class TwoFactorTestCase(TestCase):
def setUp(self):
self.password = str(uuid.uuid4())
self.user = User(username='******', primary=True)
self.user.set_password(self.password)
self.user.save()
@override_settings(TWO_FACTOR_ENABLED=False)
def testForbid2FAUsersWhen2FADisabledPassword(self):
device = TOTPDevice.objects.create(user=self.user,
name='default',
confirmed=True)
response = self.client.post(
reverse('login'), {
'social_two_factor_login_view-current_step': 'auth',
'auth-username': self.user.username,
'auth-password': self.password
})
self.assertEqual(http.client.SERVICE_UNAVAILABLE, response.status_code)
self.assertTemplateUsed(
response, 'exceptions/forsta_auth/two_factor_disabled.html')
@override_settings(TWO_FACTOR_ENABLED=False)
def testForbid2FAUsersWhen2FADisabledSocial(self):
device = TOTPDevice.objects.create(user=self.user,
name='default',
confirmed=True)
UserSocialAuth.objects.create(user=self.user,
provider='dummy',
uid='alice')
response = self.client.get(
reverse('social:begin', kwargs={'backend': 'dummy'}) + '?id=alice',
follow=True)
self.assertEqual(http.client.SERVICE_UNAVAILABLE, response.status_code)
self.assertTemplateUsed(
response, 'exceptions/forsta_auth/two_factor_disabled.html')
def testSetWhenUnusable(self):
user = User(primary=True)
user.set_unusable_password()
user.save()
self.client.force_login(user)
response = self.client.get(reverse('password_change'))
self.assertIsInstance(response.context['form'], PasswordSetForm)
self.assertNotIsInstance(response.context['form'], PasswordChangeForm)
def testBadPassword(self):
user = User(identity_id=uuid.uuid4(), primary=True)
user.set_password('password')
user.save()
form = AuthenticationForm(data={
'username': str(user.id),
'password': '******'
})
self.assertFalse(form.is_valid())
def testChangeWhenUsable(self):
password = str(uuid.uuid4())
user = User(primary=True)
user.set_password(password)
user.save()
self.client.force_login(user)
response = self.client.get(reverse('password_change'))
self.assertIsInstance(response.context['form'], PasswordChangeForm)
def testUUID(self):
user = User(identity_id=uuid.uuid4(), primary=True)
user.set_password('password')
user.save()
form = AuthenticationForm(data={
'username': str(user.id),
'password': '******'
})
self.assertTrue(form.is_valid())
self.assertEqual(str(user.id), form.cleaned_data['username'])
def testEmail(self):
user = User(identity_id=uuid.uuid4(), primary=True)
UserEmail.objects.create(user=user, email='*****@*****.**')
user.set_password('password')
user.save()
form = AuthenticationForm(data={
'username': '******',
'password': '******'
})
self.assertTrue(form.is_valid())
self.assertEqual(str(user.id), form.cleaned_data['username'])
def test_not_allowed_to_disconnect(self):
user = User(identity_id=uuid.uuid4(), primary=True)
user.set_unusable_password()
user.save()
user_social_auth = UserSocialAuth.objects.create(user=user,
provider='dummy',
uid='alice')
self.client.force_login(user)
response = self.client.post(
reverse('social:disconnect_individual',
kwargs={
'backend': 'dummy',
'association_id': user_social_auth.pk
}))
self.assertEqual(http.client.FORBIDDEN, response.status_code)
self.assertTemplateUsed(
response, 'exceptions/social_core/not_allowed_to_disconnect.html')
def setUp(self):
self.password = str(uuid.uuid4())
self.user = User(username='******', primary=True)
self.user.set_password(self.password)
self.user.save()