mirror of
https://github.com/discourse/discourse.git
synced 2024-12-19 20:44:05 +08:00
1bfccdd4f2
In a handful of situations, we need to verify a user's 2fa credentials before `current_user` is assigned. For example: login, email_login and change-email confirmation. This commit adds an explicit `target_user:` parameter to the centralized 2fa system so that it can be used for those situations. For safety and clarity, this new parameter only works for anon. If some user is logged in, and target_user is set to a different user, an exception will be raised.
37 lines
855 B
Ruby
37 lines
855 B
Ruby
# frozen_string_literal: true
|
|
|
|
module SecondFactor::Actions
|
|
class Base
|
|
include Rails.application.routes.url_helpers
|
|
attr_reader :current_user, :guardian, :request
|
|
|
|
def initialize(guardian, request, target_user:, opts: nil)
|
|
@guardian = guardian
|
|
@current_user = guardian.user
|
|
@target_user = target_user
|
|
@request = request
|
|
@opts = HashWithIndifferentAccess.new(opts)
|
|
end
|
|
|
|
def skip_second_factor_auth?(params)
|
|
false
|
|
end
|
|
|
|
def second_factor_auth_skipped!(params)
|
|
raise NotImplementedError.new
|
|
end
|
|
|
|
def no_second_factors_enabled!(params)
|
|
raise NotImplementedError.new
|
|
end
|
|
|
|
def second_factor_auth_required!(params)
|
|
raise NotImplementedError.new
|
|
end
|
|
|
|
def second_factor_auth_completed!(callback_params)
|
|
raise NotImplementedError.new
|
|
end
|
|
end
|
|
end
|