diff options
author | Azul <azul@leap.se> | 2013-07-12 09:30:24 +0200 |
---|---|---|
committer | Azul <azul@leap.se> | 2013-07-12 09:34:37 +0200 |
commit | cc32ad53286c2c03c88cb55713565c2930796024 (patch) | |
tree | a0607255751f11f580ede5bf69b0e3375cd2cea2 /users | |
parent | 76e36080ed56c33f220509bd67a3693bf9d7567b (diff) |
remove test for duplicate login - we'll prevent that on the client side
SRP happens in two steps:
* handshake
* validation
During the validation we delete the handshake data from the session. So a second validation does not really work. It could build upon the first one but it would not be able to send M2 to the client.
So instead of trying to do sth. usefull when two validation requests are send we require the client to only send one.
Diffstat (limited to 'users')
-rw-r--r-- | users/test/integration/api/account_flow_test.rb | 8 |
1 files changed, 0 insertions, 8 deletions
diff --git a/users/test/integration/api/account_flow_test.rb b/users/test/integration/api/account_flow_test.rb index d4360de..f5cb0b1 100644 --- a/users/test/integration/api/account_flow_test.rb +++ b/users/test/integration/api/account_flow_test.rb @@ -55,14 +55,6 @@ class AccountFlowTest < RackTest assert server_auth["M2"] end - test "duplicate login does not break things" do - server_auth = @srp.authenticate(self) - server_auth = @srp.authenticate(self) - assert last_response.successful? - assert_nil server_auth["errors"] - assert server_auth["M2"] - end - test "signup and wrong password login attempt" do srp = SRP::Client.new @login, :password => "wrong password" server_auth = srp.authenticate(self) |