Skip to content
Commit 47d289b0 authored by Sebastian Arcila Valenzuela's avatar Sebastian Arcila Valenzuela
Browse files

Add User#will_save_change_to_login? to clear reset_password_tokens

Devise checks before updating any of the authentication_keys if it
needs to clear the reset_password_tokens.

This should fix:
https://gitlab.com/gitlab-org/gitlab-ce/issues/42733 (Weak
authentication and session management)
parent bef9aef4
Loading
Loading
Loading