diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2023-08-18 13:50:51 +0300 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2023-08-18 13:50:51 +0300 |
commit | db384e6b19af03b4c3c82a5760d83a3fd79f7982 (patch) | |
tree | 34beaef37df5f47ccbcf5729d7583aae093cffa0 /spec/controllers/sessions_controller_spec.rb | |
parent | 54fd7b1bad233e3944434da91d257fa7f63c3996 (diff) |
Add latest changes from gitlab-org/gitlab@16-3-stable-eev16.3.0-rc42
Diffstat (limited to 'spec/controllers/sessions_controller_spec.rb')
-rw-r--r-- | spec/controllers/sessions_controller_spec.rb | 20 |
1 files changed, 20 insertions, 0 deletions
diff --git a/spec/controllers/sessions_controller_spec.rb b/spec/controllers/sessions_controller_spec.rb index a09b3318c25..ce9703753cf 100644 --- a/spec/controllers/sessions_controller_spec.rb +++ b/spec/controllers/sessions_controller_spec.rb @@ -538,6 +538,26 @@ RSpec.describe SessionsController, feature_category: :system_access do expect(AuthenticationEvent.last.provider).to eq("two-factor-via-webauthn-device") end end + + context 'when the user is locked and submits a valid verification token' do + let(:user) { create(:user) } + let(:user_params) { { verification_token: 'token' } } + let(:session_params) { { verification_user_id: user.id } } + let(:post_action) { post(:create, params: { user: user_params }, session: session_params) } + + before do + encrypted_token = Devise.token_generator.digest(User, user.email, 'token') + user.update!(locked_at: Time.current, unlock_token: encrypted_token) + end + + it_behaves_like 'known sign in' + + it 'successfully logs in a user' do + post_action + + expect(subject.current_user).to eq user + end + end end context 'when login fails' do |