Commit c2978008 authored by Patricio Cano's avatar Patricio Cano

Removed unnecessary service for user retrieval and improved API error message.

parent ff6f0ada
class UserRetrievalService
attr_accessor :login, :password
def initialize(login, password)
@login = login
@password = password
end
def execute
user = Gitlab::Auth.find_with_user_password(login, password)
user unless user.two_factor_enabled?
end
end
......@@ -12,7 +12,8 @@ Doorkeeper.configure do
end
resource_owner_from_credentials do |routes|
UserRetrievalService.new(params[:username], params[:password]).execute
user = Gitlab::Auth.find_with_user_password(params[:username], params[:password])
user unless user && user.two_factor_enabled?
end
# If you want to restrict access to the web interface for adding oauth authorized applications, you need to declare the block below.
......
......@@ -276,7 +276,7 @@ module API
end
def render_2fa_error!
render_api_error!('401 You have 2FA enabled. Please use a personal access token to access the API', 401)
render_api_error!('401 Unauthorized. You have 2FA enabled. Please use a personal access token to access the API', 401)
end
def render_api_error!(message, status)
......
require 'spec_helper'
describe UserRetrievalService, services: true do
context 'user retrieval' do
it 'retrieves the correct user' do
user = create(:user)
retrieved_user = described_class.new(user.username, user.password).execute
expect(retrieved_user).to eq(user)
end
it 'returns nil when 2FA is enabled' do
user = create(:user, :two_factor)
retrieved_user = described_class.new(user.username, user.password).execute
expect(retrieved_user).to be_nil
end
end
end
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment