From 54c514f24ee00d885ec633a137a78a4cc71c6781 Mon Sep 17 00:00:00 2001
From: Patricio Cano <suprnova32@gmail.com>
Date: Wed, 29 Jun 2016 11:55:23 -0500
Subject: [PATCH] Add 2FA check to the OAuth authentication mechanism

---
 app/controllers/omniauth_callbacks_controller.rb | 1 +
 1 file changed, 1 insertion(+)

diff --git a/app/controllers/omniauth_callbacks_controller.rb b/app/controllers/omniauth_callbacks_controller.rb
index f35d631df0c..619a76ebfd9 100644
--- a/app/controllers/omniauth_callbacks_controller.rb
+++ b/app/controllers/omniauth_callbacks_controller.rb
@@ -107,6 +107,7 @@ class OmniauthCallbacksController < Devise::OmniauthCallbacksController
     # Only allow properly saved users to login.
     if @user.persisted? && @user.valid?
       log_audit_event(@user, with: oauth['provider'])
+      prompt_for_two_factor(@user) and return if @user.two_factor_enabled?
       sign_in_and_redirect(@user)
     else
       error_message = @user.errors.full_messages.to_sentence
-- 
GitLab