mirror of
https://github.com/Retrospring/retrospring.git
synced 2024-11-20 14:29:53 +01:00
Redirect away from two factor entry page if no target user is set in session
This commit is contained in:
parent
5447e905c0
commit
00da21a13d
2 changed files with 19 additions and 0 deletions
|
@ -27,6 +27,11 @@ class User::SessionsController < Devise::SessionsController
|
|||
end
|
||||
|
||||
def two_factor_entry
|
||||
unless session.has_key? :user_sign_in_uid
|
||||
redirect_to root_url
|
||||
return
|
||||
end
|
||||
|
||||
self.resource = User.find(session[:user_sign_in_uid])
|
||||
render 'auth/two_factor_authentication'
|
||||
end
|
||||
|
|
14
spec/controllers/user/sessions_controller_spec.rb
Normal file
14
spec/controllers/user/sessions_controller_spec.rb
Normal file
|
@ -0,0 +1,14 @@
|
|||
require 'rails_helper'
|
||||
|
||||
describe User::SessionsController do
|
||||
before do
|
||||
@request.env["devise.mapping"] = Devise.mappings[:user]
|
||||
end
|
||||
|
||||
describe "#two_factor_entry" do
|
||||
subject { get :two_factor_entry }
|
||||
it "redirects back to the home page if no sign in target is set" do
|
||||
expect(subject).to redirect_to :root
|
||||
end
|
||||
end
|
||||
end
|
Loading…
Reference in a new issue