From 7b879bb8bded3aa7577133a9bc2be0c7fc97d855 Mon Sep 17 00:00:00 2001 From: Robert Speicher Date: Sat, 23 May 2015 18:47:53 -0400 Subject: Bump secret key length to 32 --- app/controllers/profiles/two_factor_auths_controller.rb | 2 +- spec/controllers/profiles/two_factor_auths_controller_spec.rb | 2 +- spec/factories.rb | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/app/controllers/profiles/two_factor_auths_controller.rb b/app/controllers/profiles/two_factor_auths_controller.rb index 17abcea2068..42579b3eb44 100644 --- a/app/controllers/profiles/two_factor_auths_controller.rb +++ b/app/controllers/profiles/two_factor_auths_controller.rb @@ -1,7 +1,7 @@ class Profiles::TwoFactorAuthsController < Profiles::ApplicationController def new unless current_user.otp_secret - current_user.otp_secret = User.generate_otp_secret(16) + current_user.otp_secret = User.generate_otp_secret(32) current_user.save! end diff --git a/spec/controllers/profiles/two_factor_auths_controller_spec.rb b/spec/controllers/profiles/two_factor_auths_controller_spec.rb index b7e8583523b..65415f21e55 100644 --- a/spec/controllers/profiles/two_factor_auths_controller_spec.rb +++ b/spec/controllers/profiles/two_factor_auths_controller_spec.rb @@ -12,7 +12,7 @@ describe Profiles::TwoFactorAuthsController do let(:user) { create(:user) } it 'generates otp_secret for user' do - expect(User).to receive(:generate_otp_secret).with(16).and_return('secret').once + expect(User).to receive(:generate_otp_secret).with(32).and_return('secret').once get :new get :new # Second hit shouldn't re-generate it diff --git a/spec/factories.rb b/spec/factories.rb index 0f353b842ff..e66ea3ce956 100644 --- a/spec/factories.rb +++ b/spec/factories.rb @@ -31,7 +31,7 @@ FactoryGirl.define do trait :two_factor do before(:create) do |user| user.otp_required_for_login = true - user.otp_secret = User.generate_otp_secret(16) + user.otp_secret = User.generate_otp_secret(32) end end -- cgit v1.2.1