Add password challenge to 2FA settings, e-mail notifications (#11878)

Fix #3961
2019-09-18 16:37:27 +02:00 · 2019-09-18 16:37:27 +02:00 · e1066cd431
commit e1066cd431
parent d0c2c52783
32 changed files with 567 additions and 50 deletions
--- a/app/models/form/challenge.rb
+++ b/app/models/form/challenge.rb
@ -0,0 +1,8 @@
+# frozen_string_literal: true
+
+class Form::Challenge
+  include ActiveModel::Model
+
+  attr_accessor :current_password, :current_username,
+                :return_to
+end
--- a/app/models/user.rb
+++ b/app/models/user.rb
@ -264,17 +264,20 @@ class User < ApplicationRecord
  end

  def password_required?
-    return false if Devise.pam_authentication || Devise.ldap_authentication
+    return false if external?
+
    super
  end

  def send_reset_password_instructions
-    return false if encrypted_password.blank? && (Devise.pam_authentication || Devise.ldap_authentication)
+    return false if encrypted_password.blank?
+
    super
  end

  def reset_password!(new_password, new_password_confirmation)
-    return false if encrypted_password.blank? && (Devise.pam_authentication || Devise.ldap_authentication)
+    return false if encrypted_password.blank?
+
    super
  end