diff options
author | Jesse Hallam <jesse.hallam@gmail.com> | 2018-02-05 10:54:13 -0500 |
---|---|---|
committer | Harrison Healey <harrisonmhealey@gmail.com> | 2018-02-05 10:54:13 -0500 |
commit | 81e67f8759aaa069117dadfcfec8819649f6590b (patch) | |
tree | 33b135ae823b993b9df359e0f39d59414fb71f7e /vendor/github.com/dgryski/dgoogauth | |
parent | 45e572870de7a8481c3183fcd59a96fdda4cb723 (diff) | |
download | chat-81e67f8759aaa069117dadfcfec8819649f6590b.tar.gz chat-81e67f8759aaa069117dadfcfec8819649f6590b.tar.bz2 chat-81e67f8759aaa069117dadfcfec8819649f6590b.zip |
ABC-179: check email verification last (#8172)
* ABC-179: check email verification last
This change changes the authentication checks to be:
* "preflight checks"
** mfa
** not disabled
** login attempts
* password
* "postflight checks"
** email verified
Checking whether the email is verified or not last avoids the weird edge
case where entering any bogus password for an account with an unverified
email shows a message about verifying the email and offering to resend.
* fix invalid unit test assertion
Client.CreateUser returns a user whose password has been sanitized.
Adopt the pattern in the previous assertions to use a new variable name
and test the password on the original model.User object. This didn't
expose any underlying broken behaviour, but the test wouldn't have
caught it if it had regressed.
Also fix a minor typo.
Diffstat (limited to 'vendor/github.com/dgryski/dgoogauth')
0 files changed, 0 insertions, 0 deletions