Small refactor and syntax fixes.

2016-08-17 17:39:20 -05:00 · 2016-08-17 17:39:20 -05:00 · a4137411c6
commit a4137411c6
parent c297800862
5 changed files with 5 additions and 6 deletions
--- a/config/initializers/doorkeeper.rb
+++ b/config/initializers/doorkeeper.rb
@ -13,7 +13,7 @@ Doorkeeper.configure do

  resource_owner_from_credentials do |routes|
    user = Gitlab::Auth.find_with_user_password(params[:username], params[:password])
-    user unless user && user.two_factor_enabled?
+    user unless user.try(:two_factor_enabled?)
  end

  # If you want to restrict access to the web interface for adding oauth authorized applications, you need to declare the block below.
--- a/lib/api/helpers.rb
+++ b/lib/api/helpers.rb
@ -275,10 +275,6 @@ module API
      end
    end

-    def render_2fa_error!
-      render_api_error!('401 Unauthorized. You have 2FA enabled. Please use a personal access token to access the API', 401)
-    end
-
    def render_api_error!(message, status)
      error!({ 'message' => message }, status)
    end
--- a/lib/api/session.rb
+++ b/lib/api/session.rb
@ -14,7 +14,7 @@ module API
      user = Gitlab::Auth.find_with_user_password(params[:email] || params[:login], params[:password])

      return unauthorized! unless user
-      return render_2fa_error! if user.two_factor_enabled?
+      return render_api_error!('401 Unauthorized. You have 2FA enabled. Please use a personal access token to access the API', 401) if user.two_factor_enabled?
      present user, with: Entities::UserLogin
    end
  end
--- a/spec/requests/api/oauth_tokens_spec.rb
+++ b/spec/requests/api/oauth_tokens_spec.rb
@ -11,6 +11,7 @@ describe API::API, api: true  do
    context 'when user has 2FA enabled' do
      it 'does not create an access token' do
        user = create(:user, :two_factor)
+
        request_oauth_token(user)

        expect(response).to have_http_status(401)
@ -21,6 +22,7 @@ describe API::API, api: true  do
    context 'when user does not have 2FA enabled' do
      it 'creates an access token' do
        user = create(:user)
+
        request_oauth_token(user)

        expect(response).to have_http_status(200)
--- a/spec/requests/api/session_spec.rb
+++ b/spec/requests/api/session_spec.rb
@ -25,6 +25,7 @@ describe API::API, api: true  do
          post api('/session'), email: user.email, password: user.password

          expect(response).to have_http_status(401)
+          expect(response.body).to include('You have 2FA enabled.')
        end
      end
    end