def test_verify_valid_core_drift(self):
# use a code from 30 seconds in the future
assert_true(
self.user_settings.verify_code(
_valid_code(self.TOTP_SECRET, drift=1)
)
)
# make sure drift is updated.
assert_equal(self.user_settings.totp_drift, 1)
# use a code from 60 seconds in the future
assert_true(
self.user_settings.verify_code(
_valid_code(self.TOTP_SECRET, drift=2)
)
)
# make sure drift is updated.
assert_equal(self.user_settings.totp_drift, 2)
# use the current code (which is now 2 periods away from the drift)
assert_false(
self.user_settings.verify_code(_valid_code(self.TOTP_SECRET))
)
def test_valid_credential_twofactor_valid_otp(self, mock_push_status_message):
user1_addon = self.user1.get_or_add_addon("twofactor")
user1_addon.totp_drift = 1
user1_addon.totp_secret = self.TOTP_SECRET
user1_addon.is_confirmed = True
user1_addon.save()
res = self.app.get(
self.reachable_url, auth=self.user1.auth, headers={"X-OSF-OTP": _valid_code(self.TOTP_SECRET)}
)
assert_equal(res.status_code, 200)
def test_confirm_code(self):
# Send a valid code to the API endpoint for the user settings.
res = self.app.post_json(
'/api/v1/settings/twofactor/',
{'code': _valid_code(self.user_settings.totp_secret)},
auth=self.user.auth)
# reload the user settings object from the DB
self.user_settings.reload()
assert_true(self.user_settings.is_confirmed)
assert_equal(res.status_code, 200)
def test_confirm_code(self):
# Send a valid code to the API endpoint for the user settings.
url = api_url_for('twofactor_settings_put')
res = self.app.put_json(
url, {'code': _valid_code(self.user_settings.totp_secret)},
auth=self.user.auth)
# reload the user settings object from the DB
self.user_settings.reload()
assert_true(self.user_settings.is_confirmed)
assert_equal(res.status_code, 200)
def test_valid_credential_twofactor_valid_otp(self):
user1_addon = self.user1.get_or_add_addon('twofactor')
user1_addon.totp_drift = 1
user1_addon.totp_secret = self.TOTP_SECRET
user1_addon.is_confirmed = True
user1_addon.save()
res = self.app.get(
self.reachable_url,
auth=self.user1.auth,
headers={'X-OSF-OTP': _valid_code(self.TOTP_SECRET)})
assert_equal(res.status_code, 200)
def test_confirm_code(self):
# Send a valid code to the API endpoint for the user settings.
res = self.app.post_json(
'/api/v1/settings/twofactor/',
{'code': _valid_code(self.user_settings.totp_secret)},
auth=self.user.auth
)
# reload the user settings object from the DB
self.user_settings.reload()
assert_true(self.user_settings.is_confirmed)
assert_equal(res.status_code, 200)
def test_confirm_code(self):
# Send a valid code to the API endpoint for the user settings.
url = api_url_for('twofactor_settings_put')
res = self.app.put_json(
url,
{'code': _valid_code(self.user_settings.totp_secret)},
auth=self.user.auth
)
# reload the user settings object from the DB
self.user_settings.reload()
assert_true(self.user_settings.is_confirmed)
assert_equal(res.status_code, 200)
def test_verify_two_factor_with_valid_code(self):
fake_session = sessions.Session(
data={
'two_factor_auth': {
'auth_user_username': self.user.username,
'auth_user_id': self.user._primary_key,
'auth_user_fullname': self.user.fullname,
}
})
sessions.set_session(fake_session)
response = verify_two_factor(
self.user._id, _valid_code(self.user_settings.totp_secret))
assert_true(isinstance(response, BaseResponse))
assert_equal(response.location, u'/dashboard/')
assert_equal(response.status_code, 302)
def test_verify_two_factor_with_valid_code(self):
fake_session = sessions.Session(data={
'two_factor_auth':{
'auth_user_username': self.user.username,
'auth_user_id': self.user._primary_key,
'auth_user_fullname': self.user.fullname,
}
})
sessions.set_session(fake_session)
response = verify_two_factor(self.user._id,
_valid_code(self.user_settings.totp_secret)
)
assert_true(isinstance(response, BaseResponse))
assert_equal(response.location, u'/dashboard/')
assert_equal(response.status_code, 302)
def test_verify_valid_code(self):
assert_true(
self.user_settings.verify_code(_valid_code(self.TOTP_SECRET))
)
def test_login_valid_code_invalid_password(self):
with assert_raises(PasswordIncorrectError):
login(username=self.user.username,
password='******',
two_factor=_valid_code(self.user_settings.totp_secret))
def test_login_valid(self):
res = login(username=self.user.username,
password='******',
two_factor=_valid_code(self.user_settings.totp_secret))
assert_true(isinstance(res, BaseResponse))
assert_equal(res.status_code, 302)
