Skip to content

Commit

Permalink
add test to ensure that trackable fields are not updated until after …
Browse files Browse the repository at this point in the history 
…entering user token when OTP is enabled;
  • Loading branch information
@strouptl
strouptl committed Jun 4, 2024
1 parent d170a22 commit 024f066
Showing 1 changed file with 38 additions and 0 deletions.
38 changes: 38 additions & 0 deletions test/integration/trackable_test.rb
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,38 @@
require "test_helper"
require "integration_tests_helper"

class TrackableTest < ActionDispatch::IntegrationTest
def teardown
Capybara.reset_sessions!
end

test "should not update devise trackable fields until user enters user token" do
user = sign_user_in

user.reload

sign_in_count = user.sign_in_count
current_sign_in_at = user.current_sign_in_at

sign_out

user.populate_otp_secrets!
user.enable_otp!

sign_user_in(user)

user.reload

assert_equal sign_in_count, user.sign_in_count
assert_equal current_sign_in_at, user.current_sign_in_at

fill_in "user_token", with: ROTP::TOTP.new(user.otp_auth_secret).at(Time.now)
click_button "Submit Token"

user.reload

assert_not_equal sign_in_count, user.sign_in_count
assert_not_equal current_sign_in_at, user.current_sign_in_at
end

end

0 comments on commit 024f066

Please sign in to comment.