18F · jc-gsa · Nov 22, 2023 · Nov 20, 2023 · Nov 20, 2023 · Nov 20, 2023
diff --git a/app/presenters/two_factor_login_options_presenter.rb b/app/presenters/two_factor_login_options_presenter.rb
@@ -28,11 +28,19 @@ def title
   end
 
   def heading
-    t('two_factor_authentication.login_options_title')
+    if reauthentication_context?
+      t('two_factor_authentication.login_options_reauthentication_title')
+    else
+      t('two_factor_authentication.login_options_title')
+    end
   end
 
   def info
-    t('two_factor_authentication.login_intro')
+    if reauthentication_context?
+      t('two_factor_authentication.login_intro_reauthentication')
+    else
+      t('two_factor_authentication.login_intro')
+    end
   end
 
   def restricted_options_warning_text
@@ -77,7 +85,7 @@ def account_reset_or_cancel_link
   end
 
   def cancel_link
-    if @reauthentication_context
+    if reauthentication_context?
       account_path
     else
       sign_out_path

diff --git a/config/locales/two_factor_authentication/en.yml b/config/locales/two_factor_authentication/en.yml
@@ -46,6 +46,9 @@ en:
       authentication method.
     learn_more: Learn more about authentication options
     login_intro: You set these up when you created your account.
+    login_intro_reauthentication: Before you can make changes to your account, we
+      need to make sure it’s really you by using one of your authentication
+      methods.
     login_options:
       auth_app: Authentication app
       auth_app_info: Use your authentication application to get a security code.
@@ -66,6 +69,7 @@ en:
       webauthn_platform_info: Use your face or fingerprint to access your account
         without a one-time code.
     login_options_link_text: Choose another authentication method
+    login_options_reauthentication_title: Reauthentication required
     login_options_title: Select your authentication method
     max_backup_code_login_attempts_reached: For your security, your account is
       temporarily locked because you have entered the backup code incorrectly

diff --git a/config/locales/two_factor_authentication/es.yml b/config/locales/two_factor_authentication/es.yml
@@ -47,6 +47,9 @@ es:
       otro método de autenticación.
     learn_more: Más información sobre las opciones de autenticación.
     login_intro: Usted configuró esto cuando creó su cuenta.
+    login_intro_reauthentication: Antes de que pueda realizar cambios en su cuenta,
+      debemos confirmar su identidad mediante uno de sus métodos de
+      autenticación.
     login_options:
       auth_app: Aplicación de autenticación
       auth_app_info: Use su aplicación de autenticación para obtener el código de seguridad.
@@ -71,6 +74,7 @@ es:
       webauthn_platform_info: Use la cara o la huella digital para acceder a su cuenta
         sin un código de un solo uso.
     login_options_link_text: Elige otra opción de seguridad
+    login_options_reauthentication_title: Se requiere reautenticación
     login_options_title: Seleccione su opción de seguridad
     max_backup_code_login_attempts_reached: Para su seguridad, su cuenta está
       bloqueada temporalmente porque ha ingresado el código de respaldo

diff --git a/config/locales/two_factor_authentication/fr.yml b/config/locales/two_factor_authentication/fr.yml
@@ -51,6 +51,9 @@ fr:
       choisissez une autre méthode d’authentification.
     learn_more: En savoir plus sur les options d’authentification
     login_intro: Vous les avez configurés lorsque vous avez crée votre compte.
+    login_intro_reauthentication: Avant que vous puissiez apporter des modifications
+      à votre compte, nous devons nous assurer qu’il s’agit bien de vous en
+      utilisant l’une de vos méthodes d’authentification.
     login_options:
       auth_app: Application d’authentification
       auth_app_info: Utilisez votre application d’authentification pour obtenir votre
@@ -75,6 +78,7 @@ fr:
       webauthn_platform_info: Utilisez votre visage ou votre empreinte digitale pour
         accéder à votre compte sans code à usage unique.
     login_options_link_text: Choisissez une autre option de sécurité
+    login_options_reauthentication_title: Réauthentification requise
     login_options_title: Sélectionnez votre option de sécurité
     max_backup_code_login_attempts_reached: Pour votre sécurité, votre compte est
       temporairement verrouillé car vous avez saisi trop de fois le code de

diff --git a/spec/presenters/two_factor_login_options_presenter_spec.rb b/spec/presenters/two_factor_login_options_presenter_spec.rb
@@ -26,9 +26,32 @@
       t('two_factor_authentication.login_options_title')
   end
 
-  it 'supplies a heading' do
-    expect(presenter.heading).to eq \
-      t('two_factor_authentication.login_options_title')
+  describe '#heading' do
+    subject { presenter.heading }
+
+    context 'default user session context' do
+      it { should eq t('two_factor_authentication.login_options_title') }
+    end
+
+    context 'reauthentication user session context' do
+      let(:reauthentication_context) { true }
+
+      it { should eq t('two_factor_authentication.login_options_reauthentication_title') }
+    end
+  end
+
+  describe '#info' do
+    subject { presenter.info }
+
+    context 'default user session context' do
+      it { should eq t('two_factor_authentication.login_intro') }
+    end
+
+    context 'reauthentication user session context' do
+      let(:reauthentication_context) { true }
+
+      it { should eq t('two_factor_authentication.login_intro_reauthentication') }
+    end
   end
 
   it 'supplies a cancel link when the token is valid' do

diff --git a/spec/views/two_factor_authentication/options/index.html.erb_spec.rb b/spec/views/two_factor_authentication/options/index.html.erb_spec.rb
@@ -4,6 +4,7 @@
   let(:user) { User.new }
   let(:phishing_resistant_required) { false }
   let(:piv_cac_required) { false }
+  let(:reauthentication_context) { false }
 
   before do
     allow(view).to receive(:user_session).and_return({})
@@ -12,7 +13,7 @@
     @presenter = TwoFactorLoginOptionsPresenter.new(
       user: user,
       view: view,
-      reauthentication_context: false,
+      reauthentication_context: reauthentication_context,
       service_provider: nil,
       phishing_resistant_required: phishing_resistant_required,
       piv_cac_required: piv_cac_required,
@@ -35,6 +36,13 @@
       t('two_factor_authentication.login_options_title')
   end
 
+  it 'has a localized intro text' do
+    render
+
+    expect(rendered).to have_content \
+      t('two_factor_authentication.login_intro')
+  end
+
   it 'has a cancel link' do
     render
 
@@ -97,4 +105,22 @@
       )
     end
   end
+
+  context 'with context reauthentication' do
+    let(:reauthentication_context) { true }
+
+    it 'has a localized heading' do
+      render
+
+      expect(rendered).to have_content \
+        t('two_factor_authentication.login_options_reauthentication_title')
+    end
+
+    it 'has a localized intro text' do
+      render
+
+      expect(rendered).to have_content \
+        t('two_factor_authentication.login_intro_reauthentication')
+    end
+  end
 end