def test_password_change_no_totp(settings, client, create_user): settings.LIQUID_2FA = False client.login(username=create_user.user.get_username(), password=create_user.password) resp = client.post( get_url(), payload_pw_change('badpassword', 'new_password', 'new_password')) assert not resp.context.get('form').is_valid() resp = client.post( get_url(), payload_pw_change(create_user.password, 'new_password', 'bad_new_password')) assert not resp.context.get('form').is_valid() resp = client.post( get_url(), payload_pw_change(create_user.password, 'new_password', 'new_password')) client.logout() client.login(username=create_user.user.get_username(), password=create_user.password) assert not is_logged_in(client) client.login(username=create_user.user.get_username(), password='******') assert is_logged_in(client)
def test_login_totp(client, create_user, create_device): device = create_device(user=create_user.user) client.post(get_url(), payload('badusername', create_user.password, _totp(device, now()))) assert not is_logged_in(client) sleep(5) _reset_last_use(device) client.post(get_url(), payload(create_user.user.get_username(), 'badpassword', _totp(device, now()))) assert not is_logged_in(client) sleep(5) _reset_last_use(device) client.post(get_url(), payload(create_user.user.get_username(), create_user.password, _totp(device, now() + timedelta(minutes=5)))) assert not is_logged_in(client) sleep(5) _reset_last_use(device) client.post(get_url(), payload(create_user.user.get_username(), create_user.password, _totp(device, now()))) assert is_logged_in(client) client.logout() assert not is_logged_in(client)
def test_login_no_totp(client, settings, create_user): settings.LIQUID_2FA = False client.post(get_url(), payload(create_user.user.get_username(), create_user.password)) assert is_logged_in(client) client.logout() assert not is_logged_in(client) client.post(get_url(), payload('badusername', create_user.password)) assert not is_logged_in(client) client.post(get_url(), payload(create_user.user.get_username(), 'badpassword')) assert not is_logged_in(client)
def test_login(client, username, password, interval, success): invitations.invite('john', INVITATION_DURATION, create=True) device = _accept(client, models.Invitation.objects.get(), 'pw') assert is_logged_in(client) client.logout() _reset_last_use(device) assert not is_logged_in(client) client.post( '/accounts/login/', { 'username': username, 'password': password, 'otp_token': _totp(device, now() + interval), }) if success: assert is_logged_in(client) else: assert not is_logged_in(client)
def test_flow( client, mock_time, minutes, username_ok, password_ok, code_ok, invitation, success, ): t0 = datetime(2016, 6, 13, 12, 0, 0, tzinfo=utc) t1 = t0 + timedelta(minutes=minutes) mock_time(t0) url = invitations.invite('john', INVITATION_DURATION, create=True) assert not is_logged_in(client) mock_time(t1) client.get(url) if not invitation: assert TOTPDevice.objects.count() == 0 return [device] = TOTPDevice.objects.all() hour = timedelta(hours=1) resp = client.post( url, { 'username': '******' if username_ok else 'ramirez', 'password': '******', 'password-confirm': 'secretz' if password_ok else 'foobar', 'code': _totp(device, t1) if code_ok else _totp(device, t1 + hour), }) if success: assert "Verification successful." in resp.content.decode('utf-8') assert is_logged_in(client) else: assert not is_logged_in(client)
def test_password_change_totp(settings, client, create_user, create_device): client.login(username=create_user.user.get_username(), password=create_user.password) assert is_logged_in(client) resp = client.post( get_url(), payload_pw_change(create_user.password, 'new_password', 'new_password', 999999)) assert not resp.context.get('form').is_valid() device = create_device(user=create_user.user) resp = client.post( get_url(), payload_pw_change(create_user.password, 'new_password', 'new_password', _totp(device, now()))) client.logout() client.login(username=create_user.user.get_username(), password=create_user.password) assert not is_logged_in(client) client.login(username=create_user.user.get_username(), password='******') assert is_logged_in(client)