def test_invalid_code(self, client):
user = login_and_verify_user(client)
secret = SecretFactory()
assign_perm("change_secret", user, secret)
response = client.post(
reverse("secret:mfa_setup", kwargs={"pk": secret.pk}),
{"mfa_string": "invalid-otp-code"},
)
secret.refresh_from_db()
assert response.status_code == 200
assert not secret.mfa_string
def test_setup_success(self, client):
mfa_string = "otpauth://totp/Someapp%[email protected]?secret=SNVQHZZUNABGV7DP3M4UI57OH7YZWNFI&algorithm=SHA1&digits=6&period=30&issuer=Someapp" # noqa
user = login_and_verify_user(client)
secret = SecretFactory()
assign_perm("change_secret", user, secret)
response = client.post(
reverse("secret:mfa_setup", kwargs={"pk": secret.pk}),
{"mfa_string": mfa_string})
secret.refresh_from_db()
assert response.status_code == 302
assert response.url == reverse("secret:mfa", kwargs={"pk": secret.pk})
assert secret.mfa_string == mfa_string
def test_success(self, client):
user = login_and_verify_user(client)
secret = SecretFactory()
secret.mfa_string = "test-string"
secret.save()
assign_perm("change_secret", user, secret)
response = client.post(
reverse("secret:mfa_delete", kwargs={"pk": secret.pk}))
secret.refresh_from_db()
assert response.status_code == 302
assert response.url == reverse("secret:mfa", kwargs={"pk": secret.pk})
assert not secret.mfa_string
def test_update_success(self, client):
user = login_and_verify_user(client)
secret = SecretFactory()
assign_perm("change_secret", user, secret)
response = client.post(
reverse("secret:detail", kwargs={"pk": secret.pk}),
{"name": "hello world"})
assert response.status_code == 302
assert response.url == reverse("secret:detail",
kwargs={"pk": secret.pk})
secret.refresh_from_db()
assert secret.name == "hello world"