logo

pleroma

My custom branche(s) on git.pleroma.social/pleroma/pleroma

totp_authenticator_test.exs (1535B)


  1. # Pleroma: A lightweight social networking server
  2. # Copyright © 2017-2020 Pleroma Authors <https://pleroma.social/>
  3. # SPDX-License-Identifier: AGPL-3.0-only
  4. defmodule Pleroma.Web.Auth.TOTPAuthenticatorTest do
  5. use Pleroma.Web.ConnCase
  6. alias Pleroma.MFA
  7. alias Pleroma.MFA.BackupCodes
  8. alias Pleroma.MFA.TOTP
  9. alias Pleroma.Web.Auth.TOTPAuthenticator
  10. import Pleroma.Factory
  11. test "verify token" do
  12. otp_secret = TOTP.generate_secret()
  13. otp_token = TOTP.generate_token(otp_secret)
  14. user =
  15. insert(:user,
  16. multi_factor_authentication_settings: %MFA.Settings{
  17. enabled: true,
  18. totp: %MFA.Settings.TOTP{secret: otp_secret, confirmed: true}
  19. }
  20. )
  21. assert TOTPAuthenticator.verify(otp_token, user) == {:ok, :pass}
  22. assert TOTPAuthenticator.verify(nil, user) == {:error, :invalid_token}
  23. assert TOTPAuthenticator.verify("", user) == {:error, :invalid_token}
  24. end
  25. test "checks backup codes" do
  26. [code | _] = backup_codes = BackupCodes.generate()
  27. hashed_codes =
  28. backup_codes
  29. |> Enum.map(&Pbkdf2.hash_pwd_salt(&1))
  30. user =
  31. insert(:user,
  32. multi_factor_authentication_settings: %MFA.Settings{
  33. enabled: true,
  34. backup_codes: hashed_codes,
  35. totp: %MFA.Settings.TOTP{secret: "otp_secret", confirmed: true}
  36. }
  37. )
  38. assert TOTPAuthenticator.verify_recovery_code(user, code) == {:ok, :pass}
  39. refute TOTPAuthenticator.verify_recovery_code(code, refresh_record(user)) == {:ok, :pass}
  40. end
  41. end