Feature spec for max login attempts

adds nickname column to dummy app user

Update feature specs with user nickname; add max login attempt spec

regenerate schema

app/controllers/devise/two_factor_authentication_controller.rb

@@ -17,10 +17,10 @@ class Devise::TwoFactorAuthenticationController < DeviseController
     else
       resource.second_factor_attempts_count += 1
       resource.save
-      set_flash_message :error, :attempt_failed
+      flash.now[:error] = find_message(:attempt_failed)
       if resource.max_login_attempts?
         sign_out(resource)
-        render :template => 'devise/two_factor_authentication/max_login_attempts_reached' and return
+        render :max_login_attempts_reached
       else
         render :show
       end
@@ -37,6 +37,7 @@ class Devise::TwoFactorAuthenticationController < DeviseController
       redirect_to :root and return if resource.nil?
       @limit = resource.class.max_login_attempts
       if resource.max_login_attempts?
+        binding.pry
         sign_out(resource)
         render :template => 'devise/two_factor_authentication/max_login_attempts_reached' and return
       end

spec/features/two_factor_authenticatable_spec.rb

@@ -5,7 +5,8 @@ feature "User of two factor authentication" do
   scenario "must be logged in" do
     visit user_two_factor_authentication_path
 
-    page.should have_content("Welcome Home")
+    expect(page).to have_content("Welcome Home")
+    expect(page).to have_content("You are signed out")
   end
 
   context "when logged in" do
@@ -18,7 +19,8 @@ feature "User of two factor authentication" do
     scenario "can fill in TFA code" do
       visit user_two_factor_authentication_path
 
-      page.should have_content("Enter your personal code")
+      expect(page).to have_content("You are signed in as Marissa")
+      expect(page).to have_content("Enter your personal code")
 
       fill_in "code", with: user.otp_code
       click_button "Submit"
@@ -37,6 +39,23 @@ feature "User of two factor authentication" do
       click_button "Submit"
 
       expect(page).to have_content("Your Personal Dashboard")
+      expect(page).to have_content("You are signed in as Marissa")
+    end
+
+    scenario "is locked out after 3 failed attempts" do
+      visit user_two_factor_authentication_path
+
+      3.times do
+        fill_in "code", with: "incorrect#{rand(100)}"
+        click_button "Submit"
+
+        within(".flash.error") do
+          expect(page).to have_content("Attempt failed")
+        end
+      end
+
+      expect(page).to have_content("Access completely denied")
+      expect(page).to have_content("You are signed out")
     end
   end
 end

spec/rails_app/app/helpers/application_helper.rb

@@ -1,2 +1,8 @@
 module ApplicationHelper
+
+  def render_flash
+    flash.map do |name, message|
+      content_tag(:p, message, class: "flash #{name}")
+    end.join.html_safe
+  end
 end

spec/rails_app/app/views/home/dashboard.html.erb

@@ -1,5 +1,7 @@
 <h1>Your Personal Dashboard</h1>
 
-<p>Your email is <%= current_user.email %></p>
+<p>Hi <%= current_user.nickname %></p>
 
-<p>You will only be able to see this page after successfully completing two factor authentication</p>
+<p>Your registered email address is <%= current_user.email %></p>
+
+<p>You can only see this page after successfully completing two factor authentication</p>

spec/rails_app/app/views/layouts/application.html.erb

@@ -7,8 +7,14 @@
     <%= csrf_meta_tags %>
   </head>
   <body>
-    <p class="flash notice"><%= notice %></p>
-    <p class="flash alert"><%= alert %></p>
+    <nav>
+      <% if user_signed_in? %>
+        You are signed in as <%= current_user.nickname %>
+      <% else %>
+        You are signed out
+      <% end %>
+    </nav>
+    <%= render_flash %>
     <%= yield %>
   </body>
 </html>

spec/rails_app/config/database.yml

@@ -17,9 +17,3 @@ test:
   database: db/test.sqlite3
   pool: 5
   timeout: 5000
-
-production:
-  adapter: sqlite3
-  database: db/production.sqlite3
-  pool: 5
-  timeout: 5000

spec/rails_app/db/migrate/20140407215513_add_nickanme_to_users.rb

@@ -0,0 +1,7 @@
+class AddNickanmeToUsers < ActiveRecord::Migration
+  def change
+    change_table :users do |t|
+      t.column :nickname, :string, limit: 64
+    end
+  end
+end

spec/rails_app/db/schema.rb

@@ -11,7 +11,7 @@
 #
 # It's strongly recommended to check this file into your version control system.
 
-ActiveRecord::Schema.define(:version => 20140407172619) do
+ActiveRecord::Schema.define(:version => 20140407215513) do
 
   create_table "users", :force => true do |t|
     t.string   "email",                                      :default => "", :null => false
@@ -28,6 +28,7 @@ ActiveRecord::Schema.define(:version => 20140407172619) do
     t.datetime "updated_at",                                                 :null => false
     t.string   "otp_secret_key"
     t.integer  "second_factor_attempts_count",               :default => 0
+    t.string   "nickname",                     :limit => 64
   end
 
   add_index "users", ["email"], :name => "index_users_on_email", :unique => true

spec/support/authenticated_model_helper.rb

@@ -10,6 +10,7 @@ module AuthenticatedModelHelper
 
   def valid_attributes(attributes={})
     {
+      nickname: 'Marissa',
       email: generate_unique_email,
       password: 'password',
       password_confirmation: 'password'

spec/support/capybara.rb

@@ -1,9 +1,3 @@
 require 'capybara/rspec'
 
 Capybara.app = Dummy::Application
-
-RSpec.configure do |config|
-  config.before(:each, :feature) do
-
-  end
-end