Skip to content

Commit

Permalink
- add tests for reset token functionality;
Browse files Browse the repository at this point in the history
- add test to ensure that disable preserves existing token secrets;
- move existing token tests to disable_token for clarity;
  • Loading branch information
strouptl committed Jun 4, 2024
1 parent 0615fb5 commit 45e1017
Show file tree
Hide file tree
Showing 4 changed files with 103 additions and 32 deletions.
53 changes: 53 additions & 0 deletions test/integration/disable_token_test.rb
Original file line number Diff line number Diff line change
@@ -0,0 +1,53 @@
require "test_helper"
require "integration_tests_helper"

class DisableTokenTest < ActionDispatch::IntegrationTest

def setup
# log in 1fa
@user = enable_otp_and_sign_in
assert_equal user_otp_credential_path, current_path

# otp 2fa
fill_in "user_token", with: ROTP::TOTP.new(@user.otp_auth_secret).at(Time.now)
click_button "Submit Token"
assert_equal root_path, current_path
end

def teardown
Capybara.reset_sessions!
end

test "disabling OTP after successfully enabling" do
# disable OTP
disable_otp

assert page.has_content? "Disabled"

# logout
sign_out

# log back in 1fa
sign_user_in(@user)

assert_equal root_path, current_path
end

test "disabling OTP does not reset token secrets" do
# get otp secrets
@user.reload
auth_secret = @user.otp_auth_secret
recovery_secret = @user.otp_recovery_secret

# disable OTP
disable_otp

# compare otp secrets
assert_not_nil @user.otp_auth_secret
assert_equal @user.otp_auth_secret, auth_secret

assert_not_nil @user.otp_recovery_secret
assert_equal @user.otp_recovery_secret, recovery_secret
end

end
45 changes: 45 additions & 0 deletions test/integration/reset_token_test.rb
Original file line number Diff line number Diff line change
@@ -0,0 +1,45 @@
require "test_helper"
require "integration_tests_helper"

class ResetTokenTest < ActionDispatch::IntegrationTest

def setup
# log in 1fa
@user = enable_otp_and_sign_in
assert_equal user_otp_credential_path, current_path

# otp 2fa
fill_in "user_token", with: ROTP::TOTP.new(@user.otp_auth_secret).at(Time.now)
click_button "Submit Token"
assert_equal root_path, current_path
end


def teardown
Capybara.reset_sessions!
end

test "redirects to otp_tokens#edit page" do
reset_otp

assert_equal "/users/otp/token/edit", current_path
end

test "generates new token secrets" do
# get auth secrets
auth_secret = @user.otp_auth_secret
recovery_secret = @user.otp_recovery_secret

# reset otp
reset_otp

# compare auth secrets
@user.reload
assert_not_nil @user.otp_auth_secret
assert_not_equal @user.otp_auth_secret, auth_secret

assert_not_nil @user.otp_recovery_secret
assert_not_equal @user.otp_recovery_secret, recovery_secret
end

end
32 changes: 0 additions & 32 deletions test/integration/token_test.rb

This file was deleted.

5 changes: 5 additions & 0 deletions test/integration_tests_helper.rb
Original file line number Diff line number Diff line change
Expand Up @@ -48,6 +48,11 @@ def disable_otp
click_button "Disable Two-Factor Authentication"
end

def reset_otp
visit user_otp_token_path
click_button "Reset Token Secret"
end

def sign_out
logout :user
end
Expand Down

0 comments on commit 45e1017

Please sign in to comment.