2020-05-07 02:14:54 -06:00
|
|
|
# Pleroma: A lightweight social networking server
|
2021-01-12 23:49:20 -07:00
|
|
|
# Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>
|
2020-05-07 02:14:54 -06:00
|
|
|
# SPDX-License-Identifier: AGPL-3.0-only
|
|
|
|
|
|
|
|
defmodule Pleroma.MFATest do
|
2020-12-21 04:21:40 -07:00
|
|
|
use Pleroma.DataCase, async: true
|
2020-05-07 02:14:54 -06:00
|
|
|
|
|
|
|
import Pleroma.Factory
|
|
|
|
alias Pleroma.MFA
|
|
|
|
|
|
|
|
describe "mfa_settings" do
|
|
|
|
test "returns settings user's" do
|
|
|
|
user =
|
|
|
|
insert(:user,
|
|
|
|
multi_factor_authentication_settings: %MFA.Settings{
|
|
|
|
enabled: true,
|
|
|
|
totp: %MFA.Settings.TOTP{secret: "xx", confirmed: true}
|
|
|
|
}
|
|
|
|
)
|
|
|
|
|
|
|
|
settings = MFA.mfa_settings(user)
|
|
|
|
assert match?(^settings, %{enabled: true, totp: true})
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
describe "generate backup codes" do
|
|
|
|
test "returns backup codes" do
|
|
|
|
user = insert(:user)
|
|
|
|
|
|
|
|
{:ok, [code1, code2]} = MFA.generate_backup_codes(user)
|
|
|
|
updated_user = refresh_record(user)
|
|
|
|
[hash1, hash2] = updated_user.multi_factor_authentication_settings.backup_codes
|
2022-12-29 19:46:58 -07:00
|
|
|
assert Pleroma.Password.checkpw(code1, hash1)
|
|
|
|
assert Pleroma.Password.checkpw(code2, hash2)
|
2020-05-07 02:14:54 -06:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
describe "invalidate_backup_code" do
|
|
|
|
test "invalid used code" do
|
|
|
|
user = insert(:user)
|
|
|
|
|
|
|
|
{:ok, _} = MFA.generate_backup_codes(user)
|
|
|
|
user = refresh_record(user)
|
|
|
|
assert length(user.multi_factor_authentication_settings.backup_codes) == 2
|
|
|
|
[hash_code | _] = user.multi_factor_authentication_settings.backup_codes
|
|
|
|
|
|
|
|
{:ok, user} = MFA.invalidate_backup_code(user, hash_code)
|
|
|
|
|
|
|
|
assert length(user.multi_factor_authentication_settings.backup_codes) == 1
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|