mirror of
https://github.com/discourse/discourse.git
synced 2025-01-12 08:28:34 +08:00
b90b56f953
In this PR we introduced a new setting `enforce_second_factor_on_external_auth` which disables enforce 2FA when the user is authenticated with an external provider. https://github.com/discourse/discourse/pull/27506 However, with the first registration with an external provider, we authenticate the user right after activation. In that case, we need to also keep information that the user was authenticated with an external OAuth provider.
79 lines
1.5 KiB
Ruby
79 lines
1.5 KiB
Ruby
# frozen_string_literal: true
|
|
|
|
class UserActivator
|
|
attr_reader :user, :request, :session, :cookies, :message
|
|
|
|
def initialize(user, request, session, cookies)
|
|
@user = user
|
|
@session = session
|
|
@cookies = cookies
|
|
@request = request
|
|
@message = nil
|
|
end
|
|
|
|
def start
|
|
end
|
|
|
|
def finish
|
|
@message = activator.activate
|
|
end
|
|
|
|
def success_message
|
|
activator.success_message
|
|
end
|
|
|
|
private
|
|
|
|
def activator
|
|
factory.new(user, request, session, cookies)
|
|
end
|
|
|
|
def factory
|
|
invite = Invite.find_by(email: Email.downcase(@user.email))
|
|
|
|
if !user.active?
|
|
EmailActivator
|
|
elsif SiteSetting.must_approve_users? && !(invite.present? && invite.redeemable?)
|
|
ApprovalActivator
|
|
else
|
|
LoginActivator
|
|
end
|
|
end
|
|
end
|
|
|
|
class ApprovalActivator < UserActivator
|
|
def activate
|
|
success_message
|
|
end
|
|
|
|
def success_message
|
|
I18n.t("login.wait_approval")
|
|
end
|
|
end
|
|
|
|
class EmailActivator < UserActivator
|
|
def activate
|
|
email_token = user.email_tokens.create!(email: user.email, scope: EmailToken.scopes[:signup])
|
|
EmailToken.enqueue_signup_email(email_token)
|
|
success_message
|
|
end
|
|
|
|
def success_message
|
|
I18n.t("login.activate_email", email: Rack::Utils.escape_html(user.email))
|
|
end
|
|
end
|
|
|
|
class LoginActivator < UserActivator
|
|
include CurrentUser
|
|
|
|
def activate
|
|
log_on_user(user, { authenticated_with_oauth: @session["authenticated_with_oauth"] })
|
|
user.enqueue_welcome_message("welcome_user")
|
|
success_message
|
|
end
|
|
|
|
def success_message
|
|
I18n.t("login.active")
|
|
end
|
|
end
|