diff options
| author | Patricio Cano <suprnova32@gmail.com> | 2016-08-17 17:39:20 -0500 |
|---|---|---|
| committer | Patricio Cano <suprnova32@gmail.com> | 2016-08-18 16:47:26 -0500 |
| commit | a4137411c62d093a55dc171665dc90325182bb04 (patch) | |
| tree | 3000d1645362d274eab02b1bd46cb6b4f3e063c1 | |
| parent | c29780086201b331091be3ba5df0653381cf0c2c (diff) | |
| download | gitlab-ce-2fa-api-check.tar.gz | |
Small refactor and syntax fixes.2fa-api-check
| -rw-r--r-- | config/initializers/doorkeeper.rb | 2 | ||||
| -rw-r--r-- | lib/api/helpers.rb | 4 | ||||
| -rw-r--r-- | lib/api/session.rb | 2 | ||||
| -rw-r--r-- | spec/requests/api/oauth_tokens_spec.rb | 2 | ||||
| -rw-r--r-- | spec/requests/api/session_spec.rb | 1 |
5 files changed, 5 insertions, 6 deletions
diff --git a/config/initializers/doorkeeper.rb b/config/initializers/doorkeeper.rb index 6d08714dcf7..fc4b0a72add 100644 --- a/config/initializers/doorkeeper.rb +++ b/config/initializers/doorkeeper.rb @@ -13,7 +13,7 @@ Doorkeeper.configure do resource_owner_from_credentials do |routes| user = Gitlab::Auth.find_with_user_password(params[:username], params[:password]) - user unless user && user.two_factor_enabled? + user unless user.try(:two_factor_enabled?) end # If you want to restrict access to the web interface for adding oauth authorized applications, you need to declare the block below. diff --git a/lib/api/helpers.rb b/lib/api/helpers.rb index 3e906f6f929..d0469d6602d 100644 --- a/lib/api/helpers.rb +++ b/lib/api/helpers.rb @@ -275,10 +275,6 @@ module API end end - def render_2fa_error! - render_api_error!('401 Unauthorized. You have 2FA enabled. Please use a personal access token to access the API', 401) - end - def render_api_error!(message, status) error!({ 'message' => message }, status) end diff --git a/lib/api/session.rb b/lib/api/session.rb index b26be3be22e..55ec66a6d67 100644 --- a/lib/api/session.rb +++ b/lib/api/session.rb @@ -14,7 +14,7 @@ module API user = Gitlab::Auth.find_with_user_password(params[:email] || params[:login], params[:password]) return unauthorized! unless user - return render_2fa_error! if user.two_factor_enabled? + return render_api_error!('401 Unauthorized. You have 2FA enabled. Please use a personal access token to access the API', 401) if user.two_factor_enabled? present user, with: Entities::UserLogin end end diff --git a/spec/requests/api/oauth_tokens_spec.rb b/spec/requests/api/oauth_tokens_spec.rb index dbe30f264dd..7e2cc50e591 100644 --- a/spec/requests/api/oauth_tokens_spec.rb +++ b/spec/requests/api/oauth_tokens_spec.rb @@ -11,6 +11,7 @@ describe API::API, api: true do context 'when user has 2FA enabled' do it 'does not create an access token' do user = create(:user, :two_factor) + request_oauth_token(user) expect(response).to have_http_status(401) @@ -21,6 +22,7 @@ describe API::API, api: true do context 'when user does not have 2FA enabled' do it 'creates an access token' do user = create(:user) + request_oauth_token(user) expect(response).to have_http_status(200) diff --git a/spec/requests/api/session_spec.rb b/spec/requests/api/session_spec.rb index 09f9192e7a8..acad1365ace 100644 --- a/spec/requests/api/session_spec.rb +++ b/spec/requests/api/session_spec.rb @@ -25,6 +25,7 @@ describe API::API, api: true do post api('/session'), email: user.email, password: user.password expect(response).to have_http_status(401) + expect(response.body).to include('You have 2FA enabled.') end end end |