Fix TOTP codes not being filtered from logs during enabling/disabling (#11877)

Not a serious issue because they are meaningless past single use
2019-09-18 02:48:40 +02:00 · 2019-09-18 02:48:40 +02:00 · a4b60e9ba4
commit a4b60e9ba4
parent 3919571c39
7 changed files with 13 additions and 13 deletions
--- a/spec/controllers/settings/two_factor_authentication/confirmations_controller_spec.rb
+++ b/spec/controllers/settings/two_factor_authentication/confirmations_controller_spec.rb
@ -68,7 +68,7 @@ describe Settings::TwoFactorAuthentication::ConfirmationsController do
            true
          end

-          post :create, params: { form_two_factor_confirmation: { code: '123456' } }
+          post :create, params: { form_two_factor_confirmation: { otp_attempt: '123456' } }

          expect(assigns(:recovery_codes)).to eq otp_backup_codes
          expect(flash[:notice]).to eq 'Two-factor authentication successfully enabled'
@ -85,7 +85,7 @@ describe Settings::TwoFactorAuthentication::ConfirmationsController do
            false
          end

-          post :create, params: { form_two_factor_confirmation: { code: '123456' } }
+          post :create, params: { form_two_factor_confirmation: { otp_attempt: '123456' } }
        end

        it 'renders the new view' do
@ -99,7 +99,7 @@ describe Settings::TwoFactorAuthentication::ConfirmationsController do

    context 'when not signed in' do
      it 'redirects if not signed in' do
-        post :create, params: { form_two_factor_confirmation: { code: '123456' } }
+        post :create, params: { form_two_factor_confirmation: { otp_attempt: '123456' } }
        expect(response).to redirect_to('/auth/sign_in')
      end
    end
--- a/spec/controllers/settings/two_factor_authentications_controller_spec.rb
+++ b/spec/controllers/settings/two_factor_authentications_controller_spec.rb
@ -91,7 +91,7 @@ describe Settings::TwoFactorAuthenticationsController do
          true
        end

-        post :destroy, params: { form_two_factor_confirmation: { code: '123456' } }
+        post :destroy, params: { form_two_factor_confirmation: { otp_attempt: '123456' } }

        expect(response).to redirect_to(settings_two_factor_authentication_path)
        user.reload
@ -105,7 +105,7 @@ describe Settings::TwoFactorAuthenticationsController do
          false
        end

-        post :destroy, params: { form_two_factor_confirmation: { code: '057772' } }
+        post :destroy, params: { form_two_factor_confirmation: { otp_attempt: '057772' } }

        user.reload
        expect(user.otp_required_for_login).to eq(true)