Add password challenge to 2FA settings, e-mail notifications (#11878)

Fix #3961
2019-09-18 16:37:27 +02:00
parent d0c2c52783
commit e1066cd431
32 changed files with 567 additions and 50 deletions
--- a/app/controllers/auth/sessions_controller.rb
+++ b/app/controllers/auth/sessions_controller.rb
@ -42,6 +42,7 @@ class Auth::SessionsController < Devise::SessionsController
  def destroy
    tmp_stored_location = stored_location_for(:user)
    super
+    session.delete(:challenge_passed_at)
    flash.delete(:notice)
    store_location_for(:user, tmp_stored_location) if continue_after?
  end