summaryrefslogtreecommitdiff
path: root/app/controllers/application_controller.rb
diff options
context:
space:
mode:
Diffstat (limited to 'app/controllers/application_controller.rb')
-rw-r--r--app/controllers/application_controller.rb10
1 files changed, 9 insertions, 1 deletions
diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
index d489611..063c173 100644
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -1,6 +1,6 @@
class ApplicationController < ActionController::Base
protect_from_forgery
- before_filter :update_ip, :update_seen, :check_banned
+ before_filter :update_ip, :update_seen, :check_banned, :check_2fa
# TODO: use SSL
@@ -41,6 +41,14 @@ class ApplicationController < ActionController::Base
end
end
+ def check_2fa
+ # Over complicated way of asking if the user is logged in as a mod without TOTP enabled while they are not on their login settings screen, logging out, or updating their login settings.
+ if current_user && current_user.mod? && !current_user.totp_enabled? && !(controller_name == "users" && action_name == "edit_login") && !(controller_name == "sessions" && action_name == "destroy") && !(controller_name == "users" && action_name == "update_login")
+ flash[:alert] = "Due to your staff rank, you are required to enable 2FA."
+ redirect_to :controller => "users", :action => "edit_login", :id => current_user.id
+ end
+ end
+
#roles
def disabled?
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-18 13:36:05 +0000