FreakU
/
Retrospring
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Put all security related actions behind authentication

This commit is contained in:
Andreas Nedbal 2021-12-29 21:26:39 +01:00 committed by Andreas Nedbal
parent 4008d2fd05
commit dcc781df3d
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
app/controllers/user_controller.rb
View File

@ -1,7 +1,7 @@
class UserController < ApplicationController class UserController < ApplicationController
include ThemeHelper include ThemeHelper
before_action :authenticate_user!, only: %w(edit update edit_privacy update_privacy edit_theme update_theme preview_theme delete_theme data export begin_export) before_action :authenticate_user!, only: %w(edit update edit_privacy update_privacy edit_theme update_theme preview_theme delete_theme data export begin_export edit_security update_2fa destroy_2fa reset_user_recovery_codes)
def show def show
@user = User.where('LOWER(screen_name) = ?', params[:username].downcase).first! @user = User.where('LOWER(screen_name) = ?', params[:username].downcase).first!