Log when user is logged out after partially authenticating

app/controllers/users/sessions_controller.rb

@@ -87,6 +87,7 @@ def check_user_needs_redirect
       if user_fully_authenticated?
         redirect_to signed_in_url
       elsif current_user
+        analytics.partial_authentication_log_out
         sign_out
       end
     end

app/services/analytics_events.rb

@@ -2949,6 +2949,13 @@ def otp_phone_validation_failed(error:, context:, country:, **extra)
     )
   end
 
+  def partial_authentication_log_out(**extra)
+    track_event(
+      'Partially authenticated user logged out',
+      **extra,
+    )
+  end
+
   # @param [Boolean] success
   # @param [Hash] errors
   # The user updated their password

spec/controllers/users/sessions_controller_spec.rb

@@ -6,6 +6,13 @@
 
   describe 'GET /users/sign_in' do
     it 'clears the session when user is not yet 2fa-ed' do
+      stub_analytics
+      expect(@analytics).to receive(:track_event).with(
+        'Sign in page visited',
+        flash: nil,
+        stored_location: nil,
+      )
+      expect(@analytics).to receive(:track_event).with('Partially authenticated user logged out')
       sign_in_before_2fa
 
       get :new