fix: don't override skip_two_factor whenever calling #mark_as_two_fac…

…tored

lib/authie/session.rb

@@ -114,10 +114,10 @@ def see_password
     #
     # @raises [ActiveRecord::RecordInvalid]
     # @return [Authie::Session]
-    def mark_as_two_factored(skip: false)
+    def mark_as_two_factored(skip: nil)
       @session.two_factored_at = Time.now
       @session.two_factored_ip = @controller.request.ip
-      @session.skip_two_factor = skip
+      @session.skip_two_factor = skip unless skip.nil?
       @session.save!
       Authie.config.events.dispatch(:marked_as_two_factor, self)
       self
@@ -305,7 +305,7 @@ def get_session(controller)
     delegate :two_factored_at, to: :session
     delegate :two_factored_ip, to: :session
     delegate :two_factored?, to: :session
-    delegate :skip_two_factor, to: :session
+    delegate :skip_two_factor?, to: :session
     delegate :update, to: :session
     delegate :update!, to: :session
     delegate :user_agent, to: :session

spec/lib/session_spec.rb

@@ -243,12 +243,19 @@
 
     it 'can set the skip two factor boolean to true if provided' do
       session.mark_as_two_factored(skip: true)
-      expect(session.skip_two_factor).to eq true
+      expect(session.skip_two_factor?).to eq true
     end
 
-    it 'does not set the skip two factor boolean if not set' do
+    it 'can set the skip two factor boolean to false if provided' do
+      session.update!(skip_two_factor: true) # default is false, set to true to check it does actually change
+      session.mark_as_two_factored(skip: false)
+      expect(session.skip_two_factor?).to eq false
+    end
+
+    it 'does not override the two factor boolean if not provided' do
+      session.update!(skip_two_factor: true)
       session.mark_as_two_factored
-      expect(session.skip_two_factor).to eq false
+      expect(session.skip_two_factor?).to eq true
     end
   end