Add method to store session ids by ip
Add new specs for storing session ids
Add cleaning up records after login
Add retrieving anonymous sessions
Add login recaptcha setting
Add new setting to sessions controller
Add conditions for showing captcha
Add sessions controller specs
Add admin settings specs for login protection
Add new settings to api
Add stub to devise spec
Add new translation key
Add cr remarks
Rename class call
Add cr remarks
Change if-clause for consistency
Add cr remarks
Add code review remarks
Refactor AnonymousSession class
Add changelog entry
Move AnonymousSession class to lib
Move store unauthenticated sessions to sessions controller
Move link to recaptcha info
Regenerate text file
Improve copy on the spam page
Change action filter for storing anonymous sessions
Fix rubocop offences
Add code review remarks
The initializers including this were doing so at the top level, so every object
loaded after them had a `current_application_settings` method. However, if
someone had rack-attack enabled (which was loaded before these initializers), it
would try to load the API, and fail, because `Gitlab::CurrentSettings` didn't
have that method.
To fix this:
1. Don't include `Gitlab::CurrentSettings` at the top level. We do not need
`Object.new.current_application_settings` to work.
2. Make `Gitlab::CurrentSettings` explicitly `extend self`, as we already use it
like that in several places.
3. Change the initializers to use that new form.
We were doing all kinds of code gymnastics to "enable" Crowd in the
feature spec and this would sometimes cause a transient failure.
Really what it's testing is if the Crowd login form shows when Crowd's
enabled, so this is much better suited to a view spec.
GitLab Bot