Small refactor and syntax fixes.

a4137411 · Patricio Cano · c2978008 · a4137411 · a4137411 · a4137411
Commit a4137411 authored 8 years ago by Patricio Cano
--- a/config/initializers/doorkeeper.rb
+++ b/config/initializers/doorkeeper.rb
@@ -13,7 +13,7 @@ Doorkeeper.configure do
  
  resource_owner_from_credentials do |routes|
    user = Gitlab::Auth.find_with_user_password(params[:username], params[:password])
-    user unless user && user.two_factor_enabled?
+    user unless user.try(:two_factor_enabled?)
  end
  
  # If you want to restrict access to the web interface for adding oauth authorized applications, you need to declare the block below.

--- a/lib/api/helpers.rb
+++ b/lib/api/helpers.rb
@@ -275,10 +275,6 @@ module API
      end
    end
  
-    def render_2fa_error!
-      render_api_error!('401 Unauthorized. You have 2FA enabled. Please use a personal access token to access the API', 401)
-    end
-
    def render_api_error!(message, status)
      error!({ 'message' => message }, status)
    end

--- a/lib/api/session.rb
+++ b/lib/api/session.rb
@@ -14,7 +14,7 @@ module API
      user = Gitlab::Auth.find_with_user_password(params[:email] || params[:login], params[:password])
  
      return unauthorized! unless user
-      return render_2fa_error! if user.two_factor_enabled?
+      return render_api_error!('401 Unauthorized. You have 2FA enabled. Please use a personal access token to access the API', 401) if user.two_factor_enabled?
      present user, with: Entities::UserLogin
    end
  end

--- a/spec/requests/api/oauth_tokens_spec.rb
+++ b/spec/requests/api/oauth_tokens_spec.rb
@@ -11,6 +11,7 @@ describe API::API, api: true  do
    context 'when user has 2FA enabled' do
      it 'does not create an access token' do
        user = create(:user, :two_factor)
+
        request_oauth_token(user)
  
        expect(response).to have_http_status(401)
@@ -21,6 +22,7 @@ describe API::API, api: true  do
    context 'when user does not have 2FA enabled' do
      it 'creates an access token' do
        user = create(:user)
+
        request_oauth_token(user)
  
        expect(response).to have_http_status(200)

--- a/spec/requests/api/session_spec.rb
+++ b/spec/requests/api/session_spec.rb
@@ -25,6 +25,7 @@ describe API::API, api: true  do
          post api('/session'), email: user.email, password: user.password
  
          expect(response).to have_http_status(401)
+          expect(response.body).to include('You have 2FA enabled.')
        end
      end
    end