app-MAIL-temp/tests/api/test_auth_mfa.py
Son 372466ab06 do not use flask-sqlalchemy
- add __tablename__ for all models
- use sa and orm instead of db
- rollback all changes in tests
- remove session in @app.teardown_appcontext
2021-10-12 14:36:47 +02:00

59 lines
1.3 KiB
Python

import pyotp
from flask import url_for
from itsdangerous import Signer
from app.config import FLASK_SECRET
from app.db import Session
from app.models import User
def test_auth_mfa_success(flask_client):
user = User.create(
email="a@b.c",
password="password",
name="Test User",
activated=True,
enable_otp=True,
otp_secret="base32secret3232",
)
Session.commit()
totp = pyotp.TOTP(user.otp_secret)
s = Signer(FLASK_SECRET)
mfa_key = s.sign(str(user.id))
r = flask_client.post(
url_for("api.auth_mfa"),
json={"mfa_token": totp.now(), "mfa_key": mfa_key, "device": "Test Device"},
)
assert r.status_code == 200
assert r.json["api_key"]
assert r.json["email"]
assert r.json["name"] == "Test User"
def test_auth_wrong_mfa_key(flask_client):
user = User.create(
email="a@b.c",
password="password",
name="Test User",
activated=True,
enable_otp=True,
otp_secret="base32secret3232",
)
Session.commit()
totp = pyotp.TOTP(user.otp_secret)
r = flask_client.post(
url_for("api.auth_mfa"),
json={
"mfa_token": totp.now(),
"mfa_key": "wrong mfa key",
"device": "Test Device",
},
)
assert r.status_code == 400
assert r.json["error"]