Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

EC-198 Added feature flag for 2FA Email for new device login #1993

Merged
merged 3 commits into from
May 13, 2022
Merged

EC-198 Added feature flag for 2FA Email for new device login #1993

merged 3 commits into from
May 13, 2022
+28 −21

Conversation

fedemkr
Copy link
Member

@fedemkr fedemkr commented May 11, 2022
edited
Loading

Type of change

  • Bug fix
  • New feature development
  • Tech debt (refactoring, code cleanup, dependency upgrades, etc)
  • Build/deploy pipeline (DevOps)
  • Other

Objective

Add feature flag for 2FA Email for new device login so we can disable the need to ask for 2FA email on new device logins by configuration.

Code changes

  • GlobalSettings: Added TwoFactorAuth -> EmailOnNewDeviceLogin to enable/disable 2FA Email for new device logins
  • UserService.cs: Added Global Settings -> TwoFactorAuth -> EmailOnNewDeviceLogin check and reordered the checks so that it doesn't check for stuff when the feature is off. Also removed the dev environment check given that now we can rely on global settings flag.
  • UserServiceTests.cs Added tests for the new global settings' check and removed the ones for environment check.

Before you submit

  • I have checked for formatting errors (dotnet tool run dotnet-format --check) (required)
  • If making database changes - I have also updated Entity Framework queries and/or migrations
  • I have added unit tests where it makes sense to do so (encouraged but not required)
  • This change requires a documentation update (notify the documentation team)
  • This change has particular deployment requirements (notify the DevOps team)

@fedemkr fedemkr requested a review from a team May 11, 2022 16:48
@fedemkr fedemkr marked this pull request as draft May 11, 2022 17:58
@fedemkr
EC-198 Removed is development environment check on 2FA email new devi…
c786139 
…ce login given that we can now rely on the global settings feature flag
@fedemkr fedemkr marked this pull request as ready for review May 11, 2022 21:22
MGibson1
MGibson1 requested changes May 12, 2022
View reviewed changes
src/Core/Settings/GlobalSettings.cs Outdated
@@ -69,6 +69,7 @@ public virtual string LicenseDirectory
public virtual AppleIapSettings AppleIap { get; set; } = new AppleIapSettings();
public virtual SsoSettings Sso { get; set; } = new SsoSettings();
public virtual StripeSettings Stripe { get; set; } = new StripeSettings();
public virtual TwoFactorAuthSettings TwoFactorAuth { get; set; } = new TwoFactorAuthSettings();
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can you add these as interfaces and define them in src/Core/Settings? It makes testing more straightforwad

src/Core/Services/Implementations/UserService.cs Outdated
@@ -84,8 +82,7 @@ public class UserService : UserManager<User>, IUserService, IDisposable
GlobalSettings globalSettings,
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please update this to an IGlobalSettings to enable testing

test/Core.Test/Services/UserServiceTests.cs Outdated
Comment on lines 176 to 180
sutProvider.GetDependency<Settings.GlobalSettings>().TwoFactorAuth = new Settings.GlobalSettings.TwoFactorAuthSettings
{
EmailOnNewDeviceLogin = true
};

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We're trying to get away from using our default global settings injector.

Once you make the changes to inject and interface you should be able to:

sutProvider.GetDependency<IGlobalSettings>().TwoFactorAuth.EmailOnNewDevice.Returns(true)

test/Core.Test/Services/UserServiceTests.cs Outdated
Comment on lines 266 to 269
sutProvider.GetDependency<Settings.GlobalSettings>().TwoFactorAuth = new Settings.GlobalSettings.TwoFactorAuthSettings
{
EmailOnNewDeviceLogin = false
};
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Same mocking comment as above

@fedemkr fedemkr requested a review from MGibson1 May 13, 2022 01:33
@fedemkr fedemkr merged commit 2e2d307 into master May 13, 2022
@fedemkr fedemkr deleted the EC-198-add-feature-flag-2fa-email-new-devices branch May 13, 2022 13:48
fedemkr added a commit that referenced this pull request May 16, 2022
@fedemkr
EC-198 Added feature flag for 2FA Email for new device login (#1993)
de2c0ab 
* EC-198 added global setting flag for 2FA email on new device login feature

* EC-198 Removed is development environment check on 2FA email new device login given that we can now rely on the global settings feature flag

* EC-198 Improved IGlobalSettings and UserService code for testing
@fedemkr fedemkr mentioned this pull request Jan 19, 2023
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@MGibson1 MGibson1 MGibson1 approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@fedemkr @MGibson1