diff options
| author | lain <lain@soykaf.club> | 2020-05-07 08:14:54 +0000 |
|---|---|---|
| committer | lain <lain@soykaf.club> | 2020-05-07 08:14:54 +0000 |
| commit | f4c2bf0985f3d65d9caa6f02a71c89db9f070fb1 (patch) | |
| tree | a7f4ece6dcd0a534b464e455fa382d3ebd8f4d07 /test/web/auth/totp_authenticator_test.exs | |
| parent | 68a126317d7cdd670c8e244319da08ff85639d33 (diff) | |
| parent | 3d0c567fbc3506770fdac5f1269c45b244928747 (diff) | |
| download | pleroma-f4c2bf0985f3d65d9caa6f02a71c89db9f070fb1.tar.gz pleroma-f4c2bf0985f3d65d9caa6f02a71c89db9f070fb1.zip | |
Merge branch 'issue/209' into 'develop'
[#209] 2FA/two_factor_authentication support
See merge request pleroma/pleroma!801
Diffstat (limited to 'test/web/auth/totp_authenticator_test.exs')
| -rw-r--r-- | test/web/auth/totp_authenticator_test.exs | 51 |
1 files changed, 51 insertions, 0 deletions
diff --git a/test/web/auth/totp_authenticator_test.exs b/test/web/auth/totp_authenticator_test.exs new file mode 100644 index 000000000..e08069490 --- /dev/null +++ b/test/web/auth/totp_authenticator_test.exs @@ -0,0 +1,51 @@ +# Pleroma: A lightweight social networking server +# Copyright © 2017-2019 Pleroma Authors <https://pleroma.social/> +# SPDX-License-Identifier: AGPL-3.0-only + +defmodule Pleroma.Web.Auth.TOTPAuthenticatorTest do + use Pleroma.Web.ConnCase + + alias Pleroma.MFA + alias Pleroma.MFA.BackupCodes + alias Pleroma.MFA.TOTP + alias Pleroma.Web.Auth.TOTPAuthenticator + + import Pleroma.Factory + + test "verify token" do + otp_secret = TOTP.generate_secret() + otp_token = TOTP.generate_token(otp_secret) + + user = + insert(:user, + multi_factor_authentication_settings: %MFA.Settings{ + enabled: true, + totp: %MFA.Settings.TOTP{secret: otp_secret, confirmed: true} + } + ) + + assert TOTPAuthenticator.verify(otp_token, user) == {:ok, :pass} + assert TOTPAuthenticator.verify(nil, user) == {:error, :invalid_token} + assert TOTPAuthenticator.verify("", user) == {:error, :invalid_token} + end + + test "checks backup codes" do + [code | _] = backup_codes = BackupCodes.generate() + + hashed_codes = + backup_codes + |> Enum.map(&Comeonin.Pbkdf2.hashpwsalt(&1)) + + user = + insert(:user, + multi_factor_authentication_settings: %MFA.Settings{ + enabled: true, + backup_codes: hashed_codes, + totp: %MFA.Settings.TOTP{secret: "otp_secret", confirmed: true} + } + ) + + assert TOTPAuthenticator.verify_recovery_code(user, code) == {:ok, :pass} + refute TOTPAuthenticator.verify_recovery_code(code, refresh_record(user)) == {:ok, :pass} + end +end |