mirror of
https://github.com/mastodon/mastodon.git
synced 2025-09-05 17:31:12 +00:00
44 lines
1.1 KiB
Ruby
44 lines
1.1 KiB
Ruby
# frozen_string_literal: true
|
|
|
|
module MfaForceConcern
|
|
extend ActiveSupport::Concern
|
|
|
|
included do
|
|
prepend_before_action :check_mfa_requirement, if: :user_signed_in?
|
|
end
|
|
|
|
private
|
|
|
|
def check_mfa_requirement
|
|
return unless mfa_force_enabled?
|
|
return if current_user.otp_enabled?
|
|
return if mfa_setup_allowed_paths?
|
|
|
|
flash[:alert] = I18n.t('require_multi_factor_auth.required_message')
|
|
redirect_to settings_otp_authentication_path
|
|
end
|
|
|
|
def mfa_force_enabled?
|
|
mfa_config[:force_enabled]
|
|
end
|
|
|
|
def mfa_setup_allowed_paths?
|
|
allowed_paths = [
|
|
settings_otp_authentication_path,
|
|
new_settings_two_factor_authentication_confirmation_path,
|
|
settings_two_factor_authentication_confirmation_path,
|
|
settings_two_factor_authentication_methods_path,
|
|
settings_two_factor_authentication_recovery_codes_path,
|
|
destroy_user_session_path,
|
|
auth_setup_path,
|
|
edit_user_registration_path,
|
|
]
|
|
|
|
allowed_paths.any? { |path| request.path.start_with?(path) }
|
|
end
|
|
|
|
def mfa_config
|
|
@mfa_config ||= Rails.application.config_for(:mfa)
|
|
end
|
|
end
|