X-Git-Url: https://git.openstreetmap.org/rails.git/blobdiff_plain/8b03371e106a52a20971cc8ab6535de93ece692e..823f6b4d3621521603b66d8e09859dd87821348c:/app/controllers/application_controller.rb diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index a52c006fa..8a27a2fef 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -152,9 +152,14 @@ class ApplicationController < ActionController::Base # have we identified the user? if @user # check if the user has been banned - if @user.blocks.active.exists? - # NOTE: need slightly more helpful message than this. - report_error t("application.setup_user_auth.blocked"), :forbidden + user_block = @user.blocks.active.take + unless user_block.nil? + set_locale + if @user.blocks.active.take.zero_hour? + report_error t("application.setup_user_auth.blocked_zero_hour"), :forbidden + else + report_error t("application.setup_user_auth.blocked"), :forbidden + end end # if the user hasn't seen the contributor terms then don't @@ -360,10 +365,6 @@ class ApplicationController < ActionController::Base ex = ex.original_exception if ex.is_a?(ActiveRecord::StatementInvalid) && ex.message =~ /execution expired/ - ex = Timeout::Error.new - end - - if ex.is_a?(Timeout::Error) render :action => "timeout" else raise @@ -423,6 +424,16 @@ class ApplicationController < ActionController::Base helper_method :preferred_editor + def update_totp + if defined?(TOTP_KEY) + cookies["_osm_totp_token"] = { + :value => ROTP::TOTP.new(TOTP_KEY, :interval => 3600).now, + :domain => "openstreetmap.org", + :expires => 1.hour.from_now + } + end + end + private # extract authorisation credentials from headers, returns user = nil if none @@ -452,6 +463,5 @@ class ApplicationController < ActionController::Base end # override to stop oauth plugin sending errors - def invalid_oauth_response - end + def invalid_oauth_response; end end