Commit a311066

mo <mo.khan@gmail.com>
2018-09-05 00:56:45
rename tfa -> mfa
main
1 parent ec8a2f1
Changed files (12)
app
controllers
my
mfas_controller.rb
application_controller.rb
mfas_controller.rb
javascript
controllers
mfa
setup_controller.js
models
mfa.rb
user.rb
views
my
mfas
edit.html.erb
new.html.erb
spec
javascripts
controllers
mfa
setup.spec.js
requests
mfas_spec.rb
support
request.rb
system
direct_login_spec.rb
app/controllers/my/mfas_controller.rb
@@ -3,12 +3,12 @@
 module My
   class MfasController < ApplicationController
     def show
-      redirect_to current_user.tfa.setup? ? edit_my_mfa_path : new_my_mfa_path
+      redirect_to current_user.mfa.setup? ? edit_my_mfa_path : new_my_mfa_path
     end
 
     def new
-      return redirect_to edit_my_mfa_path if current_user.tfa.setup?
-      current_user.tfa.build_secret
+      return redirect_to edit_my_mfa_path if current_user.mfa.setup?
+      current_user.mfa.build_secret
     end
 
     def create
@@ -19,7 +19,7 @@ module My
     def edit; end
 
     def destroy
-      current_user.tfa.disable!
+      current_user.mfa.disable!
       redirect_to my_dashboard_path, notice: 'MFA has been disabled'
     end
   end
app/controllers/application_controller.rb
@@ -33,7 +33,7 @@ class ApplicationController < ActionController::Base
 
   def authenticate_mfa!
     return unless current_user?
-    mfa = current_user.tfa
+    mfa = current_user.mfa
     redirect_to new_mfa_path unless mfa.valid_session?(session[:mfa])
   end
 end
app/controllers/mfas_controller.rb
@@ -6,7 +6,7 @@ class MfasController < ApplicationController
   def new; end
 
   def create
-    if current_user.tfa.authenticate(secure_params[:code])
+    if current_user.mfa.authenticate(secure_params[:code])
       session[:mfa] = { issued_at: Time.now.utc.to_i }
       redirect_to response_path
     else
app/javascript/controllers/tfa/setup_controller.js → app/javascript/controllers/mfa/setup_controller.js
File renamed without changes
app/models/tfa.rb → app/models/mfa.rb
@@ -1,6 +1,6 @@
 # frozen_string_literal: true
 
-class Tfa
+class Mfa
   attr_reader :user
 
   def initialize(user)
app/models/user.rb
@@ -18,8 +18,8 @@ class User < ApplicationRecord
     request.trusted? ? trusted_attributes_for(request) : {}
   end
 
-  def tfa
-    Tfa.new(self)
+  def mfa
+    Mfa.new(self)
   end
 
   def access_token(audience)
app/views/my/mfas/edit.html.erb
@@ -2,13 +2,13 @@
   <div class="row">
     <div class="col">
       <h1>Multi-Factor Authentication (MFA)</h1>
-      <div data-controller="tfa--setup">
-        <canvas id="canvas" data-target="tfa--setup.canvas"></canvas>
-        <p>Secret: <%= current_user.tfa.secret %></p>
-        <p>Provisioning URI: <%= current_user.tfa.provisioning_uri %></p>
+      <div data-controller="mfa--setup">
+        <canvas id="canvas" data-target="mfa--setup.canvas"></canvas>
+        <p>Secret: <%= current_user.mfa.secret %></p>
+        <p>Provisioning URI: <%= current_user.mfa.provisioning_uri %></p>
 
         <%= form_for current_user, url: my_mfa_path, method: :delete do |form| %>
-          <%= form.hidden_field :tfa_secret, data: { target: 'tfa--setup.secret' } %>
+          <%= form.hidden_field :tfa_secret, data: { target: 'mfa--setup.secret' } %>
           <%= form.submit "Disable", class: 'btn btn-danger', data: { disable_with: 'Saving…' } %>
           <%= link_to "Cancel", my_dashboard_path, class: 'btn' %>
         <% end %>
app/views/my/mfas/new.html.erb
@@ -2,13 +2,13 @@
   <div class="row">
     <div class="col">
       <h1>Multi Factor Authentication - Setup</h1>
-      <div data-controller="tfa--setup">
-        <canvas id="canvas" data-target="tfa--setup.canvas"></canvas>
-        <p>Secret: <%= current_user.tfa.secret %></p>
-        <p>Provisioning URI: <%= current_user.tfa.provisioning_uri %></p>
+      <div data-controller="mfa--setup">
+        <canvas id="canvas" data-target="mfa--setup.canvas"></canvas>
+        <p>Secret: <%= current_user.mfa.secret %></p>
+        <p>Provisioning URI: <%= current_user.mfa.provisioning_uri %></p>
 
         <%= form_for current_user, url: my_mfa_path, method: :post do |form| %>
-          <%= form.hidden_field :tfa_secret, data: { target: 'tfa--setup.secret' } %>
+          <%= form.hidden_field :tfa_secret, data: { target: 'mfa--setup.secret' } %>
           <%= form.submit t(".enable"), class: 'btn btn-primary', data: { disable_with: 'Saving…' } %>
           <%= link_to t(".cancel"), my_dashboard_path, class: 'btn' %>
         <% end %>
spec/javascripts/controllers/tfa/setup.spec.js → spec/javascripts/controllers/mfa/setup.spec.js
@@ -1,16 +1,16 @@
-import Controller from '../../../../app/javascript/controllers/tfa/setup_controller'
+import Controller from '../../../../app/javascript/controllers/mfa/setup_controller'
 import { Application } from 'stimulus';
 
-describe('tfa--setup', () => {
+describe('mfa--setup', () => {
   beforeEach(() => {
-    const $container = affix('div[data-controller="tfa--setup"]')
-    $container.affix('canvas[data-target="tfa--setup.canvas"]')
+    const $container = affix('div[data-controller="mfa--setup"]')
+    $container.affix('canvas[data-target="mfa--setup.canvas"]')
     const $form = $container.affix('form')
-    $form.affix('input[type="hidden" data-target="tfa--setup.secret" value="secret"]')
+    $form.affix('input[type="hidden" data-target="mfa--setup.secret" value="secret"]')
     const application = new Application();
     application.router.start();
     application.dispatcher.start();
-    application.register('tfa--setup', Controller);
+    application.register('mfa--setup', Controller);
   });
 
   describe("connect", () => {
spec/requests/mfas_spec.rb
@@ -14,7 +14,7 @@ RSpec.describe "/mfa" do
 
     describe "POST /mfa" do
       context "when the code is correct" do
-        let(:correct_code) { current_user.tfa.current_totp }
+        let(:correct_code) { current_user.mfa.current_totp }
         before { post '/mfa', params: { mfa: { code: correct_code } } }
 
         specify { expect(response).to redirect_to(response_path) }
spec/support/request.rb
@@ -3,11 +3,11 @@ RSpec.configure do |config|
     def http_login(user, skip_mfa: false)
       post '/session', params: { user: { email: user.email, password: user.password } }
       return if skip_mfa
-      mfa_login(user) if user.tfa.setup?
+      mfa_login(user) if user.mfa.setup?
     end
 
     def mfa_login(user)
-      post '/mfa', params: { mfa: { code: user.tfa.current_totp } }
+      post '/mfa', params: { mfa: { code: user.mfa.current_totp } }
     end
   end)
 end
spec/system/direct_login_spec.rb
@@ -1,7 +1,7 @@
 require 'rails_helper'
 
 describe "when logging in directly in to the application", js: true do
-  describe "when tfa is disabled", js: true do
+  describe "when mfa is disabled", js: true do
     let(:user) { create(:user) }
 
     it 'redirects the user to the dashboard' do
@@ -14,17 +14,17 @@ describe "when logging in directly in to the application", js: true do
     end
   end
 
-  describe "when TFA is enabled", js: true do
-    let(:user) { create(:user, tfa_secret: ::ROTP::Base32.random_base32) }
+  describe "when mFA is enabled", js: true do
+    let(:user) { create(:user, :mfa_configured) }
 
     it 'prompts for a TOTP code then redirect to the dashboard' do
-      pending
       visit root_path
       fill_in "user_email", with: user.email
       fill_in "user_password", with: user.password
       click_button I18n.t('sessions.new.login')
 
-      fill_in "totp", with: user.tfa.current_totp
+      fill_in "mfa_code", with: user.mfa.current_totp
+      click_button I18n.t('sessions.new.login')
 
       expect(page).to have_content('Dashboard')
     end