Catch error when server decryption fails on 2FA (#2512)

author: Matt Jankowski <mjankowski@thoughtbot.com> 2017-04-27 09:18:21 -0400
committer: Eugen Rochko <eugen@zeonfederated.com> 2017-04-27 15:18:21 +0200
commit: b48f2cbc8b6b260a8d9b51a26e484a7da1694851 (patch)
tree: 1d76a8e5dd8ec92237516963628ac734a02d13da /spec/controllers
parent: 1736badf28eae2ba42e42f9fef2e151e35d5397a (diff)
1 files changed, 17 insertions, 0 deletions
diff --git a/spec/controllers/auth/sessions_controller_spec.rb b/spec/controllers/auth/sessions_controller_spec.rb
index 2b68b4c5a..393908d97 100644
--- a/spec/controllers/auth/sessions_controller_spec.rb
+++ b/spec/controllers/auth/sessions_controller_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'rails_helper'
 
 RSpec.describe Auth::SessionsController, type: :controller do
@@ -90,6 +92,21 @@ RSpec.describe Auth::SessionsController, type: :controller do
         end
       end
 
+      context 'when the server has an decryption error' do
+        before do
+          allow_any_instance_of(User).to receive(:validate_and_consume_otp!).and_raise(OpenSSL::Cipher::CipherError)
+          post :create, params: { user: { otp_attempt: user.current_otp } }, session: { otp_user_id: user.id }
+        end
+
+        it 'shows a login error' do
+          expect(flash[:alert]).to match I18n.t('users.invalid_otp_token')
+        end
+
+        it "doesn't log the user in" do
+          expect(controller.current_user).to be_nil
+        end
+      end
+
       context 'using a valid recovery code' do
         before do
           post :create, params: { user: { otp_attempt: recovery_codes.first } }, session: { otp_user_id: user.id }
author	Matt Jankowski <mjankowski@thoughtbot.com>	2017-04-27 09:18:21 -0400
committer	Eugen Rochko <eugen@zeonfederated.com>	2017-04-27 15:18:21 +0200
commit	b48f2cbc8b6b260a8d9b51a26e484a7da1694851 (patch)
tree	1d76a8e5dd8ec92237516963628ac734a02d13da /spec/controllers
parent	1736badf28eae2ba42e42f9fef2e151e35d5397a (diff)