Loading app/controllers/two_factor_authentications_controller.rb +2 −7 Original line number Diff line number Diff line Loading @@ -37,12 +37,12 @@ class TwoFactorAuthenticationsController < ApplicationController end def destroy if acceptable_code? if current_user.valid_password?(params[:two_factor_authentication][:password]) current_user.otp_required_for_login = false current_user.save! flash[:notice] = t("two_factor_auth.flash.success_deactivation") else flash.now[:alert] = t("two_factor_auth.flash.error_token") flash[:alert] = t("users.destroy.wrong_password") end redirect_to two_factor_authentication_path end Loading @@ -52,9 +52,4 @@ class TwoFactorAuthenticationsController < ApplicationController def verify_otp_required redirect_to two_factor_authentication_path if current_user.otp_required_for_login? end def acceptable_code? current_user.validate_and_consume_otp!(params[:two_factor_authentication][:code]) || current_user.invalidate_otp_backup_code!(params[:two_factor_authentication][:code]) end end app/views/two_factor_authentications/_deactivate.haml +2 −3 Original line number Diff line number Diff line Loading @@ -13,10 +13,9 @@ = form_for "two_factor_authentication", url: two_factor_authentication_path, html: {method: :delete, class: "form-horizontal"} do |f| .form-group = f.label :code, t("two_factor_auth.input_token.label"), class: "control-label col-sm-6" = f.label :password, t("users.edit.current_password"), class: "control-label col-sm-6" .col-sm-6 = f.text_field :code, placeholder: t("two_factor_auth.input_token.placeholder"), class: "form-control" = t("two_factor_auth.recovery.reminder") = f.password_field :password, class: "form-control" .clearfix= f.submit t("two_factor_auth.activated.change_button"), class: "btn btn-primary pull-right" %hr Loading config/locales/diaspora/en.yml +1 −1 Original line number Diff line number Diff line Loading @@ -1316,7 +1316,7 @@ en: explanation: "Two-factor authentication is a powerful way to ensure you are the only one able to sign in to your account. When signing in, you will enter a 6-digit code along with your password to prove your identity. Be careful though: if you lose your phone and the recovery codes created when you activate this feature, access to your diaspora* account will be blocked forever." activated: status: "Two-factor authentication activated" change_label: "Deactivate two-factor authentication by entering a TOTP token." change_label: "Deactivate two-factor authentication by entering your password" change_button: "Deactivate" deactivated: status: "Two-factor authentication not activated" Loading features/desktop/two_factor_authentication.feature +6 −16 Original line number Diff line number Diff line Loading @@ -51,40 +51,30 @@ Feature: Two-factor autentication Scenario: Regenerating recovery codes Given a user with email "alice@test.com" When I sign in as "alice@test.com" And 2fa is activated for "alice@test.com" When I sign in as "alice@test.com" When I go to the two-factor authentication page Then I should see "Generate new recovery codes" When I press the recovery code generate button Then I should see a list of recovery codes Scenario: Deactivating 2fa with correct token Scenario: Deactivating 2fa with correct password Given a user with email "alice@test.com" When I sign in as "alice@test.com" And 2fa is activated for "alice@test.com" When I go to the two-factor authentication page Then I should see "Deactivate" When I fill in a valid TOTP token to deactivate for "alice@test.com" And I press "Deactivate" Then I should see "Two-factor authentication not activated" Scenario: Deactivating 2fa with recovery token Given a user with email "alice@test.com" When I sign in as "alice@test.com" And 2fa is activated for "alice@test.com" When I go to the two-factor authentication page Then I should see "Deactivate" When I fill in a recovery code to deactivate from "alice@test.com" When I put in my password in "two_factor_authentication_password" And I press "Deactivate" Then I should see "Two-factor authentication not activated" Scenario: Trying to deactivate with incorrect token Scenario: Trying to deactivate with incorrect password Given a user with email "alice@test.com" When I sign in as "alice@test.com" And 2fa is activated for "alice@test.com" When I sign in as "alice@test.com" When I go to the two-factor authentication page Then I should see "Deactivate" When I fill in an invalid TOTP token to deactivate When I fill in "two_factor_authentication_password" with "incorrect" And I press "Deactivate" Then I should see "Two-factor authentication activated" And I should see "Deactivate" features/step_definitions/two_factor_steps.rb +0 −16 Original line number Diff line number Diff line Loading @@ -14,15 +14,6 @@ When /^I fill in an invalid TOTP token$/ do fill_in "user_otp_attempt", with: "c0ffee" end When /^I fill in a valid TOTP token to deactivate for "([^"]*)"$/ do |username| @me = find_user username fill_in "two_factor_authentication_code", with: @me.current_otp end When /^I fill in an invalid TOTP token to deactivate$/ do fill_in "two_factor_authentication_code", with: "c0ffee" end When /^I fill in a recovery code from "([^"]*)"$/ do |username| @me = find_user username @codes = @me.generate_otp_backup_codes! Loading @@ -30,13 +21,6 @@ When /^I fill in a recovery code from "([^"]*)"$/ do |username| fill_in "user_otp_attempt", with: @codes.first end When /^I fill in a recovery code to deactivate from "([^"]*)"$/ do |username| @me = find_user username @codes = @me.generate_otp_backup_codes! @me.save! fill_in "two_factor_authentication_code", with: @codes.first end When /^I confirm activation$/ do find(".btn-primary", match: :first).click end Loading Loading
app/controllers/two_factor_authentications_controller.rb +2 −7 Original line number Diff line number Diff line Loading @@ -37,12 +37,12 @@ class TwoFactorAuthenticationsController < ApplicationController end def destroy if acceptable_code? if current_user.valid_password?(params[:two_factor_authentication][:password]) current_user.otp_required_for_login = false current_user.save! flash[:notice] = t("two_factor_auth.flash.success_deactivation") else flash.now[:alert] = t("two_factor_auth.flash.error_token") flash[:alert] = t("users.destroy.wrong_password") end redirect_to two_factor_authentication_path end Loading @@ -52,9 +52,4 @@ class TwoFactorAuthenticationsController < ApplicationController def verify_otp_required redirect_to two_factor_authentication_path if current_user.otp_required_for_login? end def acceptable_code? current_user.validate_and_consume_otp!(params[:two_factor_authentication][:code]) || current_user.invalidate_otp_backup_code!(params[:two_factor_authentication][:code]) end end
app/views/two_factor_authentications/_deactivate.haml +2 −3 Original line number Diff line number Diff line Loading @@ -13,10 +13,9 @@ = form_for "two_factor_authentication", url: two_factor_authentication_path, html: {method: :delete, class: "form-horizontal"} do |f| .form-group = f.label :code, t("two_factor_auth.input_token.label"), class: "control-label col-sm-6" = f.label :password, t("users.edit.current_password"), class: "control-label col-sm-6" .col-sm-6 = f.text_field :code, placeholder: t("two_factor_auth.input_token.placeholder"), class: "form-control" = t("two_factor_auth.recovery.reminder") = f.password_field :password, class: "form-control" .clearfix= f.submit t("two_factor_auth.activated.change_button"), class: "btn btn-primary pull-right" %hr Loading
config/locales/diaspora/en.yml +1 −1 Original line number Diff line number Diff line Loading @@ -1316,7 +1316,7 @@ en: explanation: "Two-factor authentication is a powerful way to ensure you are the only one able to sign in to your account. When signing in, you will enter a 6-digit code along with your password to prove your identity. Be careful though: if you lose your phone and the recovery codes created when you activate this feature, access to your diaspora* account will be blocked forever." activated: status: "Two-factor authentication activated" change_label: "Deactivate two-factor authentication by entering a TOTP token." change_label: "Deactivate two-factor authentication by entering your password" change_button: "Deactivate" deactivated: status: "Two-factor authentication not activated" Loading
features/desktop/two_factor_authentication.feature +6 −16 Original line number Diff line number Diff line Loading @@ -51,40 +51,30 @@ Feature: Two-factor autentication Scenario: Regenerating recovery codes Given a user with email "alice@test.com" When I sign in as "alice@test.com" And 2fa is activated for "alice@test.com" When I sign in as "alice@test.com" When I go to the two-factor authentication page Then I should see "Generate new recovery codes" When I press the recovery code generate button Then I should see a list of recovery codes Scenario: Deactivating 2fa with correct token Scenario: Deactivating 2fa with correct password Given a user with email "alice@test.com" When I sign in as "alice@test.com" And 2fa is activated for "alice@test.com" When I go to the two-factor authentication page Then I should see "Deactivate" When I fill in a valid TOTP token to deactivate for "alice@test.com" And I press "Deactivate" Then I should see "Two-factor authentication not activated" Scenario: Deactivating 2fa with recovery token Given a user with email "alice@test.com" When I sign in as "alice@test.com" And 2fa is activated for "alice@test.com" When I go to the two-factor authentication page Then I should see "Deactivate" When I fill in a recovery code to deactivate from "alice@test.com" When I put in my password in "two_factor_authentication_password" And I press "Deactivate" Then I should see "Two-factor authentication not activated" Scenario: Trying to deactivate with incorrect token Scenario: Trying to deactivate with incorrect password Given a user with email "alice@test.com" When I sign in as "alice@test.com" And 2fa is activated for "alice@test.com" When I sign in as "alice@test.com" When I go to the two-factor authentication page Then I should see "Deactivate" When I fill in an invalid TOTP token to deactivate When I fill in "two_factor_authentication_password" with "incorrect" And I press "Deactivate" Then I should see "Two-factor authentication activated" And I should see "Deactivate"
features/step_definitions/two_factor_steps.rb +0 −16 Original line number Diff line number Diff line Loading @@ -14,15 +14,6 @@ When /^I fill in an invalid TOTP token$/ do fill_in "user_otp_attempt", with: "c0ffee" end When /^I fill in a valid TOTP token to deactivate for "([^"]*)"$/ do |username| @me = find_user username fill_in "two_factor_authentication_code", with: @me.current_otp end When /^I fill in an invalid TOTP token to deactivate$/ do fill_in "two_factor_authentication_code", with: "c0ffee" end When /^I fill in a recovery code from "([^"]*)"$/ do |username| @me = find_user username @codes = @me.generate_otp_backup_codes! Loading @@ -30,13 +21,6 @@ When /^I fill in a recovery code from "([^"]*)"$/ do |username| fill_in "user_otp_attempt", with: @codes.first end When /^I fill in a recovery code to deactivate from "([^"]*)"$/ do |username| @me = find_user username @codes = @me.generate_otp_backup_codes! @me.save! fill_in "two_factor_authentication_code", with: @codes.first end When /^I confirm activation$/ do find(".btn-primary", match: :first).click end Loading
