Commit f228a19e authored by Amy Qualls's avatar Amy Qualls Committed by Kerri Miller

Add more verbose error message if 2FA required

The previous message was just "2FA required." Let's do more here, and
say it's an authentication failure. Explain why, and let's see if
we can't also garden in a link to the docs for how to do this.

Changelog: changed
parent 57c8d634
...@@ -10,6 +10,11 @@ ...@@ -10,6 +10,11 @@
module EnforcesTwoFactorAuthentication module EnforcesTwoFactorAuthentication
extend ActiveSupport::Concern extend ActiveSupport::Concern
MFA_HELP_PAGE = Rails.application.routes.url_helpers.help_page_url(
'user/profile/account/two_factor_authentication.html',
anchor: 'enable-two-factor-authentication'
)
included do included do
before_action :check_two_factor_requirement, except: [:route_not_found] before_action :check_two_factor_requirement, except: [:route_not_found]
...@@ -26,7 +31,11 @@ module EnforcesTwoFactorAuthentication ...@@ -26,7 +31,11 @@ module EnforcesTwoFactorAuthentication
if two_factor_authentication_required? && current_user_requires_two_factor? if two_factor_authentication_required? && current_user_requires_two_factor?
case self case self
when GraphqlController when GraphqlController
render_error("2FA required", status: :unauthorized) render_error(
_("Authentication error: enable 2FA in your profile settings to continue using GitLab: %{mfa_help_page}") %
{ mfa_help_page: MFA_HELP_PAGE },
status: :unauthorized
)
else else
redirect_to profile_two_factor_auth_path redirect_to profile_two_factor_auth_path
end end
......
...@@ -5260,6 +5260,9 @@ msgstr "" ...@@ -5260,6 +5260,9 @@ msgstr ""
msgid "Authentication Log" msgid "Authentication Log"
msgstr "" msgstr ""
msgid "Authentication error: enable 2FA in your profile settings to continue using GitLab: %{mfa_help_page}"
msgstr ""
msgid "Authentication failed: %{error_message}" msgid "Authentication failed: %{error_message}"
msgstr "" msgstr ""
......
...@@ -168,7 +168,12 @@ RSpec.describe GraphqlController do ...@@ -168,7 +168,12 @@ RSpec.describe GraphqlController do
post :execute post :execute
expect(response).to have_gitlab_http_status(:unauthorized) expect(response).to have_gitlab_http_status(:unauthorized)
expect(json_response).to eq({ 'errors' => [{ 'message' => '2FA required' }] })
expected_message = "Authentication error: " \
"enable 2FA in your profile settings to continue using GitLab: %{mfa_help_page}" %
{ mfa_help_page: EnforcesTwoFactorAuthentication::MFA_HELP_PAGE }
expect(json_response).to eq({ 'errors' => [{ 'message' => expected_message }] })
end end
end end
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment