Commit d93da8be authored by Dmitriy Zaporozhets's avatar Dmitriy Zaporozhets

Merge branch 'rs-disable-2fa' into 'master'

Add User#disable_two_factor!

This method encapsulates all the logic for disabling 2FA on a specific
User model.

See merge request !961
parents 10d5da78 22724418
......@@ -29,13 +29,7 @@ class Profiles::TwoFactorAuthsController < Profiles::ApplicationController
end
def destroy
current_user.update_attributes({
two_factor_enabled: false,
encrypted_otp_secret: nil,
encrypted_otp_secret_iv: nil,
encrypted_otp_secret_salt: nil,
otp_backup_codes: nil
})
current_user.disable_two_factor!
redirect_to profile_account_path
end
......
......@@ -322,6 +322,16 @@ class User < ActiveRecord::Base
@reset_token
end
def disable_two_factor!
update_attributes(
two_factor_enabled: false,
encrypted_otp_secret: nil,
encrypted_otp_secret_iv: nil,
encrypted_otp_secret_salt: nil,
otp_backup_codes: nil
)
end
def namespace_uniq
namespace_name = self.username
existing_namespace = Namespace.by_path(namespace_name)
......
......@@ -106,18 +106,11 @@ describe Profiles::TwoFactorAuthsController do
describe 'DELETE destroy' do
let(:user) { create(:user, :two_factor) }
let!(:codes) { user.generate_otp_backup_codes! }
it 'clears all 2FA-related fields' do
expect(user).to be_two_factor_enabled
expect(user.otp_backup_codes).not_to be_nil
expect(user.encrypted_otp_secret).not_to be_nil
it 'disables two factor' do
expect(user).to receive(:disable_two_factor!)
delete :destroy
expect(user).not_to be_two_factor_enabled
expect(user.otp_backup_codes).to be_nil
expect(user.encrypted_otp_secret).to be_nil
end
it 'redirects to profile_account_path' do
......
......@@ -32,6 +32,7 @@ FactoryGirl.define do
before(:create) do |user|
user.two_factor_enabled = true
user.otp_secret = User.generate_otp_secret(32)
user.generate_otp_backup_codes!
end
end
......
......@@ -217,6 +217,24 @@ describe User do
end
end
describe '#disable_two_factor!' do
it 'clears all 2FA-related fields' do
user = create(:user, :two_factor)
expect(user).to be_two_factor_enabled
expect(user.encrypted_otp_secret).not_to be_nil
expect(user.otp_backup_codes).not_to be_nil
user.disable_two_factor!
expect(user).not_to be_two_factor_enabled
expect(user.encrypted_otp_secret).to be_nil
expect(user.encrypted_otp_secret_iv).to be_nil
expect(user.encrypted_otp_secret_salt).to be_nil
expect(user.otp_backup_codes).to be_nil
end
end
describe 'projects' do
before do
@user = create :user
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment