diff options
| author | Matthew Somerville <matthew-github@dracos.co.uk> | 2018-02-07 13:09:45 +0000 |
|---|---|---|
| committer | Matthew Somerville <matthew-github@dracos.co.uk> | 2018-02-07 13:09:45 +0000 |
| commit | 7361782de3d072f8d09442e33aa9c42a7c181c4c (patch) | |
| tree | 5b8f49a13eb6f3aeb152262cbe66d55a48c4924d /t/app/controller/auth.t | |
| parent | 6879af98d0246b6973affff08a4e078206bb5dfc (diff) | |
| parent | 3e721ddf5d9809c9f44d7dedcf2083a544e6e148 (diff) | |
Merge branch '2fa-superuser'
Diffstat (limited to 't/app/controller/auth.t')
| -rw-r--r-- | t/app/controller/auth.t | 23 |
1 files changed, 23 insertions, 0 deletions
diff --git a/t/app/controller/auth.t b/t/app/controller/auth.t index bec8698d5..8cc7e4154 100644 --- a/t/app/controller/auth.t +++ b/t/app/controller/auth.t @@ -299,3 +299,26 @@ subtest 'check common password AJAX call' => sub { $mech->post_ok('/auth/common_password', { password_register => 'squirblewirble' }); $mech->content_contains("true"); }; + +subtest "Test two-factor authentication login" => sub { + use Auth::GoogleAuth; + my $auth = Auth::GoogleAuth->new; + my $code = $auth->code; + my $wrong_code = $auth->code(undef, time() - 120); + + my $user = FixMyStreet::App->model('DB::User')->find( { email => $test_email } ); + $user->is_superuser(1); + $user->password('password'); + $user->set_extra_metadata('2fa_secret', $auth->secret32); + $user->update; + + $mech->get_ok('/auth'); + $mech->submit_form_ok( + { with_fields => { username => $test_email, password_sign_in => 'password' } }, + "sign in using form" ); + $mech->content_contains('Please generate a two-factor code'); + $mech->submit_form_ok({ with_fields => { '2fa_code' => $wrong_code } }, "provide wrong 2FA code" ); + $mech->content_contains('Try again'); + $mech->submit_form_ok({ with_fields => { '2fa_code' => $code } }, "provide correct 2FA code" ); + $mech->logged_in_ok; +}; |