Bump secret key length to 32

2015-05-23 18:47:53 -04:00 · 2015-05-23 18:47:53 -04:00 · 7b879bb8bd
parent e73ea12695
commit 7b879bb8bd
3 changed files with 3 additions and 3 deletions
--- a/app/controllers/profiles/two_factor_auths_controller.rb
+++ b/app/controllers/profiles/two_factor_auths_controller.rb
@ -1,7 +1,7 @@
 class Profiles::TwoFactorAuthsController < Profiles::ApplicationController
  def new
    unless current_user.otp_secret
-      current_user.otp_secret = User.generate_otp_secret(16)
+      current_user.otp_secret = User.generate_otp_secret(32)
      current_user.save!
    end

--- a/spec/controllers/profiles/two_factor_auths_controller_spec.rb
+++ b/spec/controllers/profiles/two_factor_auths_controller_spec.rb
@ -12,7 +12,7 @@ describe Profiles::TwoFactorAuthsController do
    let(:user) { create(:user) }

    it 'generates otp_secret for user' do
-      expect(User).to receive(:generate_otp_secret).with(16).and_return('secret').once
+      expect(User).to receive(:generate_otp_secret).with(32).and_return('secret').once

      get :new
      get :new # Second hit shouldn't re-generate it
--- a/spec/factories.rb
+++ b/spec/factories.rb
@ -31,7 +31,7 @@ FactoryGirl.define do
    trait :two_factor do
      before(:create) do |user|
        user.otp_required_for_login = true
-        user.otp_secret = User.generate_otp_secret(16)
+        user.otp_secret = User.generate_otp_secret(32)
      end
    end