diff --git a/app/controllers/verification/letter_controller.rb b/app/controllers/verification/letter_controller.rb index e302a1bc6..da2491e4c 100644 --- a/app/controllers/verification/letter_controller.rb +++ b/app/controllers/verification/letter_controller.rb @@ -2,6 +2,7 @@ class Verification::LetterController < ApplicationController before_action :authenticate_user! before_action :verify_resident! before_action :verify_phone! + before_action :verify_attemps_left! skip_authorization_check def new @@ -28,6 +29,7 @@ class Verification::LetterController < ApplicationController current_user.update(verified_at: Time.now) redirect_to account_path, notice: t('verification.letter.update.flash.success') else + @letter.increase_letter_verification_tries @error = t('verification.letter.update.error') render :edit end @@ -44,4 +46,10 @@ class Verification::LetterController < ApplicationController redirect_to verified_user_path, alert: t('verification.letter.alert.unconfirmed_code') end end + + def verify_attemps_left! + if current_user.letter_verification_tries >= 2 + redirect_to account_path, alert: t('verification.letter.alert.verify_attemps_left') + end + end end \ No newline at end of file diff --git a/app/models/verification/letter.rb b/app/models/verification/letter.rb index 077890600..a64fe7220 100644 --- a/app/models/verification/letter.rb +++ b/app/models/verification/letter.rb @@ -18,13 +18,17 @@ class Verification::Letter end def letter_requested! - user.update(letter_requested_at: Time.now, letter_verification_code: four_digit_code) + user.update(letter_requested_at: Time.now, letter_verification_code: generate_verification_code) end def verify? user.letter_verification_code == verification_code end + def increase_letter_verification_tries + user.update(letter_verification_tries: user.letter_verification_tries += 1) + end + def update_user_address user.address = Address.new(parsed_address) user.save @@ -50,8 +54,10 @@ class Verification::Letter district: address[:nombre_distrito] } end - def four_digit_code - rand.to_s[2..5] - end + private + + def generate_verification_code + rand.to_s[2..7] + end end diff --git a/app/models/verification/sms.rb b/app/models/verification/sms.rb index f280f115e..7b032661b 100644 --- a/app/models/verification/sms.rb +++ b/app/models/verification/sms.rb @@ -24,7 +24,7 @@ class Verification::Sms end def update_user_phone_information - user.update(unconfirmed_phone: phone, sms_confirmation_code: four_digit_code) + user.update(unconfirmed_phone: phone, sms_confirmation_code: generate_confirmation_code) end def send_sms @@ -41,7 +41,7 @@ class Verification::Sms private - def four_digit_code + def generate_confirmation_code rand.to_s[2..5] end end \ No newline at end of file diff --git a/config/locales/verification.en.yml b/config/locales/verification.en.yml index bcc818d97..3480d5a4c 100644 --- a/config/locales/verification.en.yml +++ b/config/locales/verification.en.yml @@ -83,6 +83,7 @@ en: success: "Correct code. Your account is verified" alert: unconfirmed_code: "You have not yet enter the confirmation code" + verify_attemps_left: "You have reached the maximum number of letter verification tries" verified_user: show: title: "Available information" diff --git a/config/locales/verification.es.yml b/config/locales/verification.es.yml index 75442af5d..e500bc33d 100644 --- a/config/locales/verification.es.yml +++ b/config/locales/verification.es.yml @@ -83,6 +83,7 @@ es: success: "Código correcto. Tu cuenta ya está verificada" alert: unconfirmed_code: "Todavía no has introducido el código de confirmación" + verify_attemps_left: "Has llegado al máximo número de intentos de verificar tu carta." verified_user: show: title: "Información disponible" diff --git a/db/migrate/20150910092713_add_letter_verification_tries_to_users.rb b/db/migrate/20150910092713_add_letter_verification_tries_to_users.rb new file mode 100644 index 000000000..622ce6b2d --- /dev/null +++ b/db/migrate/20150910092713_add_letter_verification_tries_to_users.rb @@ -0,0 +1,5 @@ +class AddLetterVerificationTriesToUsers < ActiveRecord::Migration + def change + add_column :users, :letter_verification_tries, :integer, default: 0 + end +end diff --git a/db/schema.rb b/db/schema.rb index f1b4dfe76..ef952af3b 100644 --- a/db/schema.rb +++ b/db/schema.rb @@ -11,7 +11,7 @@ # # It's strongly recommended that you check this file into your version control system. -ActiveRecord::Schema.define(version: 20150908102936) do +ActiveRecord::Schema.define(version: 20150910092713) do # These are extensions that must be enabled in order to support this database enable_extension "plpgsql" @@ -239,6 +239,7 @@ ActiveRecord::Schema.define(version: 20150908102936) do t.datetime "letter_requested_at" t.datetime "confirmed_hide_at" t.string "letter_verification_code" + t.integer "letter_verification_tries", default: 0 end add_index "users", ["confirmation_token"], name: "index_users_on_confirmation_token", unique: true, using: :btree diff --git a/spec/features/verification/letter_spec.rb b/spec/features/verification/letter_spec.rb index b62ae00f8..eb1392714 100644 --- a/spec/features/verification/letter_spec.rb +++ b/spec/features/verification/letter_spec.rb @@ -76,4 +76,24 @@ feature 'Verify Letter' do expect(URI.parse(current_url).path).to eq(new_sms_path) end + scenario '3 tries allowed' do + user = create(:user, residence_verified_at: Time.now, confirmed_phone: "611111111") + login_as(user) + + visit new_letter_path + click_button 'Send me a letter with the code' + + 3.times do + fill_in 'letter_verification_code', with: "999999" + click_button 'Send' + end + + expect(page).to have_content 'You have reached the maximum number of letter verification tries' + expect(URI.parse(current_url).path).to eq(account_path) + + visit new_letter_path + expect(page).to have_content 'You have reached the maximum number of letter verification tries' + expect(URI.parse(current_url).path).to eq(account_path) + end + end