mirror of
https://github.com/elyby/accounts.git
synced 2025-05-31 14:11:46 +05:30
Поле token в контексте otp токенов переименовано в totp
This commit is contained in:
ErickSkrauch
@ -24,7 +24,7 @@ class AuthenticationRoute extends BasePage {
|
||||
if ((is_bool($rememberMeOrToken) && $rememberMeOrToken) || $rememberMe) {
|
||||
$params['rememberMe'] = 1;
|
||||
} elseif ($rememberMeOrToken !== null) {
|
||||
$params['token'] = $rememberMeOrToken;
|
||||
$params['totp'] = $rememberMeOrToken;
|
||||
}
|
||||
|
||||
$this->actor->sendPOST($this->getUrl(), $params);
|
||||
@ -39,7 +39,7 @@ class AuthenticationRoute extends BasePage {
|
||||
$this->route = ['authentication/forgot-password'];
|
||||
$this->actor->sendPOST($this->getUrl(), [
|
||||
'login' => $login,
|
||||
'token' => $token,
|
||||
'totp' => $token,
|
||||
]);
|
||||
}
|
||||
|
||||
|
||||
@ -14,16 +14,16 @@ class TwoFactorAuthRoute extends BasePage {
|
||||
$this->actor->sendGET($this->getUrl());
|
||||
}
|
||||
|
||||
public function enable($token = null, $password = null) {
|
||||
public function enable($totp = null, $password = null) {
|
||||
$this->actor->sendPOST($this->getUrl(), [
|
||||
'token' => $token,
|
||||
'totp' => $totp,
|
||||
'password' => $password,
|
||||
]);
|
||||
}
|
||||
|
||||
public function disable($token = null, $password = null) {
|
||||
public function disable($totp = null, $password = null) {
|
||||
$this->actor->sendDELETE($this->getUrl(), [
|
||||
'token' => $token,
|
||||
'totp' => $totp,
|
||||
'password' => $password,
|
||||
]);
|
||||
}
|
||||
|
||||
@ -39,7 +39,7 @@ class ForgotPasswordCest {
|
||||
$I->canSeeResponseContainsJson([
|
||||
'success' => false,
|
||||
'errors' => [
|
||||
'token' => 'error.token_required',
|
||||
'totp' => 'error.totp_required',
|
||||
],
|
||||
]);
|
||||
|
||||
@ -47,7 +47,7 @@ class ForgotPasswordCest {
|
||||
$I->canSeeResponseContainsJson([
|
||||
'success' => false,
|
||||
'errors' => [
|
||||
'token' => 'error.token_required',
|
||||
'totp' => 'error.totp_required',
|
||||
],
|
||||
]);
|
||||
|
||||
@ -55,7 +55,7 @@ class ForgotPasswordCest {
|
||||
$I->canSeeResponseContainsJson([
|
||||
'success' => false,
|
||||
'errors' => [
|
||||
'token' => 'error.token_incorrect',
|
||||
'totp' => 'error.totp_incorrect',
|
||||
],
|
||||
]);
|
||||
}
|
||||
@ -73,7 +73,7 @@ class ForgotPasswordCest {
|
||||
}
|
||||
|
||||
public function testForgotPasswordByAccountWithOtp(FunctionalTester $I) {
|
||||
$I->wantTo('create new password recover request by passing username and otp token');
|
||||
$I->wantTo('create new password recover request by passing username and otp totp');
|
||||
$totp = TOTP::create('BBBB');
|
||||
$this->route->forgotPassword('AccountWithEnabledOtp', $totp->now());
|
||||
$this->assertSuccessResponse($I, true);
|
||||
|
||||
@ -107,49 +107,49 @@ class LoginCest {
|
||||
public function testLoginToken(FunctionalTester $I) {
|
||||
$route = new AuthenticationRoute($I);
|
||||
|
||||
$I->wantTo('see token don\'t have errors if email, username or token not set');
|
||||
$I->wantTo('see totp don\'t have errors if email, username or totp not set');
|
||||
$route->login();
|
||||
$I->canSeeResponseContainsJson([
|
||||
'success' => false,
|
||||
]);
|
||||
$I->cantSeeResponseJsonMatchesJsonPath('$.errors.token');
|
||||
$I->cantSeeResponseJsonMatchesJsonPath('$.errors.totp');
|
||||
|
||||
$I->wantTo('see token don\'t have errors if username not exists in database');
|
||||
$I->wantTo('see totp don\'t have errors if username not exists in database');
|
||||
$route->login('non-exist-username', 'random-password');
|
||||
$I->canSeeResponseContainsJson([
|
||||
'success' => false,
|
||||
]);
|
||||
$I->cantSeeResponseJsonMatchesJsonPath('$.errors.token');
|
||||
$I->cantSeeResponseJsonMatchesJsonPath('$.errors.totp');
|
||||
|
||||
$I->wantTo('see token don\'t has errors if email not exists in database');
|
||||
$I->wantTo('see totp don\'t has errors if email not exists in database');
|
||||
$route->login('not-exist@user.com', 'random-password');
|
||||
$I->canSeeResponseContainsJson([
|
||||
'success' => false,
|
||||
]);
|
||||
$I->cantSeeResponseJsonMatchesJsonPath('$.errors.token');
|
||||
$I->cantSeeResponseJsonMatchesJsonPath('$.errors.totp');
|
||||
|
||||
$I->wantTo('see token don\'t has errors if email correct, but password wrong');
|
||||
$I->wantTo('see totp don\'t has errors if email correct, but password wrong');
|
||||
$route->login('not-exist@user.com', 'random-password');
|
||||
$I->canSeeResponseContainsJson([
|
||||
'success' => false,
|
||||
]);
|
||||
$I->cantSeeResponseJsonMatchesJsonPath('$.errors.token');
|
||||
$I->cantSeeResponseJsonMatchesJsonPath('$.errors.totp');
|
||||
|
||||
$I->wantTo('see error.token_required if username and password correct, but account have enable otp');
|
||||
$I->wantTo('see error.totp_required if username and password correct, but account have enable otp');
|
||||
$route->login('AccountWithEnabledOtp', 'password_0');
|
||||
$I->canSeeResponseContainsJson([
|
||||
'success' => false,
|
||||
'errors' => [
|
||||
'token' => 'error.token_required',
|
||||
'totp' => 'error.totp_required',
|
||||
],
|
||||
]);
|
||||
|
||||
$I->wantTo('see error.token_incorrect if username and password correct, but token wrong');
|
||||
$I->wantTo('see error.totp_incorrect if username and password correct, but totp wrong');
|
||||
$route->login('AccountWithEnabledOtp', 'password_0', '123456');
|
||||
$I->canSeeResponseContainsJson([
|
||||
'success' => false,
|
||||
'errors' => [
|
||||
'token' => 'error.token_incorrect',
|
||||
'totp' => 'error.totp_incorrect',
|
||||
],
|
||||
]);
|
||||
}
|
||||
|
||||
@ -23,7 +23,7 @@ class TwoFactorAuthDisableCest {
|
||||
$I->canSeeResponseContainsJson([
|
||||
'success' => false,
|
||||
'errors' => [
|
||||
'token' => 'error.token_required',
|
||||
'totp' => 'error.totp_required',
|
||||
'password' => 'error.password_required',
|
||||
],
|
||||
]);
|
||||
@ -32,7 +32,7 @@ class TwoFactorAuthDisableCest {
|
||||
$I->canSeeResponseContainsJson([
|
||||
'success' => false,
|
||||
'errors' => [
|
||||
'token' => 'error.token_incorrect',
|
||||
'totp' => 'error.totp_incorrect',
|
||||
'password' => 'error.password_incorrect',
|
||||
],
|
||||
]);
|
||||
|
||||
@ -23,7 +23,7 @@ class TwoFactorAuthEnableCest {
|
||||
$I->canSeeResponseContainsJson([
|
||||
'success' => false,
|
||||
'errors' => [
|
||||
'token' => 'error.token_required',
|
||||
'totp' => 'error.totp_required',
|
||||
'password' => 'error.password_required',
|
||||
],
|
||||
]);
|
||||
@ -32,7 +32,7 @@ class TwoFactorAuthEnableCest {
|
||||
$I->canSeeResponseContainsJson([
|
||||
'success' => false,
|
||||
'errors' => [
|
||||
'token' => 'error.token_incorrect',
|
||||
'totp' => 'error.totp_incorrect',
|
||||
'password' => 'error.password_incorrect',
|
||||
],
|
||||
]);
|
||||
|
||||
@ -41,19 +41,19 @@ class ForgotPasswordFormTest extends TestCase {
|
||||
$this->assertEmpty($model->getErrors('login'), 'empty errors if login is exists');
|
||||
}
|
||||
|
||||
public function testValidateTotpToken() {
|
||||
public function testValidateTotp() {
|
||||
$model = new ForgotPasswordForm();
|
||||
$model->login = 'AccountWithEnabledOtp';
|
||||
$model->token = '123456';
|
||||
$model->validateTotpToken('token');
|
||||
$this->assertEquals(['error.token_incorrect'], $model->getErrors('token'));
|
||||
$model->totp = '123456';
|
||||
$model->validateTotp('totp');
|
||||
$this->assertEquals(['error.totp_incorrect'], $model->getErrors('totp'));
|
||||
|
||||
$totp = TOTP::create('BBBB');
|
||||
$model = new ForgotPasswordForm();
|
||||
$model->login = 'AccountWithEnabledOtp';
|
||||
$model->token = $totp->now();
|
||||
$model->validateTotpToken('token');
|
||||
$this->assertEmpty($model->getErrors('token'));
|
||||
$model->totp = $totp->now();
|
||||
$model->validateTotp('totp');
|
||||
$this->assertEmpty($model->getErrors('totp'));
|
||||
}
|
||||
|
||||
public function testValidateActivity() {
|
||||
|
||||
@ -72,31 +72,31 @@ class LoginFormTest extends TestCase {
|
||||
});
|
||||
}
|
||||
|
||||
public function testValidateTotpToken() {
|
||||
public function testValidateTotp() {
|
||||
$account = new AccountIdentity(['password' => '12345678']);
|
||||
$account->password = '12345678';
|
||||
$account->is_otp_enabled = true;
|
||||
$account->otp_secret = 'AAAA';
|
||||
|
||||
$this->specify('error.token_incorrect if totp invalid', function() use ($account) {
|
||||
$this->specify('error.totp_incorrect if totp invalid', function() use ($account) {
|
||||
$model = $this->createModel([
|
||||
'password' => '12345678',
|
||||
'token' => '321123',
|
||||
'totp' => '321123',
|
||||
'account' => $account,
|
||||
]);
|
||||
$model->validateTotpToken('token');
|
||||
$this->assertEquals(['error.token_incorrect'], $model->getErrors('token'));
|
||||
$model->validateTotp('totp');
|
||||
$this->assertEquals(['error.totp_incorrect'], $model->getErrors('totp'));
|
||||
});
|
||||
|
||||
$totp = TOTP::create($account->otp_secret);
|
||||
$this->specify('no errors if password valid', function() use ($account, $totp) {
|
||||
$model = $this->createModel([
|
||||
'password' => '12345678',
|
||||
'token' => $totp->now(),
|
||||
'totp' => $totp->now(),
|
||||
'account' => $account,
|
||||
]);
|
||||
$model->validateTotpToken('token');
|
||||
$this->assertEmpty($model->getErrors('token'));
|
||||
$model->validateTotp('totp');
|
||||
$this->assertEmpty($model->getErrors('totp'));
|
||||
});
|
||||
}
|
||||
|
||||
|
||||
@ -8,6 +8,7 @@ use common\models\Account;
|
||||
use common\models\EmailActivation;
|
||||
use common\models\UsernameHistory;
|
||||
use GuzzleHttp\ClientInterface;
|
||||
use ReflectionClass;
|
||||
use tests\codeception\api\unit\TestCase;
|
||||
use tests\codeception\common\fixtures\AccountFixture;
|
||||
use tests\codeception\common\fixtures\EmailActivationFixture;
|
||||
|
||||
@ -19,13 +19,13 @@ class TotpValidatorTest extends TestCase {
|
||||
$validator = new TotpValidator(['account' => $account]);
|
||||
|
||||
$result = $this->callProtected($validator, 'validateValue', 123456);
|
||||
$this->assertEquals([E::OTP_TOKEN_INCORRECT, []], $result);
|
||||
$this->assertEquals([E::TOTP_INCORRECT, []], $result);
|
||||
|
||||
$result = $this->callProtected($validator, 'validateValue', $controlTotp->now());
|
||||
$this->assertNull($result);
|
||||
|
||||
$result = $this->callProtected($validator, 'validateValue', $controlTotp->at(time() - 31));
|
||||
$this->assertEquals([E::OTP_TOKEN_INCORRECT, []], $result);
|
||||
$this->assertEquals([E::TOTP_INCORRECT, []], $result);
|
||||
|
||||
$validator->window = 2;
|
||||
$result = $this->callProtected($validator, 'validateValue', $controlTotp->at(time() - 31));
|
||||
@ -34,7 +34,7 @@ class TotpValidatorTest extends TestCase {
|
||||
$at = time() - 400;
|
||||
$validator->timestamp = $at;
|
||||
$result = $this->callProtected($validator, 'validateValue', $controlTotp->now());
|
||||
$this->assertEquals([E::OTP_TOKEN_INCORRECT, []], $result);
|
||||
$this->assertEquals([E::TOTP_INCORRECT, []], $result);
|
||||
|
||||
$result = $this->callProtected($validator, 'validateValue', $controlTotp->at($at));
|
||||
$this->assertNull($result);
|
||||
|
||||
Reference in New Issue
Block a user