app-MAIL-temp/tests/api/test_auth_mfa.py

import pyotp
from flask import url_for
from itsdangerous import Signer

from app.config import FLASK_SECRET
from tests.utils import create_new_user


def test_auth_mfa_success(flask_client):
    user = create_new_user()
    user.enable_otp = True
    user.otp_secret = "base32secret3232"

    totp = pyotp.TOTP(user.otp_secret)
    s = Signer(FLASK_SECRET)
    mfa_key = s.sign(str(user.id))

    r = flask_client.post(
        url_for("api.auth_mfa"),
        json={"mfa_token": totp.now(), "mfa_key": mfa_key, "device": "Test Device"},
    )

    assert r.status_code == 200
    assert r.json["api_key"]
    assert r.json["email"]
    assert r.json["name"] == "Test User"


def test_auth_wrong_mfa_key(flask_client):
    user = create_new_user()
    user.enable_otp = True
    user.otp_secret = "base32secret3232"

    totp = pyotp.TOTP(user.otp_secret)

    r = flask_client.post(
        url_for("api.auth_mfa"),
        json={
            "mfa_token": totp.now(),
            "mfa_key": "wrong mfa key",
            "device": "Test Device",
        },
    )

    assert r.status_code == 400
    assert r.json["error"]
add /api/auth/mfa 2020-01-20 15:00:56 +01:00			`import pyotp`
			`from flask import url_for`
			`from itsdangerous import Signer`

			`from app.config import FLASK_SECRET`
refactor test: no hardcode a@b.c, make sure each test has a different user 2022-04-15 16:59:44 +02:00			`from tests.utils import create_new_user`
add /api/auth/mfa 2020-01-20 15:00:56 +01:00

			`def test_auth_mfa_success(flask_client):`
refactor test: no hardcode a@b.c, make sure each test has a different user 2022-04-15 16:59:44 +02:00			`user = create_new_user()`
			`user.enable_otp = True`
			`user.otp_secret = "base32secret3232"`
add /api/auth/mfa 2020-01-20 15:00:56 +01:00
			`totp = pyotp.TOTP(user.otp_secret)`
			`s = Signer(FLASK_SECRET)`
			`mfa_key = s.sign(str(user.id))`

			`r = flask_client.post(`
			`url_for("api.auth_mfa"),`
			`json={"mfa_token": totp.now(), "mfa_key": mfa_key, "device": "Test Device"},`
			`)`

			`assert r.status_code == 200`
			`assert r.json["api_key"]`
return user email in /api/auth/mfa 2020-06-09 17:20:37 +02:00			`assert r.json["email"]`
add /api/auth/mfa 2020-01-20 15:00:56 +01:00			`assert r.json["name"] == "Test User"`


			`def test_auth_wrong_mfa_key(flask_client):`
refactor test: no hardcode a@b.c, make sure each test has a different user 2022-04-15 16:59:44 +02:00			`user = create_new_user()`
			`user.enable_otp = True`
			`user.otp_secret = "base32secret3232"`
add /api/auth/mfa 2020-01-20 15:00:56 +01:00
			`totp = pyotp.TOTP(user.otp_secret)`

			`r = flask_client.post(`
			`url_for("api.auth_mfa"),`
			`json={`
			`"mfa_token": totp.now(),`
			`"mfa_key": "wrong mfa key",`
			`"device": "Test Device",`
			`},`
			`)`

			`assert r.status_code == 400`
			`assert r.json["error"]`