Discourse/discourse
Discourse/discourse
2
0
Fork 0
mirror of https://github.com/discourse/discourse.git synced 2025-09-06 09:10:25 +08:00
Code Packages Activity Actions 11
discourse/test/javascripts/acceptance/sign-in-test.js.es6
Jeff Wong f4f8a293e7 FEATURE: Implement 2factor login TOTP 
implemented review items.

Blocking previous codes - valid 2-factor auth tokens can only be authenticated once/30 seconds.
I played with updating the “last used” any time the token was attempted but that seemed to be overkill, and frustrating as to why a token would fail.
Translatable texts.
Move second factor logic to a helper class.
Move second factor specific controller endpoints to its own controller.
Move serialization logic for 2-factor details in admin user views.
Add a login ember component for de-duplication
Fix up code formatting
Change verbiage of google authenticator

add controller tests:
second factor controller tests
change email tests
change password tests
admin login tests

add qunit tests - password reset, preferences

fix: check for 2factor on change email controller
fix: email controller - only show second factor errors on attempt
fix: check against 'true' to enable second factor.

Add modal for explaining what 2fa with links to Google Authenticator/FreeOTP

add two factor to email signin link

rate limit if second factor token present

add rate limiter test for second factor attempts
2018-02-21 09:04:07 +08:00

135 lines
4.6 KiB
JavaScript
Raw Blame History

import { acceptance } from "helpers/qunit-helpers";
acceptance("Signing In");
QUnit.test("sign in", assert => {
visit("/");
click("header .login-button");
andThen(() => {
assert.ok(exists('.login-modal'), "it shows the login modal");
});
// Test invalid password first
fillIn('#login-account-name', 'eviltrout');
fillIn('#login-account-password', 'incorrect');
click('.modal-footer .btn-primary');
andThen(() => {
assert.ok(exists('#modal-alert:visible'), 'it displays the login error');
assert.not(exists('.modal-footer .btn-primary:disabled'), "enables the login button");
});
// Use the correct password
fillIn('#login-account-password', 'correct');
click('.modal-footer .btn-primary');
andThen(() => {
assert.ok(exists('.modal-footer .btn-primary:disabled'), "disables the login button");
});
});
QUnit.test("sign in - not activated", assert => {
visit("/");
andThen(() => {
click("header .login-button");
andThen(() => {
assert.ok(exists('.login-modal'), "it shows the login modal");
});
fillIn('#login-account-name', 'eviltrout');
fillIn('#login-account-password', 'not-activated');
click('.modal-footer .btn-primary');
andThen(() => {
assert.equal(find('.modal-body b').text(), '<small>eviltrout@example.com</small>');
assert.ok(!exists('.modal-body small'), 'it escapes the email address');
});
click('.modal-footer button.resend');
andThen(() => {
assert.equal(find('.modal-body b').text(), '<small>current@example.com</small>');
assert.ok(!exists('.modal-body small'), 'it escapes the email address');
});
});
});
QUnit.test("sign in - not activated - edit email", assert => {
visit("/");
andThen(() => {
click("header .login-button");
andThen(() => {
assert.ok(exists('.login-modal'), "it shows the login modal");
});
fillIn('#login-account-name', 'eviltrout');
fillIn('#login-account-password', 'not-activated-edit');
click('.modal-footer .btn-primary');
click('.modal-footer button.edit-email');
andThen(() => {
assert.equal(find('.activate-new-email').val(), 'current@example.com');
assert.equal(find('.modal-footer .btn-primary:disabled').length, 1, "must change email");
});
fillIn('.activate-new-email', 'different@example.com');
andThen(() => {
assert.equal(find('.modal-footer .btn-primary:disabled').length, 0);
});
click(".modal-footer .btn-primary");
andThen(() => {
assert.equal(find('.modal-body b').text(), 'different@example.com');
});
});
});
QUnit.test("second factor", assert => {
visit("/");
click("header .login-button");
andThen(() => {
assert.ok(exists('.login-modal'), "it shows the login modal");
});
// Login with username and password only
fillIn('#login-account-name', 'eviltrout');
fillIn('#login-account-password', 'need-second-factor');
click('.modal-footer .btn-primary');
andThen(() => {
assert.not(exists('#modal-alert:visible'), 'it hides the login error');
assert.not(exists('#credentials:visible'), 'it hides the username and password prompt');
assert.ok(exists('#second-factor:visible'), 'it displays the second factor prompt');
assert.not(exists('.modal-footer .btn-primary:disabled'), "enables the login button");
});
// Login with username, password, and token
fillIn('#login-second-factor', '123456');
click('.modal-footer .btn-primary');
andThen(() => {
assert.ok(exists('.modal-footer .btn-primary:disabled'), "disables the login button");
});
});
QUnit.test("create account", assert => {
visit("/");
click("header .sign-up-button");
andThen(() => {
assert.ok(exists('.create-account'), "it shows the create account modal");
assert.ok(exists('.modal-footer .btn-primary:disabled'), 'create account is disabled at first');
});
fillIn('#new-account-name', 'Dr. Good Tuna');
fillIn('#new-account-password', 'cool password bro');
// Check username
fillIn('#new-account-email', 'good.tuna@test.com');
fillIn('#new-account-username', 'taken');
andThen(() => {
assert.ok(exists('#username-validation.bad'), 'the username validation is bad');
assert.ok(exists('.modal-footer .btn-primary:disabled'), 'create account is still disabled');
});
fillIn('#new-account-username', 'goodtuna');
andThen(() => {
assert.ok(exists('#username-validation.good'), 'the username validation is good');
assert.not(exists('.modal-footer .btn-primary:disabled'), 'create account is enabled');
});
click('.modal-footer .btn-primary');
andThen(() => {
assert.ok(exists('.modal-footer .btn-primary:disabled'), "create account is disabled");
});
});
View git blame Copy permalink