Skip to content
This repository has been archived by the owner on May 2, 2024. It is now read-only.

Commit

Permalink
Merge from dev to main for v1.1.3
Browse files Browse the repository at this point in the history
  • Loading branch information
reesericci authored Nov 22, 2023
2 parents 189b88f + 0800038 commit bba3430
Show file tree
Hide file tree
Showing 2 changed files with 15 additions and 2 deletions.
9 changes: 9 additions & 0 deletions SECURITY.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,9 @@
# Security Policy

## Reporting a Vulnerability

To report a vulnerability, either use the inbuilt security reporting feature in GitHub, or shoot us an email at team@obl.ong.

**DO NOT FILE AN ISSUE WITH A SECURITY VULNERABILITY**

We thank you in advance for finding and reporting security issues!
8 changes: 6 additions & 2 deletions app/controllers/auth_controller.rb
Original file line number Diff line number Diff line change
Expand Up @@ -20,16 +20,20 @@ def login
def email
user = User::User.find_by(email: params[:email])

if(user.blank?)
if(!user)
redirect_to(controller: "users", action: "register")
return
elsif(user.disable_email_auth?)
flash[:notice] = "Email login codes are disabled"
redirect_to(controller: "auth", action: "login")
return
end


if Time.now.to_i > (user.otp_last_minted.nil? ? 0 : user.otp_last_minted) + 600 || params[:resend] == "true" then
if Time.now.to_i > (user.try(:otp_last_minted).nil? ? 0 : user.otp_last_minted) + 600 || params[:resend] == "true" then
User::Mailer.with(user: user).verification_email.deliver_later
if params[:resend] == "true" then flash[:notice] = "Sent email code" end

end

end
Expand Down

0 comments on commit bba3430

Please sign in to comment.