rhodecode-enterprise-ce Files · rhodecode/apps/login/tests/test_2fa.py

fix(tests): fixed 2fa tests and password reset broken by accident

super-admin - - Load All Authors

File last commit:

r5367:a11e6ff3 default


                r5369:cab08940

default

Download file

             test_2fa.py
        
                    67 lines
            
             | 2.4 KiB
            
                | text/x-python
            
             |
                PythonLexer
            
             / rhodecode / apps / login / tests / test_2fa.py
          
                    History
                
                 |
                  Annotation
                 | Raw
                 |Copy content
                 |Copy permalink

      import pytest

      from rhodecode.model.meta import Session

      from rhodecode.tests.fixture import Fixture

      from rhodecode.tests.routes import route_path

      from rhodecode.model.settings import SettingsModel

      fixture = Fixture()

      @pytest.mark.usefixtures('app')

      class Test2FA(object):

          @classmethod

          def setup_class(cls):

              cls.password = 'valid-one'

          @classmethod

          def teardown_class(cls):

              SettingsModel().create_or_update_setting('auth_rhodecode_global_2fa', False)

          def test_redirect_to_2fa_setup_if_enabled_for_user(self, user_util):

              user = user_util.create_user(password=self.password)

              user.has_enabled_2fa = True

              self.app.post(

                  route_path('login'),

                  {'username': user.username,

                   'password': self.password})

              response = self.app.get('/')

              assert response.status_code == 302

              assert response.location.endswith(route_path('setup_2fa'))

          def test_redirect_to_2fa_check_if_2fa_configured(self, user_util):

              user = user_util.create_user(password=self.password)

              user.has_enabled_2fa = True

              user.init_secret_2fa()

              Session().add(user)

              Session().commit()

              self.app.post(

                  route_path('login'),

                  {'username': user.username,

                   'password': self.password})

              response = self.app.get('/')

              assert response.status_code == 302

              assert response.location.endswith(route_path('check_2fa'))

          def test_2fa_recovery_codes_works_only_once(self, user_util):

              user = user_util.create_user(password=self.password)

              user.has_enabled_2fa = True

              user.init_secret_2fa()

              recovery_cod_to_check = user.init_2fa_recovery_codes()[0]

              Session().add(user)

              Session().commit()

              self.app.post(

                  route_path('login'),

                  {'username': user.username,

                   'password': self.password})

              response = self.app.post(route_path('check_2fa'), {'totp': recovery_cod_to_check})

              assert response.status_code == 302

              response = self.app.post(route_path('check_2fa'), {'totp': recovery_cod_to_check})

              response.mustcontain('Code is invalid. Try again!')

          def test_2fa_state_when_forced_by_admin(self, user_util):

              user = user_util.create_user(password=self.password)

              user.has_enabled_2fa = False

              SettingsModel().create_or_update_setting('auth_rhodecode_global_2fa', True)

              assert user.has_enabled_2fa

	Site-wide shortcuts
/	Use quick search box
g h	Goto home page
g g	Goto my private gists page
g G	Goto my public gists page
g 0-9	Goto bookmarked items from 0-9
n r	New repository page
n g	New gist page

	Repositories
g s	Goto summary page
g c	Goto changelog page
g f	Goto files page
g F	Goto files page with file search activated
g p	Goto pull requests page
g o	Goto repository settings
g O	Goto repository access permissions settings
t s	Toggle sidebar on some pages

				import pytest

				from rhodecode.model.meta import Session
				from rhodecode.tests.fixture import Fixture
				from rhodecode.tests.routes import route_path
				from rhodecode.model.settings import SettingsModel

				fixture = Fixture()


				@pytest.mark.usefixtures('app')
				class Test2FA(object):
				@classmethod
				def setup_class(cls):
				cls.password = 'valid-one'

				@classmethod
				def teardown_class(cls):
				SettingsModel().create_or_update_setting('auth_rhodecode_global_2fa', False)

				def test_redirect_to_2fa_setup_if_enabled_for_user(self, user_util):
				user = user_util.create_user(password=self.password)
				user.has_enabled_2fa = True
				self.app.post(
				route_path('login'),
				{'username': user.username,
				'password': self.password})

				response = self.app.get('/')
				assert response.status_code == 302
				assert response.location.endswith(route_path('setup_2fa'))

				def test_redirect_to_2fa_check_if_2fa_configured(self, user_util):
				user = user_util.create_user(password=self.password)
				user.has_enabled_2fa = True
				user.init_secret_2fa()
				Session().add(user)
				Session().commit()
				self.app.post(
				route_path('login'),
				{'username': user.username,
				'password': self.password})
				response = self.app.get('/')
				assert response.status_code == 302
				assert response.location.endswith(route_path('check_2fa'))

				def test_2fa_recovery_codes_works_only_once(self, user_util):
				user = user_util.create_user(password=self.password)
				user.has_enabled_2fa = True
				user.init_secret_2fa()
				recovery_cod_to_check = user.init_2fa_recovery_codes()[0]
				Session().add(user)
				Session().commit()
				self.app.post(
				route_path('login'),
				{'username': user.username,
				'password': self.password})
				response = self.app.post(route_path('check_2fa'), {'totp': recovery_cod_to_check})
				assert response.status_code == 302
				response = self.app.post(route_path('check_2fa'), {'totp': recovery_cod_to_check})
				response.mustcontain('Code is invalid. Try again!')

				def test_2fa_state_when_forced_by_admin(self, user_util):
				user = user_util.create_user(password=self.password)
				user.has_enabled_2fa = False
				SettingsModel().create_or_update_setting('auth_rhodecode_global_2fa', True)
				assert user.has_enabled_2fa