Fix 2fa (#701)
This commit is contained in:
parent
07b4804394
commit
1310166d74
|
@ -131,7 +131,7 @@ GEM
|
|||
parallel (1.17.0)
|
||||
parser (2.6.3.0)
|
||||
ast (~> 2.4.0)
|
||||
public_suffix (3.1.0)
|
||||
public_suffix (3.1.1)
|
||||
rack (2.0.7)
|
||||
rack-test (1.1.0)
|
||||
rack (>= 1.0, < 3)
|
||||
|
@ -167,7 +167,7 @@ GEM
|
|||
ffi (~> 1.0)
|
||||
rb-readline (0.5.5)
|
||||
regexp_parser (1.5.1)
|
||||
rotp (5.0.0)
|
||||
rotp (5.1.0)
|
||||
addressable (~> 2.5)
|
||||
rqrcode (0.10.1)
|
||||
chunky_png (~> 1.0)
|
||||
|
|
|
@ -84,7 +84,7 @@ class SettingsController < ApplicationController
|
|||
end
|
||||
|
||||
if !session[:totp_secret]
|
||||
session[:totp_secret] = ROTP::Base32.random_base32
|
||||
session[:totp_secret] = ROTP::Base32.random
|
||||
end
|
||||
|
||||
totp = ROTP::TOTP.new(session[:totp_secret], :issuer => Rails.application.name)
|
||||
|
|
|
@ -0,0 +1,23 @@
|
|||
require 'rails_helper'
|
||||
|
||||
describe SettingsController do
|
||||
let(:user) { create(:user) }
|
||||
|
||||
before { stub_login_as user }
|
||||
|
||||
describe 'GET /settings/2fa' do
|
||||
it 'returns successfully' do
|
||||
get :twofa
|
||||
expect(response).to be_successful
|
||||
end
|
||||
end
|
||||
|
||||
describe 'GET /settings/2fa_enroll' do
|
||||
it 'returns successfully' do
|
||||
get :twofa_enroll, session: { last_authed: Time.current }
|
||||
expect(response).to be_successful
|
||||
expect(session[:totp_secret]).not_to be_nil
|
||||
expect(session[:totp_secret]).to have_attributes(length: 32)
|
||||
end
|
||||
end
|
||||
end
|
|
@ -1,6 +1,6 @@
|
|||
require 'rails_helper'
|
||||
|
||||
RSpec.feature "Reading Homepage", type: feature do
|
||||
RSpec.feature "Reading Homepage", type: :feature do
|
||||
let!(:story) { create(:story) }
|
||||
|
||||
feature "when logged out" do
|
||||
|
|
|
@ -57,7 +57,8 @@ RSpec.configure do |config|
|
|||
config.infer_spec_type_from_file_location!
|
||||
config.raise_errors_for_deprecations!
|
||||
|
||||
config.include AuthenticationHelper
|
||||
config.include AuthenticationHelper::ControllerHelper, type: :controller
|
||||
config.include AuthenticationHelper::FeatureHelper, type: :feature
|
||||
|
||||
config.filter_rails_from_backtrace!
|
||||
config.filter_gems_from_backtrace \
|
||||
|
|
|
@ -1,7 +1,19 @@
|
|||
module AuthenticationHelper
|
||||
def stub_login_as user
|
||||
random_token = "abcdefg".split('').shuffle.join
|
||||
user.update_column(:session_token, random_token)
|
||||
allow_any_instance_of(ApplicationController).to receive(:session).and_return(u: random_token)
|
||||
module ControllerHelper
|
||||
def stub_login_as user
|
||||
random_token = "abcdefg".split('').shuffle.join
|
||||
user.update_column(:session_token, random_token)
|
||||
session[:u] = random_token
|
||||
end
|
||||
end
|
||||
|
||||
module FeatureHelper
|
||||
def stub_login_as user
|
||||
# feature specs don't have access to the session store
|
||||
visit '/login'
|
||||
fill_in 'E-mail or Username:', with: user.email
|
||||
fill_in 'Password:', with: user.password
|
||||
click_button 'Login'
|
||||
end
|
||||
end
|
||||
end
|
||||
|
|
Loading…
Reference in New Issue