Merge branch 'sh-fix-issue-50210-oauth2' into 'master'

Fix logins via OAuth2 geting logged out in an hour Closes #50210 See merge request gitlab-org/gitlab-ce!21144

Merge branch 'sh-fix-issue-50210-oauth2' into 'master'
Fix logins via OAuth2 geting logged out in an hour Closes #50210 See merge request gitlab-org/gitlab-ce!21144
6e70e50b · Robert Speicher · 91bd5293 · a7e2f96b · 6e70e50b · 6e70e50b
Commit 6e70e50b authored Aug 13, 2018 by Robert Speicher
Showing with 5 additions and 1 deletion

app/controllers/application_controller.rb app/controllers/application_controller.rb +1 -1

spec/controllers/application_controller_spec.rb spec/controllers/application_controller_spec.rb +4 -0

No files found.
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -11,7 +11,6 @@ class ApplicationController < ActionController::Base
  include EnforcesTwoFactorAuthentication
  include WithPerformanceBar

-  before_action :limit_unauthenticated_session_times
  before_action :authenticate_sessionless_user!
  before_action :authenticate_user!
  before_action :enforce_terms!, if: :should_enforce_terms?
@@ -27,6 +26,7 @@ class ApplicationController < ActionController::Base
  around_action :set_locale

  after_action :set_page_title_header, if: :json_request?
+  after_action :limit_unauthenticated_session_times

  protect_from_forgery with: :exception, prepend: true


--- a/spec/controllers/application_controller_spec.rb
+++ b/spec/controllers/application_controller_spec.rb
@@ -162,6 +162,10 @@ describe ApplicationController do

  describe 'session expiration' do
    controller(described_class) do
+      # The anonymous controller will report 401 and fail to run any actions.
+      # Normally, GitLab will just redirect you to sign in.
+      skip_before_action :authenticate_user!, only: :index
+
      def index
        render text: 'authenticated'
      end