Merge branch 'rs-disable-2fa' into 'master'
Add User#disable_two_factor! This method encapsulates all the logic for disabling 2FA on a specific User model. See merge request !961
This commit is contained in:
Dmitriy Zaporozhets
commit
d93da8bed5
5 changed files with 33 additions and 17 deletions
|
|
@ -29,13 +29,7 @@ class Profiles::TwoFactorAuthsController < Profiles::ApplicationController
|
||||||
end
|
end
|
||||||
|
|
||||||
def destroy
|
def destroy
|
||||||
current_user.update_attributes({
|
current_user.disable_two_factor!
|
||||||
two_factor_enabled: false,
|
|
||||||
encrypted_otp_secret: nil,
|
|
||||||
encrypted_otp_secret_iv: nil,
|
|
||||||
encrypted_otp_secret_salt: nil,
|
|
||||||
otp_backup_codes: nil
|
|
||||||
})
|
|
||||||
|
|
||||||
redirect_to profile_account_path
|
redirect_to profile_account_path
|
||||||
end
|
end
|
||||||
|
|
|
||||||
|
|
@ -322,6 +322,16 @@ class User < ActiveRecord::Base
|
||||||
@reset_token
|
@reset_token
|
||||||
end
|
end
|
||||||
|
|
||||||
|
def disable_two_factor!
|
||||||
|
update_attributes(
|
||||||
|
two_factor_enabled: false,
|
||||||
|
encrypted_otp_secret: nil,
|
||||||
|
encrypted_otp_secret_iv: nil,
|
||||||
|
encrypted_otp_secret_salt: nil,
|
||||||
|
otp_backup_codes: nil
|
||||||
|
)
|
||||||
|
end
|
||||||
|
|
||||||
def namespace_uniq
|
def namespace_uniq
|
||||||
namespace_name = self.username
|
namespace_name = self.username
|
||||||
existing_namespace = Namespace.by_path(namespace_name)
|
existing_namespace = Namespace.by_path(namespace_name)
|
||||||
|
|
|
||||||
|
|
@ -105,19 +105,12 @@ describe Profiles::TwoFactorAuthsController do
|
||||||
end
|
end
|
||||||
|
|
||||||
describe 'DELETE destroy' do
|
describe 'DELETE destroy' do
|
||||||
let(:user) { create(:user, :two_factor) }
|
let(:user) { create(:user, :two_factor) }
|
||||||
let!(:codes) { user.generate_otp_backup_codes! }
|
|
||||||
|
|
||||||
it 'clears all 2FA-related fields' do
|
it 'disables two factor' do
|
||||||
expect(user).to be_two_factor_enabled
|
expect(user).to receive(:disable_two_factor!)
|
||||||
expect(user.otp_backup_codes).not_to be_nil
|
|
||||||
expect(user.encrypted_otp_secret).not_to be_nil
|
|
||||||
|
|
||||||
delete :destroy
|
delete :destroy
|
||||||
|
|
||||||
expect(user).not_to be_two_factor_enabled
|
|
||||||
expect(user.otp_backup_codes).to be_nil
|
|
||||||
expect(user.encrypted_otp_secret).to be_nil
|
|
||||||
end
|
end
|
||||||
|
|
||||||
it 'redirects to profile_account_path' do
|
it 'redirects to profile_account_path' do
|
||||||
|
|
|
||||||
|
|
@ -32,6 +32,7 @@ FactoryGirl.define do
|
||||||
before(:create) do |user|
|
before(:create) do |user|
|
||||||
user.two_factor_enabled = true
|
user.two_factor_enabled = true
|
||||||
user.otp_secret = User.generate_otp_secret(32)
|
user.otp_secret = User.generate_otp_secret(32)
|
||||||
|
user.generate_otp_backup_codes!
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -217,6 +217,24 @@ describe User do
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
|
describe '#disable_two_factor!' do
|
||||||
|
it 'clears all 2FA-related fields' do
|
||||||
|
user = create(:user, :two_factor)
|
||||||
|
|
||||||
|
expect(user).to be_two_factor_enabled
|
||||||
|
expect(user.encrypted_otp_secret).not_to be_nil
|
||||||
|
expect(user.otp_backup_codes).not_to be_nil
|
||||||
|
|
||||||
|
user.disable_two_factor!
|
||||||
|
|
||||||
|
expect(user).not_to be_two_factor_enabled
|
||||||
|
expect(user.encrypted_otp_secret).to be_nil
|
||||||
|
expect(user.encrypted_otp_secret_iv).to be_nil
|
||||||
|
expect(user.encrypted_otp_secret_salt).to be_nil
|
||||||
|
expect(user.otp_backup_codes).to be_nil
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
describe 'projects' do
|
describe 'projects' do
|
||||||
before do
|
before do
|
||||||
@user = create :user
|
@user = create :user
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue