-
-
Notifications
You must be signed in to change notification settings - Fork 20
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
ππ¨
Authentication Prevent race condition when double-tapping sign-in (β¦
β¦#1892) * ππ¨`Authentication` Prevent a condition when double-tapping sign-in - #1809 OK, so my working assumption is that the bug is caused by two requests being processed at the same time for a new email address, and the first one creates the `AuthenticationMethod` and the second one *tries* to, and fails; resulting in the validation error. This requeries the database and retries the rest of the work.
- Loading branch information
Showing
2 changed files
with
47 additions
and
25 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -71,29 +71,46 @@ | |
| expect { authenticated_session.save }.not_to change(AuthenticationMethod, :count) | ||
| end | ||
| end | ||
| end | ||
|
|
||
| context "and the correct otp is provided" do | ||
| let(:one_time_password) { "123456" } | ||
| context "when a race condition caused the authentication method was created in another thread" do | ||
| let(:authentication_method) { nil } | ||
|
|
||
| it "reloads the authentication method and tries again" do | ||
| sad_authentication_method = instance_double(AuthenticationMethod) | ||
| allow(sad_authentication_method).to receive(:send_one_time_password!).with(space).and_raise(ActiveRecord::RecordInvalid) | ||
| happy_authentication_method = instance_double(AuthenticationMethod) | ||
| allow(happy_authentication_method).to receive(:send_one_time_password!).with(space) | ||
| allow(AuthenticationMethod).to receive(:find_or_initialize_by).with(contact_method: :email, contact_location: "[email protected]").and_return(sad_authentication_method, happy_authentication_method) | ||
|
|
||
| before do | ||
| allow(authentication_method).to receive(:verify?) | ||
| .with(one_time_password).and_return(true) | ||
| authenticated_session.save | ||
|
|
||
| allow(authentication_method).to receive(:person) | ||
| .and_return(build_stubbed(:person, id: SecureRandom.uuid)) | ||
| expect(sad_authentication_method).to have_received(:send_one_time_password!).with(space) | ||
| expect(happy_authentication_method).to have_received(:send_one_time_password!).with(space) | ||
| end | ||
| end | ||
|
|
||
| it "confirms the authentication method" do | ||
| authenticated_session.save | ||
| context "and the correct otp is provided" do | ||
| let(:one_time_password) { "123456" } | ||
|
|
||
| expect(authentication_method).to have_received(:confirm!) | ||
| end | ||
| before do | ||
| allow(authentication_method).to receive(:verify?) | ||
| .with(one_time_password).and_return(true) | ||
|
|
||
| it "populates the persons id in the session" do | ||
| authenticated_session.save | ||
| allow(authentication_method).to receive(:person) | ||
| .and_return(build_stubbed(:person, id: SecureRandom.uuid)) | ||
| end | ||
|
|
||
| expect(session[:person_id]).to eql(authentication_method.person.id) | ||
| it "confirms the authentication method" do | ||
| authenticated_session.save | ||
|
|
||
| expect(authentication_method).to have_received(:confirm!) | ||
| end | ||
|
|
||
| it "populates the persons id in the session" do | ||
| authenticated_session.save | ||
|
|
||
| expect(session[:person_id]).to eql(authentication_method.person.id) | ||
| end | ||
| end | ||
| end | ||
| end | ||
|
|
||