Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

The option auto_increment (for ActiveModel::OneTimePassword#authenticate_code/otp_code) is not working #58

Closed
flavono123 opened this issue Aug 5, 2019 · 0 comments · Fixed by #63
Closed

The option auto_increment (for ActiveModel::OneTimePassword#authenticate_code/otp_code) is not working #58

flavono123 opened this issue Aug 5, 2019 · 0 comments · Fixed by #63

Comments

@flavono123
Copy link 

irb(main):003:0> user.respond_to?(:new_record)
=> false
irb(main):004:0> user.respond_to?(:new_record?)
=> true

Since instances of ActiveRecord::Persistence have a method #new_record? not #new_record

active_model_otp/lib/active_model/one_time_password.rb

Line 52 in 3280ecd

save if respond_to?(:new_record) && !new_record?

active_model_otp/lib/active_model/one_time_password.rb

Line 69 in 3280ecd

save if respond_to?(:new_record) && !new_record?

@flavono123 flavono123 changed the title The option auto_increment (for ActiveModel::OneTimePassword#authenticate_code/otp_code) is not working The option auto_increment (for ActiveModel::OneTimePassword#authenticate_code/otp_code) is not working Aug 5, 2019
@robertomiranda robertomiranda mentioned this issue Sep 19, 2019
Merged
@gbp gbp mentioned this issue Jan 31, 2021
Merged
gbp added a commit to mysociety/alaveteli that referenced this issue Feb 3, 2021
@gbp
Fix broken password updates with OTP specs
e119dd1 
Since upgrading to active_model_otp 2.1.0 specs for updating password
have been broken.

This is due a bug being fixed upstream [1]. This has resulted in the
user record being saved an additional time [2].

We call `authenticate_otp` within a validate callback it means it's also
called an additional time.

This second call then fails due to the `entered_otp_code` is set to nil
in the initial validation callback. This adds an error to the user
prevents the controller from following the expected successful
redirection.

This change prevents additional save from being triggered upstream and
instead we manually increment the `otp_counter` which is saved after
validation is complete.

[1] heapsource/active_model_otp#58
[2] https://github.com/heapsource/active_model_otp/blob/v2.1.0/lib/active_model/one_time_password.rb#L52
gbp added a commit to mysociety/alaveteli that referenced this issue Feb 16, 2021
@gbp
Fix broken password updates with OTP specs
0630ab9 
Since upgrading to active_model_otp 2.1.0 specs for updating password
have been broken.

This is due a bug being fixed upstream [1]. This has resulted in the
user record being saved an additional time [2].

We call `authenticate_otp` within a validate callback it means it's also
called an additional time.

This second call then fails due to the `entered_otp_code` is set to nil
in the initial validation callback. This adds an error to the user
prevents the controller from following the expected successful
redirection.

This change prevents additional save from being triggered upstream and
instead we manually increment the `otp_counter` which is saved after
validation is complete.

[1] heapsource/active_model_otp#58
[2] https://github.com/heapsource/active_model_otp/blob/v2.1.0/lib/active_model/one_time_password.rb#L52
gbp added a commit to mysociety/alaveteli that referenced this issue Mar 8, 2021
@gbp
Fix broken password updates with OTP specs
75f9d59 
Since upgrading to active_model_otp 2.1.0 specs for updating password
have been broken.

This is due a bug being fixed upstream [1]. This has resulted in the
user record being saved an additional time [2].

We call `authenticate_otp` within a validate callback it means it's also
called an additional time.

This second call then fails due to the `entered_otp_code` is set to nil
in the initial validation callback. This adds an error to the user
prevents the controller from following the expected successful
redirection.

This change prevents additional save from being triggered upstream and
instead we manually increment the `otp_counter` which is saved after
validation is complete.

[1] heapsource/active_model_otp#58
[2] https://github.com/heapsource/active_model_otp/blob/v2.1.0/lib/active_model/one_time_password.rb#L52
gbp added a commit to mysociety/alaveteli that referenced this issue Apr 14, 2021
@gbp
Fix broken password updates with OTP specs
5831d7e 
Since upgrading to active_model_otp 2.1.0 specs for updating password
have been broken.

This is due a bug being fixed upstream [1]. This has resulted in the
user record being saved an additional time [2].

We call `authenticate_otp` within a validate callback it means it's also
called an additional time.

This second call then fails due to the `entered_otp_code` is set to nil
in the initial validation callback. This adds an error to the user
prevents the controller from following the expected successful
redirection.

This change prevents additional save from being triggered upstream and
instead we manually increment the `otp_counter` which is saved after
validation is complete.

[1] heapsource/active_model_otp#58
[2] https://github.com/heapsource/active_model_otp/blob/v2.1.0/lib/active_model/one_time_password.rb#L52
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Fix ActiveRecord integration for auto_increment option heapsource/active_model_otp
1 participant
@flavono123