From cbd4d06da0f4686d9eb0fb4e070fcf96ff47f145 Mon Sep 17 00:00:00 2001
From: Sam Saffron <sam.saffron@gmail.com>
Date: Fri, 7 Jun 2019 16:24:54 +1000
Subject: [PATCH] PERF: only check for totp record on current user at when
 needed

Previously the check was done a bit too early causing one extra query
per page unconditionally for logged on users
---
 app/controllers/application_controller.rb | 12 +++++++++---
 1 file changed, 9 insertions(+), 3 deletions(-)

diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
index 7e301698422..d51265bde4c 100644
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -730,24 +730,30 @@ class ApplicationController < ActionController::Base
         # save original URL in a session so we can redirect after login
         session[:destination_url] = destination_url
         redirect_to path('/session/sso')
+        return
       elsif params[:authComplete].present?
         redirect_to path("/login?authComplete=true")
+        return
       else
         # save original URL in a cookie (javascript redirects after login in this case)
         cookies[:destination_url] = destination_url
         redirect_to path("/login")
+        return
       end
     end
 
-    if current_user &&
-      !current_user.totp_enabled? &&
+    check_totp = current_user &&
       !request.format.json? &&
       !is_api? &&
       ((SiteSetting.enforce_second_factor == 'staff' && current_user.staff?) ||
-        SiteSetting.enforce_second_factor == 'all')
+        SiteSetting.enforce_second_factor == 'all') &&
+      !current_user.totp_enabled?
+
+    if check_totp
       redirect_path = "#{GlobalSetting.relative_url_root}/u/#{current_user.username}/preferences/second-factor"
       if !request.fullpath.start_with?(redirect_path)
         redirect_to path(redirect_path)
+        return
       end
     end
   end