Fix GraphQL controller redirect when 2fa is required (!84151) · Merge requests · GitLab.org / GitLab

Phil Hughes requested to merge ph/357437/fixGraphQL2fa into master Apr 01, 2022

What does this MR do and why?

Fixes the GraphQL controller redirecting when 2fa is required for a user. This was causing errors when the attention request was enabled because the GraphQL request in the header would trigger a new 2fa secret causing the 2fa form to error out.

This change makes it so the GraphQL controller returns an error in JSON, instead of redirecting the user.

Screenshots or screen recordings

These are strongly recommended to assist reviewers and reduce the time to merge your change.

How to set up and validate locally

Numbered steps to set up and validate the change are strongly suggested.

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

I have evaluated the MR acceptance checklist for this MR.

Closes #357437 (closed)

Fix GraphQL controller redirect when 2fa is required

What does this MR do and why?

Screenshots or screen recordings

How to set up and validate locally

MR acceptance checklist

Merge request reports