PERF: Avoid loading ActiveRecord objects when checking for second factor.

* Eliminate DB query for sites without local logins and sites that has SSO enabled.
2019-03-15 15:02:04 +08:00 · 2019-03-15 15:02:04 +08:00 · 6327f36bfd
parent c5808a8a25
commit 6327f36bfd
2 changed files with 10 additions and 6 deletions
--- a/app/models/concerns/second_factor_manager.rb
+++ b/app/models/concerns/second_factor_manager.rb
@ -34,15 +34,15 @@ module SecondFactorManager
  end

  def totp_enabled?
-    !!(self&.user_second_factors&.totp&.enabled?) &&
-      !SiteSetting.enable_sso &&
-      SiteSetting.enable_local_logins
+    !SiteSetting.enable_sso &&
+      SiteSetting.enable_local_logins &&
+      self&.user_second_factors.totps.exists?
  end

  def backup_codes_enabled?
-    !!(self&.user_second_factors&.backup_codes&.present?) &&
-      !SiteSetting.enable_sso &&
-      SiteSetting.enable_local_logins
+    !SiteSetting.enable_sso &&
+      SiteSetting.enable_local_logins &&
+      self&.user_second_factors.backup_codes.exists?
  end

  def remaining_backup_codes
--- a/app/models/user_second_factor.rb
+++ b/app/models/user_second_factor.rb
@ -5,6 +5,10 @@ class UserSecondFactor < ActiveRecord::Base
    where(method: UserSecondFactor.methods[:backup_codes], enabled: true)
  end

+  scope :totps, -> do
+    where(method: UserSecondFactor.methods[:totp], enabled: true)
+  end
+
  def self.methods
    @methods ||= Enum.new(
      totp: 1,