You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
83 lines
2.9 KiB
83 lines
2.9 KiB
from unittest.mock import patch
|
|
|
|
from hc.test import BaseTestCase
|
|
|
|
|
|
class AddTotpTestCase(BaseTestCase):
|
|
def setUp(self):
|
|
super().setUp()
|
|
|
|
self.url = "/accounts/two_factor/totp/"
|
|
|
|
def test_it_requires_sudo_mode(self):
|
|
self.client.login(username="[email protected]", password="password")
|
|
|
|
r = self.client.get(self.url)
|
|
self.assertContains(r, "We have sent a confirmation code")
|
|
|
|
def test_it_shows_form(self):
|
|
self.client.login(username="[email protected]", password="password")
|
|
self.set_sudo_flag()
|
|
|
|
r = self.client.get(self.url)
|
|
self.assertContains(r, "Enter the six-digit code")
|
|
|
|
# It should put a "totp_secret" key in the session:
|
|
self.assertIn("totp_secret", self.client.session)
|
|
|
|
@patch("hc.accounts.views.pyotp.totp.TOTP")
|
|
def test_it_adds_totp(self, mock_TOTP):
|
|
mock_TOTP.return_value.verify.return_value = True
|
|
|
|
self.client.login(username="[email protected]", password="password")
|
|
self.set_sudo_flag()
|
|
|
|
payload = {"code": "000000"}
|
|
r = self.client.post(self.url, payload, follow=True)
|
|
self.assertRedirects(r, "/accounts/profile/")
|
|
self.assertContains(r, "Successfully set up the Authenticator app")
|
|
|
|
# totp_secret should be gone from the session:
|
|
self.assertNotIn("totp_secret", self.client.session)
|
|
|
|
self.profile.refresh_from_db()
|
|
self.assertTrue(self.profile.totp)
|
|
self.assertTrue(self.profile.totp_created)
|
|
|
|
@patch("hc.accounts.views.pyotp.totp.TOTP")
|
|
def test_it_handles_wrong_code(self, mock_TOTP):
|
|
mock_TOTP.return_value.verify.return_value = False
|
|
mock_TOTP.return_value.provisioning_uri.return_value = "test-uri"
|
|
|
|
self.client.login(username="[email protected]", password="password")
|
|
self.set_sudo_flag()
|
|
|
|
payload = {"code": "000000"}
|
|
r = self.client.post(self.url, payload, follow=True)
|
|
self.assertContains(r, "The code you entered was incorrect.")
|
|
|
|
self.profile.refresh_from_db()
|
|
self.assertIsNone(self.profile.totp)
|
|
self.assertIsNone(self.profile.totp_created)
|
|
|
|
def test_it_checks_if_totp_already_configured(self):
|
|
self.profile.totp = "0" * 32
|
|
self.profile.save()
|
|
|
|
self.client.login(username="[email protected]", password="password")
|
|
self.set_sudo_flag()
|
|
|
|
r = self.client.get(self.url)
|
|
self.assertEqual(r.status_code, 400)
|
|
|
|
@patch("hc.accounts.views.pyotp.totp.TOTP")
|
|
def test_it_handles_non_numeric_code(self, mock_TOTP):
|
|
mock_TOTP.return_value.verify.return_value = False
|
|
mock_TOTP.return_value.provisioning_uri.return_value = "test-uri"
|
|
|
|
self.client.login(username="[email protected]", password="password")
|
|
self.set_sudo_flag()
|
|
|
|
payload = {"code": "AAAAAA"}
|
|
r = self.client.post(self.url, payload, follow=True)
|
|
self.assertContains(r, "Enter a valid value")
|