-
Bob Van Landuyt authored
When a blocked user tries to log in they are immediately signed out again. This in turn calls the `before_logout` callback in Warden. In that callback we try to log the activity for the blocked user in the `BlockedUserTracker`: https://gitlab.com/gitlab-org/gitlab/blob/e30d909d3f19511742d218da0b4bd2cecca8b7a2/config/initializers/warden.rb#L60 If a `SystemHook` was configured, this would also mean scheduling a job. Scheduling a job tries to get the current user from the context. For the `OmniAuthCallbacksController` this would call `current_user` which would try to sign the user in again. The `OmniauthCallbacksController` is an `ApplicationController`, which has a `#context_user` method that uses `#auth_user` which also exposes `#current_user`, but it has a safeguard to not call current user multiple times. Instead of trying to fetch it again for the omniauth sign in request. We push it into the context when the sign in was valid. Changelog: fixed
00a4831d
