Unfloyded/Legamunt
0
0
Fork 0
Code Activity

Add ability to skip sign-in token authentication for specific users (#16427)

Browse source 
Remove "active within last two weeks" exception for sign in token requirement

Change admin reset password to lock access until the password is reset
This commit is contained in:
Eugen Rochko 2021-07-08 05:31:28 +02:00 committed by GitHub
parent 2e0eac71dd
commit 771c9d4ba8
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
14 changed files with 160 additions and 32 deletions
Download patch file Download diff file Expand all files Collapse all files

8
spec/controllers/admin/two_factor_authentications_controller_spec.rb
View file

@ -15,12 +15,12 @@ describe Admin::TwoFactorAuthenticationsController do
user.update(otp_required_for_login: true)
end
it 'redirects to admin accounts page' do
it 'redirects to admin account page' do
delete :destroy, params: { user_id: user.id }
user.reload
expect(user.otp_enabled?).to eq false
expect(response).to redirect_to(admin_accounts_path)
expect(response).to redirect_to(admin_account_path(user.account_id))
end
end
@ -38,13 +38,13 @@ describe Admin::TwoFactorAuthenticationsController do
nickname: 'Security Key')
end
it 'redirects to admin accounts page' do
it 'redirects to admin account page' do
delete :destroy, params: { user_id: user.id }
user.reload
expect(user.otp_enabled?).to eq false
expect(user.webauthn_enabled?).to eq false
expect(response).to redirect_to(admin_accounts_path)
expect(response).to redirect_to(admin_account_path(user.account_id))
end
end
end