def test_update_disable_2fa(app, client):
utils = Utils(app, client)
utils.enable_2fa()
headers = {'Authorization': f'Bearer {utils.generate_access_token()}'}
# check if 2fa is enabled
# resp = client.get('/api/auth', headers=headers)
resp = client.get(
'/api/auth',
headers={'Authorization': f'Bearer {utils.generate_access_token()}'})
assert json.loads(resp.data.decode()).get('data').get('2fa')
# disable 2fa
resp = client.put(f'/api/users/me',
headers=headers,
json={
'totp_enabled': False,
'totp_token': utils.generate_2fa_token()
})
assert resp.status_code == 200
assert not json.loads(resp.data.decode()).get('data').get('2fa')
def test_authentication_with_2fa(app, client):
utils = Utils(app, client)
utils.enable_2fa()
# request should result in an error, because the 2fa token is missing
resp = client.post('/api/auth',
json={
'username': '******',
'password': '******'
})
assert resp.status_code == 401
assert json.loads(
resp.data.decode('utf8')).get('message') == 'Missing 2fa token'
# the 2fa token is in the data of this request, so it should work
resp = client.post('/api/auth',
json={
'username': '******',
'password': '******',
'token': utils.generate_2fa_token()
})
assert resp.status_code == 200
assert 'accessToken' in json.loads(resp.data.decode())
assert 'refreshToken' in json.loads(resp.data.decode())
