Commit 3eff85a9 authored by Illya Klymov's avatar Illya Klymov Committed by Nick Thomas

Remove "You are already signed in" banner

parent a89e8149
...@@ -8,13 +8,6 @@ ...@@ -8,13 +8,6 @@
module AuthenticatesWithTwoFactor module AuthenticatesWithTwoFactor
extend ActiveSupport::Concern extend ActiveSupport::Concern
included do
# This action comes from DeviseController, but because we call `sign_in`
# manually, not skipping this action would cause a "You are already signed
# in." error message to be shown upon successful login.
skip_before_action :require_no_authentication, only: [:create], raise: false
end
# Store the user's ID in the session for later retrieval and render the # Store the user's ID in the session for later retrieval and render the
# two factor code prompt # two factor code prompt
# #
......
...@@ -8,6 +8,8 @@ class SessionsController < Devise::SessionsController ...@@ -8,6 +8,8 @@ class SessionsController < Devise::SessionsController
include Recaptcha::Verify include Recaptcha::Verify
skip_before_action :check_two_factor_requirement, only: [:destroy] skip_before_action :check_two_factor_requirement, only: [:destroy]
# replaced with :require_no_authentication_without_flash
skip_before_action :require_no_authentication, only: [:new, :create]
prepend_before_action :check_initial_setup, only: [:new] prepend_before_action :check_initial_setup, only: [:new]
prepend_before_action :authenticate_with_two_factor, prepend_before_action :authenticate_with_two_factor,
...@@ -15,6 +17,8 @@ class SessionsController < Devise::SessionsController ...@@ -15,6 +17,8 @@ class SessionsController < Devise::SessionsController
prepend_before_action :check_captcha, only: [:create] prepend_before_action :check_captcha, only: [:create]
prepend_before_action :store_redirect_uri, only: [:new] prepend_before_action :store_redirect_uri, only: [:new]
prepend_before_action :ldap_servers, only: [:new, :create] prepend_before_action :ldap_servers, only: [:new, :create]
prepend_before_action :require_no_authentication_without_flash, only: [:new, :create]
before_action :auto_sign_in_with_provider, only: [:new] before_action :auto_sign_in_with_provider, only: [:new]
before_action :load_recaptcha before_action :load_recaptcha
...@@ -54,6 +58,14 @@ class SessionsController < Devise::SessionsController ...@@ -54,6 +58,14 @@ class SessionsController < Devise::SessionsController
private private
def require_no_authentication_without_flash
require_no_authentication
if flash[:alert] == I18n.t('devise.failure.already_authenticated')
flash[:alert] = nil
end
end
def captcha_enabled? def captcha_enabled?
request.headers[CAPTCHA_HEADER] && Gitlab::Recaptcha.enabled? request.headers[CAPTCHA_HEADER] && Gitlab::Recaptcha.enabled?
end end
......
---
title: Remove "You are already signed in" banner
merge_request: 27377
author:
type: other
...@@ -137,7 +137,7 @@ describe 'Login' do ...@@ -137,7 +137,7 @@ describe 'Login' do
enter_code(user.current_otp) enter_code(user.current_otp)
expect(page).not_to have_content('You are already signed in.') expect(page).not_to have_content(I18n.t('devise.failure.already_authenticated'))
end end
context 'using one-time code' do context 'using one-time code' do
...@@ -317,7 +317,17 @@ describe 'Login' do ...@@ -317,7 +317,17 @@ describe 'Login' do
gitlab_sign_in(user) gitlab_sign_in(user)
expect(current_path).to eq root_path expect(current_path).to eq root_path
expect(page).not_to have_content('You are already signed in.') expect(page).not_to have_content(I18n.t('devise.failure.already_authenticated'))
end
it 'does not show already signed in message when opening sign in page after login' do
expect(authentication_metrics)
.to increment(:user_authenticated_counter)
gitlab_sign_in(user)
visit new_user_session_path
expect(page).not_to have_content(I18n.t('devise.failure.already_authenticated'))
end end
end end
...@@ -579,7 +589,7 @@ describe 'Login' do ...@@ -579,7 +589,7 @@ describe 'Login' do
click_button 'Accept terms' click_button 'Accept terms'
expect(current_path).to eq(root_path) expect(current_path).to eq(root_path)
expect(page).not_to have_content('You are already signed in.') expect(page).not_to have_content(I18n.t('devise.failure.already_authenticated'))
end end
it 'does not ask for terms when the user already accepted them' do it 'does not ask for terms when the user already accepted them' do
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment