Review Changes for f4f8a293e7.

test/javascripts/acceptance/password-reset-test.js.es6

@@ -26,16 +26,21 @@ acceptance("Password Reset", {
     });
 
     server.get('/u/confirm-email-token/requiretwofactor.json', () => { //eslint-disable-line
-      return response({success: "OK"});
+      return response({ success: "OK" });
     });
+
     server.put('/u/password-reset/requiretwofactor.json', request => { //eslint-disable-line
       const body = parsePostData(request.requestBody);
       if (body.password === "perf3ctly5ecur3" && body.second_factor_token === "123123") {
-        return response({success: "OK", message: I18n.t('password_reset.success')});
+        return response({ success: "OK", message: I18n.t('password_reset.success') });
       } else if (body.second_factor_token === "123123") {
-        return response({success: false, errors: {password: ["invalid"]}});
+        return response({ success: false, errors: { password: ["invalid"] } });
       } else {
-        return response({success: false, message: "invalid token", errors: {second_factor: ["invalid token"]}});
+        return response({
+          success: false,
+          message: "invalid token",
+          errors: { user_second_factor: ["invalid token"] }
+        });
       }
     });
   }
@@ -75,24 +80,33 @@ QUnit.test("Password Reset Page", assert => {
 });
 
 QUnit.test("Password Reset Page With Second Factor", assert => {
-  PreloadStore.store('password_reset', {is_developer: false, second_factor_required: true});
+  PreloadStore.store('password_reset', {
+    is_developer: false,
+    second_factor_required: true
+  });
 
   visit("/u/password-reset/requiretwofactor");
+
   andThen(() => {
     assert.notOk(exists("#new-account-password"), "does not show the input");
     assert.ok(exists("#second-factor"), "shows the second factor prompt");
   });
 
   fillIn('#second-factor', '0000');
-
   click('.password-reset form button');
+
   andThen(() => {
     assert.ok(exists(".alert-error"), "shows 2 factor error");
-    assert.ok(find(".alert-error").html().indexOf("invalid token") > -1, "server validation error message shows");
+
+    assert.ok(
+      find(".alert-error").html().indexOf("invalid token") > -1,
+      "shows server validation error message"
+    );
   });
 
   fillIn('#second-factor', '123123');
   click('.password-reset form button');
+
   andThen(() => {
     assert.notOk(exists(".alert-error"), "hides error");
     assert.ok(exists("#new-account-password"), "shows the input");
@@ -100,6 +114,7 @@ QUnit.test("Password Reset Page With Second Factor", assert => {
 
   fillIn('.password-reset input', 'perf3ctly5ecur3');
   click('.password-reset form button');
+
   andThen(() => {
     assert.ok(!exists(".password-reset form"), "form is gone");
   });

test/javascripts/acceptance/preferences-test.js.es6

@@ -10,8 +10,15 @@ acceptance("User Preferences", {
       ];
     };
 
-    server.post('/second_factor/create', () => { //eslint-disable-line
-      return response({key: "rcyryaqage3jexfj", qr: '<div id="test-qr">qr-code</div>'});
+    server.post('/u/second_factors.json', () => { //eslint-disable-line
+      return response({
+        key: "rcyryaqage3jexfj",
+        qr: '<div id="test-qr">qr-code</div>'
+      });
+    });
+
+    server.put('/u/second_factor.json', () => { //eslint-disable-line
+      return response({ error: 'invalid token' });
     });
   }
 });
@@ -91,13 +98,26 @@ QUnit.test("email", assert => {
 
 QUnit.test("second factor", assert => {
   visit("/u/eviltrout/preferences/second-factor");
+
   andThen(() => {
     assert.ok(exists("#password"), "it has a password input");
   });
+
   fillIn('#password', 'secrets');
   click(".user-content .btn-primary");
+
   andThen(() => {
     assert.ok(exists("#test-qr"), "shows qr code");
     assert.notOk(exists("#password"), "it hides the password input");
   });
+
+  fillIn("#second-factor-token", '111111');
+  click('.btn-primary');
+
+  andThen(() => {
+    assert.ok(
+      find(".alert-error").html().indexOf("invalid token") > -1,
+      "shows server validation error message"
+    );
+  });
 });

test/javascripts/acceptance/sign-in-test.js.es6

@@ -79,14 +79,15 @@ QUnit.test("sign in - not activated - edit email", assert => {
 QUnit.test("second factor", assert => {
   visit("/");
   click("header .login-button");
+
   andThen(() => {
     assert.ok(exists('.login-modal'), "it shows the login modal");
   });
 
-  // Login with username and password only
   fillIn('#login-account-name', 'eviltrout');
   fillIn('#login-account-password', 'need-second-factor');
   click('.modal-footer .btn-primary');
+
   andThen(() => {
     assert.not(exists('#modal-alert:visible'), 'it hides the login error');
     assert.not(exists('#credentials:visible'), 'it hides the username and password prompt');
@@ -94,9 +95,9 @@ QUnit.test("second factor", assert => {
     assert.not(exists('.modal-footer .btn-primary:disabled'), "enables the login button");
   });
 
-  // Login with username, password, and token
   fillIn('#login-second-factor', '123456');
   click('.modal-footer .btn-primary');
+
   andThen(() => {
     assert.ok(exists('.modal-footer .btn-primary:disabled'), "disables the login button");
   });

test/javascripts/helpers/create-pretender.js.es6

@@ -229,8 +229,9 @@ export default function() {
 
       if (data.password === 'need-second-factor') {
         if (data.second_factor_token) {
-          return response({username: 'eviltrout'});
+          return response({ username: 'eviltrout' });
         }
+
         return response({ error: "Invalid Second Factor",
                           reason: "invalid_second_factor",
                           sent_to_email: 'eviltrout@example.com',