:

  • (Boolean) 


21
22
23
 
# File 'app/helpers/sessions_helper.rb', line 21

def remember_me_enabled?
  Gitlab::CurrentSettings.allow_user_remember_me?
end

#render_email_otp_fallback_for_totp?(user) ⇒ Boolean

Returns:

  • (Boolean) 


25
26
27
 
# File 'app/helpers/sessions_helper.rb', line 25

def render_email_otp_fallback_for_totp?(user)
  fallback_to_email_otp_permitted?(user) && !user.two_factor_webauthn_enabled?
end

#session_expire_modal_dataObject 



16
17
18
19
 
# File 'app/helpers/sessions_helper.rb', line 16

def session_expire_modal_data
  { session_timeout: Gitlab::Auth::SessionExpireFromInitEnforcer.session_expires_at(session) * 1000,
    sign_in_url: new_session_url(:user, redirect_to_referer: 'yes') }
end

#sign_in_form_app_dataObject 



77
78
79
80
81
82
83
84
85
86
87
 
# File 'app/helpers/sessions_helper.rb', line 77

def 
  {
    sign_in_path: user_session_path,
    passkeys_sign_in_path: ,
    is_unconfirmed_email: unconfirmed_email?,
    new_user_confirmation_path: new_user_confirmation_path,
    new_password_path: new_user_password_path,
    show_captcha: captcha_enabled? || ,
    is_remember_me_enabled: remember_me_enabled?
  }.to_json
end

#unconfirmed_email?Boolean

Returns:

  • (Boolean) 


7
8
9
 
# File 'app/helpers/sessions_helper.rb', line 7

def unconfirmed_email?
  flash[:alert] == t(:unconfirmed, scope: [:devise, :failure])
end

#verification_data(user) ⇒ Object 



29
30
31
32
33
34
35
36
37
38
39
 
# File 'app/helpers/sessions_helper.rb', line 29

def verification_data(user)
  permitted_to_skip = permitted_to_skip_email_otp_in_grace_period?(user)

  {
    username: user.username,
    obfuscated_email: obfuscated_email(user.email),
    verify_path: session_path(:user),
    resend_path: users_resend_verification_code_path,
    skip_path: permitted_to_skip ? users_skip_verification_for_now_path : nil
  }
end

#webauthn_authentication_data(user:, params:, admin_mode: false) ⇒ Object 



55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
 
# File 'app/helpers/sessions_helper.rb', line 55

def webauthn_authentication_data(user:, params:, admin_mode: false)
  target_path = admin_mode ? admin_session_path : user_session_path
  render_remember_me = admin_mode ? false : remember_me_enabled?
  user_params = params[:user].presence || params
  remember_me_value = user_params.fetch(:remember_me, 0)

  send_email_otp_path = fallback_to_email_otp_permitted?(user) ? users_fallback_to_email_otp_path : nil

  data = {
    target_path: target_path,
    render_remember_me: render_remember_me.to_s,
    remember_me: remember_me_value,
    send_email_otp_path: send_email_otp_path,
    username: user.username
  }

  # This is additional data needed to complete the email verification workflow
  data[:email_verification_data] = verification_data(user).to_json if send_email_otp_path

  data
end