Remove the ip check from the captcha challenge check

The IP check is not working as expected, this MR removes it Changelog: changed MR: EE: true

Remove the ip check from the captcha challenge check
The IP check is not working as expected, this MR removes it Changelog: changed MR: EE: true
fbd1778d · mc_rocha · 32696c54 · fbd1778d · fbd1778d · fbd1778d
Commit fbd1778d authored Apr 06, 2022 by mc_rocha
3 changed files
--- a/ee/app/services/users/captcha_challenge_service.rb
+++ b/ee/app/services/users/captcha_challenge_service.rb
 # frozen_string_literal: true
 module Users
  class CaptchaChallengeService
-    attr_reader :user, :request_ip
+    attr_reader :user

-    def initialize(user, request_ip)
+    def initialize(user)
      @user = user
-      @request_ip = request_ip
    end

    def execute
      return { result: false } unless Feature.enabled?(:arkose_labs_login_challenge, default_enabled: :yaml)

-      if never_logged_before? || too_many_login_failures || not_logged_in_past_months || last_login_from_different_ip
+      if never_logged_before? || too_many_login_failures || not_logged_in_past_months
        return { result: true }
      end

@@ -31,9 +30,5 @@ module Users
    def not_logged_in_past_months
      user.last_sign_in_at <= Date.today - 3.months
    end
-
-    def last_login_from_different_ip
-      user.last_sign_in_ip != request_ip
-    end
  end
 end
--- a/ee/lib/api/captcha_check.rb
+++ b/ee/lib/api/captcha_check.rb
@@ -26,7 +26,7 @@ module API
        else
          user = ::User.by_login(params[:username])
          not_found! 'User' unless user
-          present(::Users::CaptchaChallengeService.new(user, ip_address).execute, with: Entities::CaptchaCheck)
+          present(::Users::CaptchaChallengeService.new(user).execute, with: Entities::CaptchaCheck)
        end
      end
    end

--- a/ee/spec/services/users/captcha_challenge_service_spec.rb
+++ b/ee/spec/services/users/captcha_challenge_service_spec.rb
@@ -5,12 +5,11 @@ require 'spec_helper'
 RSpec.describe Users::CaptchaChallengeService do
  describe '#execute' do
    let_it_be_with_reload(:user) { create(:user) }
-    let_it_be(:request_ip) { '127.0.0.1' }

    let(:should_challenge?) { true }
    let(:result) { { result: should_challenge? } }

-    subject { Users::CaptchaChallengeService.new(user, request_ip).execute }
+    subject { Users::CaptchaChallengeService.new(user).execute }

    context 'when feature flag arkose_labs_login_challenge is disabled' do
      let(:should_challenge?) { false }
@@ -52,36 +51,14 @@ RSpec.describe Users::CaptchaChallengeService do
        it { is_expected.to eq(result) }
      end

-      context 'when the IP address on this login attempt is different than the last successful login' do
-        before do
-          user.last_sign_in_ip = '192.168.1.1'
-        end
-
-        it { is_expected.to eq(result) }
-      end
-
      context 'when the user has logged in previously in less than 3 months' do
        before do
          user.last_sign_in_at = Date.today - 2.months
        end

-        context 'when the IP address on this login attempt is the same than the last successful login' do
-          let(:should_challenge?) { false }
+        let(:should_challenge?) { false }

-          before do
-            user.last_sign_in_ip = request_ip
-          end
-
-          it { is_expected.to eq(result) }
-        end
-
-        context 'when The IP address on this login attempt is different than the last successful login' do
-          before do
-            user.last_sign_in_ip = '192.168.1.1'
-          end
-
-          it { is_expected.to eq(result) }
-        end
+        it { is_expected.to eq(result) }
      end
    end
  end