def test_valid_credential_twofactor_valid_otp(self):
user1_addon = self.user1.get_or_add_addon('twofactor')
user1_addon.totp_drift = 1
user1_addon.totp_secret = self.TOTP_SECRET
user1_addon.is_confirmed = True
user1_addon.save()
res = self.app.get(
self.reachable_url, auth=self.user1.auth,
headers={'X-OSF-OTP': _valid_code(self.TOTP_SECRET)}
)
assert_equal(res.status_code, 200)
def test_confirm_code(self):
# Send a valid code to the API endpoint for the user settings.
url = api_url_for('twofactor_settings_put')
res = self.app.put_json(
url, {'code': _valid_code(self.user_settings.totp_secret)},
auth=self.user.auth)
# reload the user settings object from the DB
self.user_settings.reload()
assert_true(self.user_settings.is_confirmed)
assert_equal(res.status_code, 200)
def test_confirm_code(self):
# Send a valid code to the API endpoint for the user settings.
url = api_url_for('twofactor_settings_put')
res = self.app.put_json(
url,
{'code': _valid_code(self.user_settings.totp_secret)},
auth=self.user.auth
)
# reload the user settings object from the DB
self.user_settings.reload()
assert_true(self.user_settings.is_confirmed)
assert_equal(res.status_code, 200)