X-Git-Url: https://git.openstreetmap.org./rails.git/blobdiff_plain/ec6e096274553072205cb6fd7e7b54e2c807b8c7..7f05783949ce561d58904da133efd37438ebffe8:/app/controllers/application_controller.rb?ds=inline diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index 2b6d62bb5..d6516dc14 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -152,9 +152,14 @@ class ApplicationController < ActionController::Base # have we identified the user? if @user # check if the user has been banned - if @user.blocks.active.exists? - # NOTE: need slightly more helpful message than this. - report_error t("application.setup_user_auth.blocked"), :forbidden + user_block = @user.blocks.active.take + unless user_block.nil? + set_locale + if user_block.zero_hour? + report_error t("application.setup_user_auth.blocked_zero_hour"), :forbidden + else + report_error t("application.setup_user_auth.blocked"), :forbidden + end end # if the user hasn't seen the contributor terms then don't @@ -419,6 +424,16 @@ class ApplicationController < ActionController::Base helper_method :preferred_editor + def update_totp + if defined?(TOTP_KEY) + cookies["_osm_totp_token"] = { + :value => ROTP::TOTP.new(TOTP_KEY, :interval => 3600).now, + :domain => "openstreetmap.org", + :expires => 1.hour.from_now + } + end + end + private # extract authorisation credentials from headers, returns user = nil if none @@ -448,6 +463,5 @@ class ApplicationController < ActionController::Base end # override to stop oauth plugin sending errors - def invalid_oauth_response - end + def invalid_oauth_response; end end