diff --git a/app/controllers/devise/two_factor_authentication_controller.rb b/app/controllers/devise/two_factor_authentication_controller.rb
index 5f5b4b4..05c6027 100644
--- a/app/controllers/devise/two_factor_authentication_controller.rb
+++ b/app/controllers/devise/two_factor_authentication_controller.rb
@@ -17,10 +17,10 @@ class Devise::TwoFactorAuthenticationController < DeviseController
else
resource.second_factor_attempts_count += 1
resource.save
- set_flash_message :error, :attempt_failed
+ flash.now[:error] = find_message(:attempt_failed)
if resource.max_login_attempts?
sign_out(resource)
- render :template => 'devise/two_factor_authentication/max_login_attempts_reached' and return
+ render :max_login_attempts_reached
else
render :show
end
@@ -37,6 +37,7 @@ class Devise::TwoFactorAuthenticationController < DeviseController
redirect_to :root and return if resource.nil?
@limit = resource.class.max_login_attempts
if resource.max_login_attempts?
+ binding.pry
sign_out(resource)
render :template => 'devise/two_factor_authentication/max_login_attempts_reached' and return
end
diff --git a/spec/features/two_factor_authenticatable_spec.rb b/spec/features/two_factor_authenticatable_spec.rb
index b16f6fb..899cd5b 100644
--- a/spec/features/two_factor_authenticatable_spec.rb
+++ b/spec/features/two_factor_authenticatable_spec.rb
@@ -5,7 +5,8 @@ feature "User of two factor authentication" do
scenario "must be logged in" do
visit user_two_factor_authentication_path
- page.should have_content("Welcome Home")
+ expect(page).to have_content("Welcome Home")
+ expect(page).to have_content("You are signed out")
end
context "when logged in" do
@@ -18,7 +19,8 @@ feature "User of two factor authentication" do
scenario "can fill in TFA code" do
visit user_two_factor_authentication_path
- page.should have_content("Enter your personal code")
+ expect(page).to have_content("You are signed in as Marissa")
+ expect(page).to have_content("Enter your personal code")
fill_in "code", with: user.otp_code
click_button "Submit"
@@ -37,6 +39,23 @@ feature "User of two factor authentication" do
click_button "Submit"
expect(page).to have_content("Your Personal Dashboard")
+ expect(page).to have_content("You are signed in as Marissa")
+ end
+
+ scenario "is locked out after 3 failed attempts" do
+ visit user_two_factor_authentication_path
+
+ 3.times do
+ fill_in "code", with: "incorrect#{rand(100)}"
+ click_button "Submit"
+
+ within(".flash.error") do
+ expect(page).to have_content("Attempt failed")
+ end
+ end
+
+ expect(page).to have_content("Access completely denied")
+ expect(page).to have_content("You are signed out")
end
end
end
diff --git a/spec/rails_app/app/helpers/application_helper.rb b/spec/rails_app/app/helpers/application_helper.rb
index de6be79..b5e2e4e 100644
--- a/spec/rails_app/app/helpers/application_helper.rb
+++ b/spec/rails_app/app/helpers/application_helper.rb
@@ -1,2 +1,8 @@
module ApplicationHelper
+
+ def render_flash
+ flash.map do |name, message|
+ content_tag(:p, message, class: "flash #{name}")
+ end.join.html_safe
+ end
end
diff --git a/spec/rails_app/app/views/home/dashboard.html.erb b/spec/rails_app/app/views/home/dashboard.html.erb
index d48f903..13e63b8 100644
--- a/spec/rails_app/app/views/home/dashboard.html.erb
+++ b/spec/rails_app/app/views/home/dashboard.html.erb
@@ -1,5 +1,7 @@
Your Personal Dashboard
-Your email is <%= current_user.email %>
+Hi <%= current_user.nickname %>
-You will only be able to see this page after successfully completing two factor authentication
+Your registered email address is <%= current_user.email %>
+
+You can only see this page after successfully completing two factor authentication
diff --git a/spec/rails_app/app/views/layouts/application.html.erb b/spec/rails_app/app/views/layouts/application.html.erb
index 8d56308..5d58281 100644
--- a/spec/rails_app/app/views/layouts/application.html.erb
+++ b/spec/rails_app/app/views/layouts/application.html.erb
@@ -7,8 +7,14 @@
<%= csrf_meta_tags %>
- <%= notice %>
- <%= alert %>
+
+ <%= render_flash %>
<%= yield %>