b64d01bc10
Previously in these 2 PRs, we introduced a new site setting `SiteSetting.enforce_second_factor_on_external_auth`. https://github.com/discourse/discourse/pull/27547 https://github.com/discourse/discourse/pull/27674 When disabled, it should enforce 2FA for local login with username and password and skip the requirement when authenticating with oauth2. We stored information about the login method in a secure session but it is not reliable. Therefore, information about the login method is moved to the database. |
||
---|---|---|
.. | ||
auth_provider.rb | ||
authenticator.rb | ||
current_user_provider.rb | ||
default_current_user_provider.rb | ||
discord_authenticator.rb | ||
facebook_authenticator.rb | ||
github_authenticator.rb | ||
google_oauth2_authenticator.rb | ||
linkedin_oidc_authenticator.rb | ||
managed_authenticator.rb | ||
result.rb | ||
twitter_authenticator.rb |