Defect #34618 ยป 34618.patch
| app/controllers/my_controller.rb | ||
|---|---|---|
| 21 | 21 |
self.main_menu = false |
| 22 | 22 |
before_action :require_login |
| 23 | 23 |
# let user change user's password when user has to |
| 24 |
skip_before_action :check_password_change, :only => :password |
|
| 24 |
skip_before_action :check_password_change, :check_twofa_activation, :only => :password
|
|
| 25 | 25 | |
| 26 | 26 |
accept_api_auth :account |
| 27 | 27 | |
| test/integration/twofa_test.rb | ||
|---|---|---|
| 30 | 30 |
end |
| 31 | 31 |
end |
| 32 | 32 | |
| 33 |
test 'should require to change password first when must_change_passwd is true' do |
|
| 34 |
User.find_by(login: 'jsmith').update_attribute(:must_change_passwd, true) |
|
| 35 |
with_settings twofa: '2' do |
|
| 36 |
log_user('jsmith', 'jsmith')
|
|
| 37 |
follow_redirect! |
|
| 38 |
assert_redirected_to '/my/password' |
|
| 39 |
follow_redirect! |
|
| 40 |
assert_response :success |
|
| 41 |
end |
|
| 42 |
end |
|
| 43 | ||
| 33 | 44 |
test "should generate and accept backup codes" do |
| 34 | 45 |
log_user('jsmith', 'jsmith')
|
| 35 | 46 |
get "/my/account" |