Add password challenge to 2FA settings, e-mail notifications (#11878)

Fix #3961
2019-09-18 16:37:27 +02:00
parent d0c2c52783
commit e1066cd431
32 changed files with 567 additions and 50 deletions
--- a/spec/controllers/settings/two_factor_authentications_controller_spec.rb
+++ b/spec/controllers/settings/two_factor_authentications_controller_spec.rb
@ -58,7 +58,7 @@ describe Settings::TwoFactorAuthenticationsController do
      describe 'when creation succeeds' do
        it 'updates user secret' do
          before = user.otp_secret
-          post :create
+          post :create, session: { challenge_passed_at: Time.now.utc }

          expect(user.reload.otp_secret).not_to eq(before)
          expect(response).to redirect_to(new_settings_two_factor_authentication_confirmation_path)