diff options
| author | Robert Speicher <rspeicher@gmail.com> | 2015-06-19 15:14:37 -0400 |
|---|---|---|
| committer | Robert Speicher <rspeicher@gmail.com> | 2015-06-19 15:14:37 -0400 |
| commit | b6318297fc93ab26108c586af9d34c16fc783589 (patch) | |
| tree | 6755fcf5565a83fa7612081f902087601b69849c | |
| parent | 22dd2240a6ec80955b98667c727326135a2f7f53 (diff) | |
| download | gitlab-ce-rs-dev-issue-2415.tar.gz | |
Use User#two_factor_enabled instead of otp_required_for_loginrs-dev-issue-2415
| -rw-r--r-- | app/controllers/passwords_controller.rb | 2 | ||||
| -rw-r--r-- | app/controllers/profiles/two_factor_auths_controller.rb | 4 | ||||
| -rw-r--r-- | app/controllers/sessions_controller.rb | 2 | ||||
| -rw-r--r-- | app/views/profiles/accounts/show.html.haml | 2 | ||||
| -rw-r--r-- | spec/controllers/profiles/two_factor_auths_controller_spec.rb | 8 |
5 files changed, 9 insertions, 9 deletions
diff --git a/app/controllers/passwords_controller.rb b/app/controllers/passwords_controller.rb index 145f27b67dd..8450ba31021 100644 --- a/app/controllers/passwords_controller.rb +++ b/app/controllers/passwords_controller.rb @@ -24,7 +24,7 @@ class PasswordsController < Devise::PasswordsController super do |resource| # TODO (rspeicher): In Devise master (> 3.4.1), we can set # `Devise.sign_in_after_reset_password = false` and avoid this mess. - if resource.errors.empty? && resource.try(:otp_required_for_login?) + if resource.errors.empty? && resource.try(:two_factor_enabled?) resource.unlock_access! if unlockable?(resource) # Since we are not signing this user in, we use the :updated_not_active diff --git a/app/controllers/profiles/two_factor_auths_controller.rb b/app/controllers/profiles/two_factor_auths_controller.rb index e7579c652fb..03845f1e1ec 100644 --- a/app/controllers/profiles/two_factor_auths_controller.rb +++ b/app/controllers/profiles/two_factor_auths_controller.rb @@ -10,7 +10,7 @@ class Profiles::TwoFactorAuthsController < Profiles::ApplicationController def create if current_user.valid_otp?(params[:pin_code]) - current_user.otp_required_for_login = true + current_user.two_factor_enabled = true @codes = current_user.generate_otp_backup_codes! current_user.save! @@ -30,7 +30,7 @@ class Profiles::TwoFactorAuthsController < Profiles::ApplicationController def destroy current_user.update_attributes({ - otp_required_for_login: false, + two_factor_enabled: false, encrypted_otp_secret: nil, encrypted_otp_secret_iv: nil, encrypted_otp_secret_salt: nil, diff --git a/app/controllers/sessions_controller.rb b/app/controllers/sessions_controller.rb index 4d976fe6630..7577fc96d6d 100644 --- a/app/controllers/sessions_controller.rb +++ b/app/controllers/sessions_controller.rb @@ -57,7 +57,7 @@ class SessionsController < Devise::SessionsController def authenticate_with_two_factor user = self.resource = find_user - return unless user && user.otp_required_for_login + return unless user && user.two_factor_enabled? if user_params[:otp_attempt].present? && session[:otp_user_id] if valid_otp_attempt?(user) diff --git a/app/views/profiles/accounts/show.html.haml b/app/views/profiles/accounts/show.html.haml index ed009c86568..378dfa2dce0 100644 --- a/app/views/profiles/accounts/show.html.haml +++ b/app/views/profiles/accounts/show.html.haml @@ -36,7 +36,7 @@ .panel-heading Two-factor Authentication .panel-body - - if current_user.otp_required_for_login + - if current_user.two_factor_enabled? .pull-right = link_to 'Disable Two-factor Authentication', profile_two_factor_auth_path, method: :delete, class: 'btn btn-close btn-sm', data: { confirm: 'Are you sure?' } diff --git a/spec/controllers/profiles/two_factor_auths_controller_spec.rb b/spec/controllers/profiles/two_factor_auths_controller_spec.rb index 65415f21e55..aa09f1a758d 100644 --- a/spec/controllers/profiles/two_factor_auths_controller_spec.rb +++ b/spec/controllers/profiles/two_factor_auths_controller_spec.rb @@ -40,11 +40,11 @@ describe Profiles::TwoFactorAuthsController do expect(user).to receive(:valid_otp?).with(pin).and_return(true) end - it 'sets otp_required_for_login' do + it 'sets two_factor_enabled' do go user.reload - expect(user.otp_required_for_login).to eq true + expect(user).to be_two_factor_enabled end it 'presents plaintext codes for the user to save' do @@ -109,13 +109,13 @@ describe Profiles::TwoFactorAuthsController do let!(:codes) { user.generate_otp_backup_codes! } it 'clears all 2FA-related fields' do - expect(user.otp_required_for_login).to eq true + expect(user).to be_two_factor_enabled expect(user.otp_backup_codes).not_to be_nil expect(user.encrypted_otp_secret).not_to be_nil delete :destroy - expect(user.otp_required_for_login).to eq false + expect(user).not_to be_two_factor_enabled expect(user.otp_backup_codes).to be_nil expect(user.encrypted_otp_secret).to be_nil end |