il y a 2 ans · 3251b8eead
--- a/app/controllers/auth/passwords_controller.rb
+++ b/app/controllers/auth/passwords_controller.rb
@@ -10,7 +10,6 @@ class Auth::PasswordsController < Devise::PasswordsController
 
				     super do |resource|
			
 
				       if resource.errors.empty?
			
 
				         resource.session_activations.destroy_all
			
 
				-        resource.forget_me!
			
 
				       end
			
 
				     end
			
 
				   end
			
--- a/app/controllers/auth/registrations_controller.rb
+++ b/app/controllers/auth/registrations_controller.rb
@@ -1,7 +1,6 @@
 
				 # frozen_string_literal: true
			
 
				 
			
 
				 class Auth::RegistrationsController < Devise::RegistrationsController
			
 
				-  include Devise::Controllers::Rememberable
			
 
				   include RegistrationSpamConcern
			
 
				 
			
 
				   layout :determine_layout
			
@@ -30,8 +29,6 @@ class Auth::RegistrationsController < Devise::RegistrationsController
 
				     super do |resource|
			
 
				       if resource.saved_change_to_encrypted_password?
			
 
				         resource.clear_other_sessions(current_session.session_id)
			
 
				-        resource.forget_me!
			
 
				-        remember_me(resource)
			
 
				       end
			
 
				     end
			
 
				   end
			
--- a/app/controllers/auth/sessions_controller.rb
+++ b/app/controllers/auth/sessions_controller.rb
@@ -1,8 +1,6 @@
 
				 # frozen_string_literal: true
			
 
				 
			
 
				 class Auth::SessionsController < Devise::SessionsController
			
 
				-  include Devise::Controllers::Rememberable
			
 
				-
			
 
				   layout 'auth'
			
 
				 
			
 
				   skip_before_action :require_no_authentication, only: [:create]
			
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -63,7 +63,7 @@ class User < ApplicationRecord
 
				   devise :two_factor_backupable,
			
 
				          otp_number_of_backup_codes: 10
			
 
				 
			
 
				-  devise :registerable, :recoverable, :rememberable, :validatable,
			
 
				+  devise :registerable, :recoverable, :validatable,
			
 
				          :confirmable
			
 
				 
			
 
				   include Omniauthable
			
--- a/config/initializers/devise.rb
+++ b/config/initializers/devise.rb
@@ -1,3 +1,5 @@
 
				+require 'devise/strategies/authenticatable'
			
 
				+
			
 
				 Warden::Manager.after_set_user except: :fetch do |user, warden|
			
 
				   if user.session_active?(warden.cookies.signed['_session_id'] || warden.raw_session['auth_id'])
			
 
				     session_id = warden.cookies.signed['_session_id'] || warden.raw_session['auth_id']
			
@@ -72,17 +74,48 @@ module Devise
 
				   mattr_accessor :ldap_uid_conversion_replace
			
 
				   @@ldap_uid_conversion_replace = nil
			
 
				 
			
 
				-  class Strategies::PamAuthenticatable
			
 
				-    def valid?
			
 
				-      super && ::Devise.pam_authentication
			
 
				+  module Strategies
			
 
				+    class PamAuthenticatable
			
 
				+      def valid?
			
 
				+        super && ::Devise.pam_authentication
			
 
				+      end
			
 
				+    end
			
 
				+
			
 
				+    class SessionActivationRememberable < Authenticatable
			
 
				+      def valid?
			
 
				+        @session_cookie = nil
			
 
				+        session_cookie.present?
			
 
				+      end
			
 
				+
			
 
				+      def authenticate!
			
 
				+        resource = SessionActivation.find_by(session_id: session_cookie)&.user
			
 
				+
			
 
				+        unless resource
			
 
				+          cookies.delete('_session_id')
			
 
				+          return pass
			
 
				+        end
			
 
				+
			
 
				+        if validate(resource)
			
 
				+          success!(resource)
			
 
				+        end
			
 
				+      end
			
 
				+
			
 
				+      private
			
 
				+
			
 
				+      def session_cookie
			
 
				+        @session_cookie ||= cookies.signed['_session_id']
			
 
				+      end
			
 
				     end
			
 
				   end
			
 
				 end
			
 
				 
			
 
				+Warden::Strategies.add(:session_activation_rememberable, Devise::Strategies::SessionActivationRememberable)
			
 
				+
			
 
				 Devise.setup do |config|
			
 
				   config.warden do |manager|
			
 
				     manager.default_strategies(scope: :user).unshift :two_factor_ldap_authenticatable if Devise.ldap_authentication
			
 
				     manager.default_strategies(scope: :user).unshift :two_factor_pam_authenticatable  if Devise.pam_authentication
			
 
				+    manager.default_strategies(scope: :user).unshift :session_activation_rememberable
			
 
				     manager.default_strategies(scope: :user).unshift :two_factor_authenticatable
			
 
				     manager.default_strategies(scope: :user).unshift :two_factor_backupable
			
 
				   end