Skip to content

Fix 2fa redirects to onboarding

Doug Stull requested to merge 424364-fix-2fa-redirect into master

What does this MR do and why?

  • Fix 2fa redirects to onboarding
    • if a user does not finish onboarding and then is associated with a group that has 2fa enabled, they should be able to finish 2fa and not be redirected to onboarding.
  • Finish onboarding if a user has finished the first welcome step, but not the rest and was added to a group or project(mirrors invite flow).
    • Why is this related to the 2fa problem? In #424364 (closed) the case the customer has occurred when 2fa is enforced on the group level, which means the user would be a member as well. The 2fa problem in general needs the redirects fixed as there are other possibilities for 2fa being enforced besides at the group level, but this change will address them all.
  • Reasoning on ordering and solution can be read up more in #424364 (comment 1546142055) and the issue description itself

Screenshots or screen recordings

screen Before add to group After add to group/refresh Next screen
welcome step Screenshot_2023-09-08_at_2.49.34_PM Screenshot_2023-09-08_at_2.50.26_PM Screenshot_2023-09-08_at_2.50.52_PM
company step Screenshot_2023-09-08_at_3.01.09_PM Screenshot_2023-09-08_at_3.05.20_PM Screenshot_2023-09-08_at_3.15.31_PM

How to set up and validate locally

Prerequisites

  1. Setup to simulate SaaS and restart GDK
  2. Enable check_namespace_plan in rails console
    • ApplicationSetting.first.update(check_namespace_plan: true)
  3. Create a group and enforce 2fa setting for the group
  4. After a few minutes, your current account will force you to setup 2fa.
  5. Observe and finish the 2fa verification steps.
    • Fill in password with password
    • Get pin from rails console by finding the user record and then using user.current_otp.
    • Click copy codes and click proceed on next page.

Finish onboarding when user hasn't completed welcome step

  1. Register as a new user and stop at the welcome screen after registration.
  2. As the owner of the created group, add the new user by username.
  3. As the new user, refresh the page.
  4. Observe you are now back on the welcome page w/only 2 dropdowns and a submit button.
  5. Answer and submit that form.
  6. Observe and finish the 2fa verification steps.
    • Fill in password with password
    • Get pin from rails console by finding the user record and then using user.current_otp.
    • Click copy codes and click proceed on next page.
  7. Afterwards you will be on the profile account page.
  8. Compare to master behavior. This should be relatively the same behavior as master to the user, except the before actions for 2fa and welcome will not attempt to redirect each over each other(seen in network tab).

Finish onboarding when user is past welcome step

  1. Register as a new user.
  2. Fill in welcome screen with 'for company' selection and submit.
  3. Stop on the next form.(company form)
  4. As the owner of the created group, add the new user by username.
  5. As the new user, refresh the page.
  6. Observe and finish the 2fa verification steps.
    • Fill in password with password
    • Get pin from rails console by finding the user record and then using user.current_otp.
    • Click copy codes and click proceed on next page.
  7. Afterwards you will be on the profile account page.
  8. Compare to master branch behavior. This is the case where there will be endless redirects between 2fa and company form.

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

Related to #424364 (closed)

Edited by Doug Stull

Merge request reports