DEV: Check for "true" in oauth check for 2FA (#27587)

Followup to 0e1102b332

Minor followup, makes the condition check against the
boolean val, see the difference here:

```ruby
!SiteSetting.enforce_second_factor_on_external_auth && "true"
=> "true"
```

vs:

```ruby
!SiteSetting.enforce_second_factor_on_external_auth && "true" == "true"
=> true
```
This commit is contained in:
Martin Brennan 2024-06-24 14:19:32 +10:00 committed by GitHub
parent cb3456e18f
commit 706e074e6c
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
2 changed files with 2 additions and 2 deletions

View File

@ -904,7 +904,7 @@ class ApplicationController < ActionController::Base
def disqualified_from_2fa_enforcement def disqualified_from_2fa_enforcement
request.format.json? || is_api? || current_user.anonymous? || request.format.json? || is_api? || current_user.anonymous? ||
(!SiteSetting.enforce_second_factor_on_external_auth && secure_session["oauth"]) (!SiteSetting.enforce_second_factor_on_external_auth && secure_session["oauth"] == "true")
end end
def build_not_found_page(opts = {}) def build_not_found_page(opts = {})

View File

@ -236,7 +236,7 @@ RSpec.describe Users::OmniauthCallbacksController do
expect(data["email_valid"]).to eq(true) expect(data["email_valid"]).to eq(true)
expect(data["can_edit_username"]).to eq(true) expect(data["can_edit_username"]).to eq(true)
expect(data["destination_url"]).to eq(destination_url) expect(data["destination_url"]).to eq(destination_url)
expect(!!read_secure_session["oauth"]).to be true expect(read_secure_session["oauth"]).to eq("true")
end end
it "should return the right response for staged users" do it "should return the right response for staged users" do