diff --git a/app/controllers/users/sessions_controller.rb b/app/controllers/users/sessions_controller.rb index ffc8d858bc0..159e784baf2 100644 --- a/app/controllers/users/sessions_controller.rb +++ b/app/controllers/users/sessions_controller.rb @@ -176,7 +176,6 @@ def track_authentication_attempt(email) bad_password_count: session[:bad_password_count].to_i, sp_request_url_present: sp_session[:request_url].present?, remember_device: remember_device_cookie.present?, - new_device: success ? new_device? : nil, ) end diff --git a/app/services/analytics_events.rb b/app/services/analytics_events.rb index bb396286a23..c91a7b7747b 100644 --- a/app/services/analytics_events.rb +++ b/app/services/analytics_events.rb @@ -404,8 +404,6 @@ def edit_password_visit # @param [String] bad_password_count represents number of prior login failures # @param [Boolean] sp_request_url_present if was an SP request URL in the session # @param [Boolean] remember_device if the remember device cookie was present - # @param [Boolean, nil] new_device Whether the user is authenticating from a new device. Nil if - # there is the attempt was unsuccessful, since it cannot be known whether it's a new device. # Tracks authentication attempts at the email/password screen def email_and_password_auth( success:, @@ -415,7 +413,6 @@ def email_and_password_auth( bad_password_count:, sp_request_url_present:, remember_device:, - new_device:, **extra ) track_event( @@ -427,7 +424,6 @@ def email_and_password_auth( bad_password_count:, sp_request_url_present:, remember_device:, - new_device:, **extra, ) end diff --git a/spec/controllers/users/sessions_controller_spec.rb b/spec/controllers/users/sessions_controller_spec.rb index ad235ebe656..c22af06d3bd 100644 --- a/spec/controllers/users/sessions_controller_spec.rb +++ b/spec/controllers/users/sessions_controller_spec.rb @@ -57,7 +57,6 @@ bad_password_count: 0, sp_request_url_present: false, remember_device: false, - new_device: true, ) end @@ -114,24 +113,6 @@ response end - - it 'tracks as not being from a new device' do - stub_analytics - - response - - expect(@analytics).to have_logged_event( - 'Email and Password Authentication', - success: true, - user_id: user.uuid, - user_locked_out: false, - valid_captcha_result: true, - bad_password_count: 0, - sp_request_url_present: false, - remember_device: false, - new_device: false, - ) - end end end @@ -169,12 +150,7 @@ user = create(:user, :fully_registered) stub_analytics - expect(SCrypt::Engine).to receive(:hash_secret).once.and_call_original - - post :create, params: { user: { email: user.email.upcase, password: 'invalid_password' } } - - expect(@analytics).to have_logged_event( - 'Email and Password Authentication', + analytics_hash = { success: false, user_id: user.uuid, user_locked_out: false, @@ -182,19 +158,19 @@ bad_password_count: 1, sp_request_url_present: false, remember_device: false, - new_device: nil, - ) + } + expect(SCrypt::Engine).to receive(:hash_secret).once.and_call_original + + expect(@analytics).to receive(:track_event). + with('Email and Password Authentication', analytics_hash) + + post :create, params: { user: { email: user.email.upcase, password: 'invalid_password' } } expect(subject.session[:sign_in_flow]).to eq(:sign_in) end it 'tracks the authentication attempt for nonexistent user' do stub_analytics - expect(SCrypt::Engine).to receive(:hash_secret).once.and_call_original - - post :create, params: { user: { email: 'foo@example.com', password: 'password' } } - - expect(@analytics).to have_logged_event( - 'Email and Password Authentication', + analytics_hash = { success: false, user_id: 'anonymous-uuid', user_locked_out: false, @@ -202,8 +178,13 @@ bad_password_count: 1, sp_request_url_present: false, remember_device: false, - new_device: nil, - ) + } + expect(SCrypt::Engine).to receive(:hash_secret).once.and_call_original + + expect(@analytics).to receive(:track_event). + with('Email and Password Authentication', analytics_hash) + + post :create, params: { user: { email: 'foo@example.com', password: 'password' } } end it 'tracks unsuccessful authentication for locked out user' do @@ -214,11 +195,7 @@ ) stub_analytics - - post :create, params: { user: { email: user.email.upcase, password: user.password } } - - expect(@analytics).to have_logged_event( - 'Email and Password Authentication', + analytics_hash = { success: false, user_id: user.uuid, user_locked_out: true, @@ -226,8 +203,12 @@ bad_password_count: 0, sp_request_url_present: false, remember_device: false, - new_device: nil, - ) + } + + expect(@analytics).to receive(:track_event). + with('Email and Password Authentication', analytics_hash) + + post :create, params: { user: { email: user.email.upcase, password: user.password } } end it 'tracks unsuccessful authentication for failed reCAPTCHA' do @@ -248,7 +229,6 @@ valid_captcha_result: false, bad_password_count: 0, remember_device: false, - new_device: nil, sp_request_url_present: false, ) end @@ -261,10 +241,7 @@ stub_analytics - post :create, params: { user: { email: user.email.upcase, password: 'invalid' } } - post :create, params: { user: { email: user.email.upcase, password: 'invalid' } } - expect(@analytics).to have_logged_event( - 'Email and Password Authentication', + analytics_hash = { success: false, user_id: user.uuid, user_locked_out: false, @@ -272,18 +249,18 @@ bad_password_count: 2, sp_request_url_present: false, remember_device: false, - new_device: nil, - ) + } + + post :create, params: { user: { email: user.email.upcase, password: 'invalid' } } + expect(@analytics).to receive(:track_event). + with('Email and Password Authentication', analytics_hash) + post :create, params: { user: { email: user.email.upcase, password: 'invalid' } } end it 'tracks the presence of SP request_url in session' do subject.session[:sp] = { request_url: mock_valid_site } stub_analytics - - post :create, params: { user: { email: 'foo@example.com', password: 'password' } } - - expect(@analytics).to have_logged_event( - 'Email and Password Authentication', + analytics_hash = { success: false, user_id: 'anonymous-uuid', user_locked_out: false, @@ -291,8 +268,12 @@ bad_password_count: 1, sp_request_url_present: true, remember_device: false, - new_device: nil, - ) + } + + expect(@analytics).to receive(:track_event). + with('Email and Password Authentication', analytics_hash) + + post :create, params: { user: { email: 'foo@example.com', password: 'password' } } end context 'IAL1 user' do @@ -450,11 +431,7 @@ ) stub_analytics - - post :create, params: { user: { email: user.email, password: user.password } } - - expect(@analytics).to have_logged_event( - 'Email and Password Authentication', + analytics_hash = { success: true, user_id: user.uuid, user_locked_out: false, @@ -462,12 +439,19 @@ bad_password_count: 0, sp_request_url_present: false, remember_device: false, - new_device: true, - ) - expect(@analytics).to have_logged_event( - 'Profile Encryption: Invalid', + } + + expect(@analytics).to receive(:track_event). + with('Email and Password Authentication', analytics_hash) + + profile_encryption_error = { error: 'Unable to parse encrypted payload', - ) + } + expect(@analytics).to receive(:track_event). + with('Profile Encryption: Invalid', profile_encryption_error) + + post :create, params: { user: { email: user.email, password: user.password } } + expect(controller.user_session[:encrypted_profiles]).to be_nil expect(profile.reload).to_not be_active end @@ -574,11 +558,7 @@ } stub_analytics - - post :create, params: { user: { email: user.email, password: user.password } } - - expect(@analytics).to have_logged_event( - 'Email and Password Authentication', + analytics_hash = { success: true, user_id: user.uuid, user_locked_out: false, @@ -586,8 +566,12 @@ bad_password_count: 0, sp_request_url_present: false, remember_device: true, - new_device: true, - ) + } + + expect(@analytics).to receive(:track_event). + with('Email and Password Authentication', analytics_hash) + + post :create, params: { user: { email: user.email, password: user.password } } end end @@ -600,11 +584,7 @@ } stub_analytics - - post :create, params: { user: { email: user.email, password: user.password } } - - expect(@analytics).to have_logged_event( - 'Email and Password Authentication', + analytics_hash = { success: true, user_id: user.uuid, user_locked_out: false, @@ -612,8 +592,12 @@ bad_password_count: 0, sp_request_url_present: false, remember_device: true, - new_device: true, - ) + } + + expect(@analytics).to receive(:track_event). + with('Email and Password Authentication', analytics_hash) + + post :create, params: { user: { email: user.email, password: user.password } } end end