Fix TOTP codes not being filtered from logs during enabling/disabling (#11877)

Not a serious issue because they are meaningless past single use
2019-09-18 02:48:40 +02:00 · 2019-09-18 02:48:40 +02:00 · a4b60e9ba4
commit a4b60e9ba4
parent 3919571c39
7 changed files with 13 additions and 13 deletions
--- a/app/controllers/settings/two_factor_authentication/confirmations_controller.rb
+++ b/app/controllers/settings/two_factor_authentication/confirmations_controller.rb
@ -15,7 +15,7 @@ module Settings
      end

      def create
-        if current_user.validate_and_consume_otp!(confirmation_params[:code])
+        if current_user.validate_and_consume_otp!(confirmation_params[:otp_attempt])
          flash.now[:notice] = I18n.t('two_factor_authentication.enabled_success')

          current_user.otp_required_for_login = true
@ -33,7 +33,7 @@ module Settings
      private

      def confirmation_params
-        params.require(:form_two_factor_confirmation).permit(:code)
+        params.require(:form_two_factor_confirmation).permit(:otp_attempt)
      end

      def prepare_two_factor_form