|
|
|
@ -42,10 +42,12 @@ feature "User of two factor authentication" do
|
|
|
|
|
expect(page).to have_content("You are signed in as Marissa") |
|
|
|
|
end |
|
|
|
|
|
|
|
|
|
scenario "is locked out after 3 failed attempts" do |
|
|
|
|
scenario "is locked out after max failed attempts" do |
|
|
|
|
visit user_two_factor_authentication_path |
|
|
|
|
|
|
|
|
|
3.times do |
|
|
|
|
max_attempts = User.max_login_attempts |
|
|
|
|
|
|
|
|
|
max_attempts.times do |
|
|
|
|
fill_in "code", with: "incorrect#{rand(100)}" |
|
|
|
|
click_button "Submit" |
|
|
|
|
|
|
|
|
@ -57,5 +59,14 @@ feature "User of two factor authentication" do
|
|
|
|
|
expect(page).to have_content("Access completely denied") |
|
|
|
|
expect(page).to have_content("You are signed out") |
|
|
|
|
end |
|
|
|
|
|
|
|
|
|
scenario "cannot retry authentication after max attempts" do |
|
|
|
|
user.update_attribute(:second_factor_attempts_count, User.max_login_attempts) |
|
|
|
|
|
|
|
|
|
visit user_two_factor_authentication_path |
|
|
|
|
|
|
|
|
|
expect(page).to have_content("Access completely denied") |
|
|
|
|
expect(page).to have_content("You are signed out") |
|
|
|
|
end |
|
|
|
|
end |
|
|
|
|
end |
|
|
|
|