test: move the 2fa tests into profile

2021-06-05 10:37:11 -07:00
parent 9e34a95732
commit 9c49ca5d2e
3 changed files with 299 additions and 463 deletions
--- a/src/routes/test/profile-test.js
+++ b/src/routes/test/profile-test.js
@@ -8,11 +8,12 @@

 const common = require('./common.js'),
    expect = require('expect.js'),
+    speakeasy = require('speakeasy'),
    superagent = require('superagent'),
    tokens = require('../../tokens.js');

 describe('Profile API', function () {
-    const { setup, cleanup, serverUrl, owner } = common;
+    const { setup, cleanup, serverUrl, owner, user } = common;

    before(setup);
    after(cleanup);
@@ -189,4 +190,71 @@ describe('Profile API', function () {
            expect(response.statusCode).to.equal(204);
        });
    });
+
+    describe('2fa login', function () {
+        let secret;
+
+        it('can get secret', async function () {
+            const response = await superagent.post(`${serverUrl}/api/v1/profile/twofactorauthentication_secret`)
+                .query({ access_token: user.token });
+
+            secret = response.body.secret;
+        });
+
+        it('can enable 2fa', async function () {
+            const totpToken = speakeasy.totp({
+                secret: secret,
+                encoding: 'base32'
+            });
+
+            await superagent.post(`${serverUrl}/api/v1/profile/twofactorauthentication_enable`)
+                .query({ access_token: user.token })
+                .send({ totpToken: totpToken });
+        });
+
+        it('fails due to missing token', async function () {
+            const response = await superagent.post(`${serverUrl}/api/v1/cloudron/login`)
+                .send({ username: user.username, password: user.password })
+                .ok(() => true);
+
+            expect(response.statusCode).to.equal(401);
+        });
+
+        it('fails due to wrong token', async function () {
+            const response = await superagent.post(`${serverUrl}/api/v1/cloudron/login`)
+                .send({ username: user.username, password: user.password, totpToken: '12345' })
+                .ok(() => true);
+
+            expect(response.statusCode).to.equal(401);
+        });
+
+        it('succeeds', async function () {
+            const totpToken = speakeasy.totp({
+                secret: secret,
+                encoding: 'base32'
+            });
+
+            const response = await superagent.post(`${serverUrl}/api/v1/cloudron/login`)
+                .send({ username: user.username, password: user.password, totpToken: totpToken });
+
+            expect(response.statusCode).to.equal(200);
+            expect(response.body).to.be.an(Object);
+            expect(response.body.accessToken).to.be.a('string');
+        });
+
+        it('can disable 2fa', async function () {
+            await superagent.post(`${serverUrl}/api/v1/profile/twofactorauthentication_disable`)
+                .query({ access_token: user.token })
+                .send({ password: user.password });
+        });
+
+        it('did disable 2fa', async function () {
+            const response = await superagent.post(`${serverUrl}/api/v1/cloudron/login`)
+                .send({ username: user.username, password: user.password });
+
+            expect(response.statusCode).to.equal(200);
+            expect(response.body).to.be.an(Object);
+            expect(response.body.accessToken).to.be.a('string');
+        });
+    });
 });