NoMethodError in Devise::TwoFactorAuthenticationController#update

[robertliuling]

Hi,

I'm receiving this error message when I try to test entering a wrong code, any thoughts?

NoMethodError in Devise::TwoFactorAuthenticationController#update
undefined method `find_message' for #Devise::TwoFactorAuthenticationController:0x007f8f0e051eb0

Or is it possible to generate the controller or views and modify them like Devise does?

Thanks,

[Houdini]

I suppose this is because your otp_secret_key is nil.
Try to update to new version and put condition like this:

  def need_two_factor_authentication?(request)
    not otp_secret_key.nil?
  end

Please also check example: https://github.com/Houdini/TwoFactorAuthenticationExample

Close this issue for now.
If you have any question, please open it again

[robertliuling]

Hi,

I added this snippet to the user model, restarted the server, and i still have the same error message. This is only happening when i type in the wrong code (correct code works, 3 try lock the user are all working).

I'm assuming the redirection logic when wrong code entered?

[robertliuling]

Also i have version 1.1

[Houdini]

Hello, could you be more specific in how to get this error?
Could you receive this error with example project, linked above?

[robertliuling]

So first login screen is my own traditional login with user name and password, and once it's verified, it goes to the two_factor_authentication page which asking for the 6 digit code. I enter a wrong code by purpose, and that's when i got the error. The error was from update action in TwoFactorAuthenticationController.

I have a regular user controller/admin user controller, and users table and admin_users table. Have you tested with this scenario?
Because when I look at your source code TwoFactorAuthenticationController: I see the following code, the lasts "render :show" is where the error coming from:

def update
render :show and return if params[:code].nil?

if resource.authenticate_otp(params[:code])
  warden.session(resource_name)[:need_two_factor_authentication] = false
  sign_in resource_name, resource, :bypass => true
  set_flash_message :notice, :success
  redirect_to stored_location_for(resource_name) || :root
  resource.update_attribute(:second_factor_attempts_count, 0)
else
  resource.second_factor_attempts_count += 1
  resource.save
  flash.now[:error] = find_message(:attempt_failed)
  if resource.max_login_attempts?
    sign_out(resource)
    render :max_login_attempts_reached
  else
    render :show
  end
end

end

[robertliuling]

some details from the log, the error happened after updating the second_factor_attempts_count:

---

Started PUT "/admin_users/two_factor_authentication" for 127.0.0.1 at 2014-04-21 10:14:56 -0400
Processing by Devise::TwoFactorAuthenticationController#update as HTML
Parameters: {"utf8"=>"✓", "authenticity_token"=>"NE1vUe6rAeX+3gYBt8RqZDs3WTDOZ7H3TLtoD4y3tvs=", "code"=>"111111", "commit"=>"Submit"}
AdminUser Load (0.3ms) SELECT admin_users.* FROM admin_users WHERE admin_users.id = 4 LIMIT 1
(0.1ms) BEGIN
(0.3ms) UPDATE admin_users SET second_factor_attempts_count = 1, updated_at = '2014-04-21 14:14:56' WHERE admin_users.id = 4
(0.4ms) COMMIT
Completed 500 Internal Server Error in 9ms

---

A NoMethodError occurred in two_factor_authentication#update:

undefined method find_message' for #<Devise::TwoFactorAuthenticationController:0x007f8f13e53018> two_factor_authentication (1.1) app/controllers/devise/two_factor_authentication_controller.rb:20:inupdate

[robertliuling]

Problem resolved. It's the devise version 2.2.3 doesn't have find_message function defined, 2.2.4 and above does. Upgraded to version 2.2.8, works fine now.

Thanks again for all the help.

[atroutt]

I am still using devise 2.1.3 and don't want to deal with updgrading right now, so I made a fork that doesn't use find_message. https://github.com/appRenaissance/two_factor_authentication