Resend view

3 years ago · 715c45ea08
5 changed files with 68 additions and 3 deletions
--- a/app/controllers/auth/two_factor_authentication_controller.rb
+++ b/app/controllers/auth/two_factor_authentication_controller.rb
@ -0,0 +1,5 @@
+class Auth::TwoFactorAuthenticationController < Devise::TwoFactorAuthenticationController
+  def show_resend
+    render "devise/two_factor_authentication/resend"
+  end
+end
--- a/app/views/devise/two_factor_authentication/resend.html.erb
+++ b/app/views/devise/two_factor_authentication/resend.html.erb
@ -0,0 +1,23 @@
+<% content_for :title, "Resend security code" %>
+
+<% content_for :before_content do %>
+  <%= govuk_back_link(
+    text: 'Back',
+    href: 'javascript:history.back()',
+  ) %>
+<% end %>
+
+<%= form_with(url: resend_code_admin_user_two_factor_authentication_path, html: { method: :get }) do |f| %>
+  <div class="govuk-grid-row">
+    <div class="govuk-grid-column-two-thirds">
+
+      <h1 class="govuk-heading-l">
+        <%= content_for(:title) %>
+      </h1>
+
+      <p class="govuk-body">Text messages sometimes take a few minutes to arrive. If you do not receive the text message, you can request a new one.</p>
+
+      <%= f.govuk_submit "Resend security code" %>
+    </div>
+  </div>
+<% end %>
--- a/app/views/devise/two_factor_authentication/show.html.erb
+++ b/app/views/devise/two_factor_authentication/show.html.erb
@ -1,6 +1,6 @@
 <% content_for :title, "Check your phone" %>

-<%= form_with(url: "/admin/two_factor_authentication", html: { method: :put }) do |f| %>
+<%= form_with(url: "/admin/two-factor-authentication", html: { method: :put }) do |f| %>
  <div class="govuk-grid-row">
    <div class="govuk-grid-column-two-thirds">

@ -22,5 +22,5 @@
 <% end %>

 <p class="govuk-body">
-  <%= govuk_link_to "Not received a text message?", "#" %>
+  <%= govuk_link_to "Not received a text message?", admin_two_factor_authentication_resend_path %>
 </p>
--- a/config/routes.rb
+++ b/config/routes.rb
@ -1,5 +1,22 @@
 Rails.application.routes.draw do
-  devise_for :admin_users, ActiveAdmin::Devise.config
+  devise_for :admin_users, {
+    path: :admin,
+    controllers: {
+      sessions: "active_admin/devise/sessions",
+      passwords: "active_admin/devise/passwords",
+      unlocks: "active_admin/devise/unlocks",
+      registrations: "active_admin/devise/registrations",
+      confirmations: "active_admin/devise/confirmations",
+      two_factor_authentication: "auth/two_factor_authentication",
+    },
+    path_names: { sign_in: "login", sign_out: "logout", two_factor_authentication: "two-factor-authentication" },
+    sign_out_via: %i[delete get],
+  }
+
+  devise_scope :admin_user do
+    get "admin/two-factor-authentication/resend", to: "auth/two_factor_authentication#show_resend"
+  end
+
  devise_for :users, controllers: {
    passwords: "auth/passwords",
    sessions: "auth/sessions",
--- a/spec/features/admin_panel_spec.rb
+++ b/spec/features/admin_panel_spec.rb
@ -52,4 +52,24 @@ RSpec.describe "Admin Panel" do
      expect(page).to have_content("Check your phone")
    end
  end
+
+  context "when the 2FA code needs to be resent" do
+    before do
+      visit("/admin")
+      fill_in("admin_user[email]", with: admin.email)
+      fill_in("admin_user[password]", with: admin.password)
+      click_button("Login")
+    end
+
+    it "displays the resend view" do
+      click_link("Not received a text message?")
+      expect(page).to have_button("Resend security code")
+    end
+
+    it "send a new OTP code and redirects back to the 2FA view" do
+      click_link("Not received a text message?")
+      expect { click_button("Resend security code") }.to(change { admin.reload.direct_otp })
+      expect(page).to have_current_path("/admin/two-factor-authentication")
+    end
+  end
 end