Move OTP secret length to configuration (#32125)

2024-10-01 11:38:42 +02:00 · 2024-10-01 11:38:42 +02:00 · e6cda8388c
commit e6cda8388c
parent 0b89765e9a
5 changed files with 8 additions and 7 deletions
--- a/spec/controllers/auth/sessions_controller_spec.rb
+++ b/spec/controllers/auth/sessions_controller_spec.rb
@ -208,7 +208,7 @@ RSpec.describe Auth::SessionsController do
    context 'when using two-factor authentication' do
      context 'with OTP enabled as second factor' do
        let!(:user) do
-          Fabricate(:user, email: 'x@y.com', password: 'abcdefgh', otp_required_for_login: true, otp_secret: User.generate_otp_secret(32))
+          Fabricate(:user, email: 'x@y.com', password: 'abcdefgh', otp_required_for_login: true, otp_secret: User.generate_otp_secret)
        end

        let!(:recovery_codes) do
@ -230,7 +230,7 @@ RSpec.describe Auth::SessionsController do

        context 'when using email and password after an unfinished log-in attempt to a 2FA-protected account' do
          let!(:other_user) do
-            Fabricate(:user, email: 'z@y.com', password: 'abcdefgh', otp_required_for_login: true, otp_secret: User.generate_otp_secret(32))
+            Fabricate(:user, email: 'z@y.com', password: 'abcdefgh', otp_required_for_login: true, otp_secret: User.generate_otp_secret)
          end

          before do
@ -342,7 +342,7 @@ RSpec.describe Auth::SessionsController do

      context 'with WebAuthn and OTP enabled as second factor' do
        let!(:user) do
-          Fabricate(:user, email: 'x@y.com', password: 'abcdefgh', otp_required_for_login: true, otp_secret: User.generate_otp_secret(32))
+          Fabricate(:user, email: 'x@y.com', password: 'abcdefgh', otp_required_for_login: true, otp_secret: User.generate_otp_secret)
        end

        let!(:webauthn_credential) do