From 5c47a18c8df3231aa25c6d1f140a71a7fac9cbf9 Mon Sep 17 00:00:00 2001 From: Eugen Rochko Date: Sat, 6 Nov 2021 05:17:39 +0100 Subject: [PATCH] Fix login being broken due to inaccurately applied backport fix in 3.4.2 See #16943 --- app/controllers/auth/sessions_controller.rb | 1 - .../concerns/sign_in_token_authentication_concern.rb | 1 - app/controllers/concerns/two_factor_authentication_concern.rb | 2 -- 3 files changed, 4 deletions(-) diff --git a/app/controllers/auth/sessions_controller.rb b/app/controllers/auth/sessions_controller.rb index 6ebd86037..630b0dee5 100644 --- a/app/controllers/auth/sessions_controller.rb +++ b/app/controllers/auth/sessions_controller.rb @@ -24,7 +24,6 @@ class Auth::SessionsController < Devise::SessionsController def create super do |resource| resource.update_sign_in!(request, new_sign_in: true) - remember_me(resource) flash.delete(:notice) end end diff --git a/app/controllers/concerns/sign_in_token_authentication_concern.rb b/app/controllers/concerns/sign_in_token_authentication_concern.rb index 33ea5cf85..2b5e79115 100644 --- a/app/controllers/concerns/sign_in_token_authentication_concern.rb +++ b/app/controllers/concerns/sign_in_token_authentication_concern.rb @@ -34,7 +34,6 @@ module SignInTokenAuthenticationConcern def authenticate_with_sign_in_token_attempt(user) if valid_sign_in_token_attempt?(user) clear_attempt_from_session - remember_me(user) sign_in(user) else flash.now[:alert] = I18n.t('users.invalid_sign_in_token') diff --git a/app/controllers/concerns/two_factor_authentication_concern.rb b/app/controllers/concerns/two_factor_authentication_concern.rb index 402638eba..d65f072ff 100644 --- a/app/controllers/concerns/two_factor_authentication_concern.rb +++ b/app/controllers/concerns/two_factor_authentication_concern.rb @@ -57,7 +57,6 @@ module TwoFactorAuthenticationConcern if valid_webauthn_credential?(user, webauthn_credential) clear_attempt_from_session - remember_me(user) sign_in(user) render json: { redirect_path: root_path }, status: :ok else @@ -68,7 +67,6 @@ module TwoFactorAuthenticationConcern def authenticate_with_two_factor_via_otp(user) if valid_otp_attempt?(user) clear_attempt_from_session - remember_me(user) sign_in(user) else flash.now[:alert] = I18n.t('users.invalid_otp_token')