mirror of
https://github.com/glitch-soc/mastodon.git
synced 2024-11-29 19:40:23 -05:00
8532429af7
If someone tries logging in to an account and is prompted for a 2FA code or sign-in token, even if the account's password or e-mail is updated in the meantime, the session will show the prompt and allow the login process to complete with a valid 2FA code or sign-in token
22 lines
469 B
Ruby
22 lines
469 B
Ruby
# frozen_string_literal: true
|
|
|
|
module UserTrackingConcern
|
|
extend ActiveSupport::Concern
|
|
|
|
UPDATE_SIGN_IN_HOURS = 24
|
|
|
|
included do
|
|
before_action :update_user_sign_in
|
|
end
|
|
|
|
private
|
|
|
|
def update_user_sign_in
|
|
current_user.update_sign_in!(request) if user_needs_sign_in_update?
|
|
end
|
|
|
|
def user_needs_sign_in_update?
|
|
user_signed_in? && (current_user.current_sign_in_at.nil? || current_user.current_sign_in_at < UPDATE_SIGN_IN_HOURS.hours.ago)
|
|
end
|
|
end
|