diff options
Diffstat (limited to 'spec/controllers/sessions_controller_spec.rb')
-rw-r--r-- | spec/controllers/sessions_controller_spec.rb | 18 |
1 files changed, 15 insertions, 3 deletions
diff --git a/spec/controllers/sessions_controller_spec.rb b/spec/controllers/sessions_controller_spec.rb index 0e0770fb94c..80cf060bc45 100644 --- a/spec/controllers/sessions_controller_spec.rb +++ b/spec/controllers/sessions_controller_spec.rb @@ -399,18 +399,30 @@ RSpec.describe SessionsController do end context 'when OTP is invalid' do - before do - authenticate_2fa(otp_attempt: 'invalid') - end + let(:code) { 'invalid' } it 'does not authenticate' do + authenticate_2fa(otp_attempt: code) + expect(subject.current_user).not_to eq user end it 'warns about invalid OTP code' do + authenticate_2fa(otp_attempt: code) + expect(controller).to set_flash.now[:alert] .to(/Invalid two-factor code/) end + + it 'sends an email to the user informing about the attempt to sign in with a wrong OTP code' do + controller.request.remote_addr = '1.2.3.4' + + expect_next_instance_of(NotificationService) do |instance| + expect(instance).to receive(:two_factor_otp_attempt_failed).with(user, '1.2.3.4') + end + + authenticate_2fa(otp_attempt: code) + end end end |