Commit adc596ab authored by o's avatar o
Browse files

add option to abort relogin, in case a different user wants to login

parent 140ed62e
......@@ -48,23 +48,25 @@ class SamlLoginController < LoginController
load_custom_params_new
user = session[:login_user]
begin
load_2fa_params
if res = ApiBackend::reissue_saml(user,
session[:login_token],
@saml_request,
totp: @input_totp,
webauthn: @input_webauthn)
reset_user_session
unless params[:norelogin]
begin
load_2fa_params
if res = ApiBackend::reissue_saml(user,
session[:login_token],
@saml_request,
totp: @input_totp,
webauthn: @input_webauthn)
reset_user_session
save_login_token(res, user)
save_login_token(res, user)
return successful_login(res, nil)
end
rescue ApiBackend::ApiError => e
if e.api_msg == 'missing_2fa'
@relogin = true
return query_2fa(user)
return successful_login(res, nil)
end
rescue ApiBackend::ApiError => e
if e.api_msg == 'missing_2fa'
@relogin = true
return query_2fa(user)
end
end
end
end
......
......@@ -18,6 +18,9 @@
</td></tr>
<tr><td>
<%= submit_tag (t :submit) %>
<% if @relogin %>
<%= submit_tag (t :back), name: 'norelogin' %>
<% end %>
</td></tr>
</table>
<%= hidden_field('', :user_id, :value => params[:user_id]) %>
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment