mirror of
https://github.com/mastodon/mastodon.git
synced 2025-09-05 09:21:11 +00:00
40 lines
1.0 KiB
Ruby
40 lines
1.0 KiB
Ruby
# frozen_string_literal: true
|
|
|
|
module MfaForceConcern
|
|
extend ActiveSupport::Concern
|
|
|
|
included do
|
|
before_action :check_mfa_requirement, if: :user_signed_in?
|
|
end
|
|
|
|
private
|
|
|
|
def check_mfa_requirement
|
|
return unless mfa_force_enabled?
|
|
return if current_user.otp_enabled?
|
|
return if mfa_setup_allowed_paths?
|
|
|
|
flash[:alert] = I18n.t('require_multi_factor_auth.required_message')
|
|
redirect_to settings_otp_authentication_path
|
|
end
|
|
|
|
def mfa_force_enabled?
|
|
ENV['REQUIRE_MULTI_FACTOR_AUTH'] == 'true'
|
|
end
|
|
|
|
def mfa_setup_allowed_paths?
|
|
allowed_paths = [
|
|
settings_otp_authentication_path,
|
|
new_settings_two_factor_authentication_confirmation_path,
|
|
settings_two_factor_authentication_confirmation_path,
|
|
settings_two_factor_authentication_methods_path,
|
|
settings_two_factor_authentication_recovery_codes_path,
|
|
destroy_user_session_path,
|
|
auth_setup_path,
|
|
edit_user_registration_path,
|
|
]
|
|
|
|
allowed_paths.any? { |path| request.path.start_with?(path) }
|
|
end
|
|
end
|