LG-1344 Fix account reset for users with 1 MFA (ie no personal key) (#…

…2981)
18F · May 30, 2019 · 229237f · 229237f
1 parent acf15c1
commit 229237f
Show file tree

Hide file tree

Showing 2 changed files with 4 additions and 4 deletions.
diff --git a/app/controllers/account_reset/request_controller.rb b/app/controllers/account_reset/request_controller.rb
@@ -2,7 +2,7 @@ module AccountReset
   class RequestController < ApplicationController
     include TwoFactorAuthenticatable
 
-    before_action :confirm_multiple_factors_enabled
+    before_action :confirm_two_factor_enabled
     before_action :confirm_user_not_verified
 
     def show
@@ -18,8 +18,8 @@ def create
 
     private
 
-    def confirm_multiple_factors_enabled
-      return if multiple_factors_enabled?
+    def confirm_two_factor_enabled
+      return if MfaPolicy.new(current_user).two_factor_enabled?
 
       redirect_to two_factor_options_url
     end

diff --git a/spec/controllers/account_reset/request_controller_spec.rb b/spec/controllers/account_reset/request_controller_spec.rb
@@ -1,7 +1,7 @@
 require 'rails_helper'
 
 describe AccountReset::RequestController do
-  let(:user) { create(:user, :with_authentication_app, :with_backup_code, :with_email) }
+  let(:user) { create(:user, :with_authentication_app, :with_email) }
   describe '#show' do
     it 'renders the page' do
       stub_sign_in_before_2fa(user)