Merge pull request #156 from Retrospring/feature/sign-in-tests

Add sign in tests
This commit is contained in:
Dominik M. Kwiatek 2020-12-25 02:10:59 +01:00 committed by GitHub
commit 32da930599
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 52 additions and 1 deletions

View File

@ -280,7 +280,7 @@ ActiveRecord::Schema.define(version: 2020_11_01_155648) do
t.boolean "export_processing", default: false, null: false t.boolean "export_processing", default: false, null: false
t.datetime "export_created_at" t.datetime "export_created_at"
t.string "otp_secret_key" t.string "otp_secret_key"
t.integer "otp_module" t.integer "otp_module", default: 0, null: false
t.index ["confirmation_token"], name: "index_users_on_confirmation_token", unique: true t.index ["confirmation_token"], name: "index_users_on_confirmation_token", unique: true
t.index ["email"], name: "index_users_on_email", unique: true t.index ["email"], name: "index_users_on_email", unique: true
t.index ["reset_password_token"], name: "index_users_on_reset_password_token", unique: true t.index ["reset_password_token"], name: "index_users_on_reset_password_token", unique: true

View File

@ -21,5 +21,56 @@ describe User::SessionsController do
expect(subject).to have_rendered('auth/two_factor_authentication') expect(subject).to have_rendered('auth/two_factor_authentication')
end end
context "2fa sign in attempt" do
subject do
post :create,
params: { user: { otp_attempt: code_input } },
session: { user_sign_in_uid: user.id }
end
before do
user.otp_module = :enabled
user.save
end
context "incorrect code" do
let(:code_input) { 123456 }
it "redirects to the sign in page" do
expect(subject).to redirect_to :new_user_session
end
end
context "correct code" do
let(:code_input) { user.otp_code }
it "redirects to the timeline" do
expect(subject).to redirect_to :root
end
end
context "correct recovery code" do
let(:code_input) { 'raccoons' }
before do
user.totp_recovery_codes << TotpRecoveryCode.create(code: 'raccoons')
end
it "consumes the recovery code" do
expect { subject }.to change { user.totp_recovery_codes.count }.by(-1)
expect(response).to redirect_to :root
end
end
context "incorrect recovery code" do
let(:code_input) { 'abcdefgh' }
it "redirects to the sign in page" do
expect(subject).to redirect_to :new_user_session
expect(flash[:error]).to eq I18n.t('views.auth.2fa.errors.invalid_code')
end
end
end
end end
end end