def test_authentication_with_invalid_2fa_token(app, client): utils = Utils(app, client) utils.enable_2fa() resp = client.post('/api/auth', json={ 'username': '******', 'password': '******', 'token': '999999' }) assert resp.status_code == 401 assert json.loads( resp.data.decode('utf8')).get('message') == 'Invalid credentials'
def test_admin_update_disable_2fa(app, client): utils = Utils(app, client) utils.enable_2fa() public_id = utils.get_public_id() headers = { 'Authorization': f'Bearer {utils.generate_admin_access_token()}' } # check if 2fa is enabled resp = client.get(f'/api/users/{public_id}', headers=headers) assert json.loads(resp.data.decode()).get('data').get('2fa') # disable 2fa resp = client.put(f'/api/users/{public_id}', headers=headers, json={'totp_enabled': False}) assert resp.status_code == 200 assert not json.loads(resp.data.decode()).get('data').get('2fa')
def test_update_disable_2fa_without_token(app, client): utils = Utils(app, client) utils.enable_2fa() headers = {'Authorization': f'Bearer {utils.generate_access_token()}'} # check if 2fa is enabled # resp = client.get('/api/auth', headers=headers) resp = client.get( '/api/auth', headers={'Authorization': f'Bearer {utils.generate_access_token()}'}) assert json.loads(resp.data.decode()).get('data').get('2fa') # disable 2fa resp = client.put(f'/api/users/me', headers=headers, json={'totp_enabled': False}) assert resp.status_code == 400 assert json.loads(resp.data.decode()).get( 'message') == 'Unable to deactivate 2fa, token not submitted'
def test_authentication_with_2fa(app, client): utils = Utils(app, client) utils.enable_2fa() # request should result in an error, because the 2fa token is missing resp = client.post('/api/auth', json={ 'username': '******', 'password': '******' }) assert resp.status_code == 401 assert json.loads( resp.data.decode('utf8')).get('message') == 'Missing 2fa token' # the 2fa token is in the data of this request, so it should work resp = client.post('/api/auth', json={ 'username': '******', 'password': '******', 'token': utils.generate_2fa_token() }) assert resp.status_code == 200 assert 'accessToken' in json.loads(resp.data.decode()) assert 'refreshToken' in json.loads(resp.data.decode())