Merge pull request #114 from gate-sso/cleaning_up_setup

Fixing Bug on Regenerating Auth Token

app/controllers/profile_controller.rb

@@ -7,7 +7,7 @@ class ProfileController < ApplicationController
   prepend_before_filter :setup_user if Rails.env.development?
 
   def regen_auth
-    current_user.generate_two_factor_auth
+    current_user.generate_two_factor_auth(true)
     redirect_to profile_path
   end
 

app/models/user.rb

@@ -32,11 +32,11 @@ def initialise_host_and_group
     groups << Group.find_or_initialize_by(name: user_login_id)
   end
 
-  def generate_two_factor_auth
-    if persisted?
+  def generate_two_factor_auth(force_create = false)
+    if persisted? && (force_create || (!force_create && auth_key.blank?))
       self.auth_key = ROTP::Base32.random_base32
       totp = ROTP::TOTP.new(auth_key)
-      self.provisioning_uri = totp.provisioning_uri "GoJek-C #{name}"
+      self.provisioning_uri = totp.provisioning_uri "GoJek-C #{email}"
       save!
     end
   end

spec/features/users/regenerate_auth_spec.rb

@@ -0,0 +1,14 @@
+require 'rails_helper'
+RSpec.feature 'Rengenerate Auth Token', type: :feature do
+  let(:user) { create(:user) }
+  let(:rotp_key) { ROTP::Base32.random_base32 }
+  before(:each) do
+    allow(ROTP::Base32).to receive(:random_base32).and_return(rotp_key)
+  end
+  scenario 'Create an organisation successfully' do
+    sign_in user
+    expect(user).to receive(:generate_two_factor_auth).with(true)
+    visit regenerate_authentication_path
+    expect(current_path).to eq(profile_path)
+  end
+end

spec/models/user_spec.rb

@@ -79,9 +79,12 @@
 
   describe 'generate_two_factor_auth' do
     let(:rotp_key) { ROTP::Base32.random_base32 }
+    let(:new_rotp_key) { ROTP::Base32.random_base32 }
 
-    before(:each) do
-      allow(ROTP::Base32).to receive(:random_base32).and_return(rotp_key)
+    before(:each) do |ex|
+      unless ex.metadata[:skip_before]
+        allow(ROTP::Base32).to receive(:random_base32).and_return(rotp_key)
+      end
     end
 
     it 'shouldn\'t generate key if user is not created' do
@@ -100,7 +103,31 @@
     it 'should update provisioning url' do
       user = create(:user)
       user.generate_two_factor_auth
-      url = ROTP::TOTP.new(rotp_key).provisioning_uri "GoJek-C #{user.name}"
+      url = ROTP::TOTP.new(rotp_key).provisioning_uri "GoJek-C #{user.email}"
+      expect(user.provisioning_uri).to eq(url)
+    end
+
+    it 'shouldn\'t generate the token if it\'s already generated', skip_before: true do
+      user = create(:user)
+      allow(ROTP::Base32).to receive(:random_base32).and_return(new_rotp_key)
+      url = ROTP::TOTP.new(new_rotp_key).provisioning_uri "GoJek-C #{user.email}"
+      user.generate_two_factor_auth
+      allow(ROTP::Base32).to receive(:random_base32).and_return(rotp_key)
+      user.generate_two_factor_auth
+      user.reload
+      expect(user.auth_key).to eq(new_rotp_key)
+      expect(user.provisioning_uri).to eq(url)
+    end
+
+    it 'should generate the token if its already generated and force_generate is true',
+      skip_before: true do
+      user = create(:user)
+      allow(ROTP::Base32).to receive(:random_base32).and_return(new_rotp_key)
+      url = ROTP::TOTP.new(new_rotp_key).provisioning_uri "GoJek-C #{user.email}"
+      user.generate_two_factor_auth true
+      allow(ROTP::Base32).to receive(:random_base32).and_return(rotp_key)
+      user.generate_two_factor_auth
+      expect(user.auth_key).to eq(rotp_key)
       expect(user.provisioning_uri).to eq(url)
     end
   end