1 files changed, 21 insertions, 4 deletions

diff --git a/spec/controllers/profiles/two_factor_auths_controller_spec.rb b/spec/controllers/profiles/two_factor_auths_controller_spec.rb
index 47086ccdd2c..33cba675777 100644
--- a/spec/controllers/profiles/two_factor_auths_controller_spec.rb
+++ b/spec/controllers/profiles/two_factor_auths_controller_spec.rb
@@ -104,17 +104,29 @@ RSpec.describe Profiles::TwoFactorAuthsController do
       expect(subject).to receive(:build_qr_code).and_return(code)
 
       get :show
-      expect(assigns[:qr_code]).to eq code
+      expect(assigns[:qr_code]).to eq(code)
     end
 
-    it 'generates a unique otp_secret every time the page is loaded' do
-      expect(User).to receive(:generate_otp_secret).with(32).and_call_original.twice
+    it 'generates a single otp_secret with multiple page loads', :freeze_time do
+      expect(User).to receive(:generate_otp_secret).with(32).and_call_original.once
+
+      user.update!(otp_secret: nil, otp_secret_expires_at: nil)
 
       2.times do
         get :show
       end
     end
 
+    it 'generates a new otp_secret once the ttl has expired' do
+      expect(User).to receive(:generate_otp_secret).with(32).and_call_original.once
+
+      user.update!(otp_secret: "FT7KAVNU63YZH7PBRVPVL7CPSAENXY25", otp_secret_expires_at: 2.minutes.from_now)
+
+      travel_to(10.minutes.from_now) do
+        get :show
+      end
+    end
+
     it_behaves_like 'user must first verify their primary email address' do
       let(:go) { get :show }
     end
@@ -183,7 +195,12 @@ RSpec.describe Profiles::TwoFactorAuthsController do
         expect(subject).to receive(:build_qr_code).and_return(code)
 
         go
-        expect(assigns[:qr_code]).to eq code
+        expect(assigns[:qr_code]).to eq(code)
+      end
+
+      it 'assigns account_string' do
+        go
+        expect(assigns[:account_string]).to eq("#{Gitlab.config.gitlab.host}:#{user.email}")
       end
 
       it 'renders show' do