IntenseFinance/firefly-iii
3
0
Fork 0
mirror of https://github.com/firefly-iii/firefly-iii.git synced 2024-11-28 19:54:00 -06:00
Code Issues Packages Projects Releases Wiki Activity

Refactor tests and code to handle new 2FA methods.

Browse Source
This commit is contained in:
James Cole 2019-08-04 10:27:37 +02:00
parent d3be043aa7
commit 62b5cf04ad
No known key found for this signature in database
GPG Key ID: C16961E655E74B5E
12 changed files with 12 additions and 662 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
app/Http/Controllers/Admin/UserController.php
View File

@ -125,16 +125,10 @@ class UserController extends Controller
$users = $this->repository->all(); $users = $this->repository->all();
// add meta stuff. // add meta stuff.
die('the 2FA references here should be refactored.');
$users->each( $users->each(
function (User $user) { function (User $user) {
$list = ['twoFactorAuthEnabled', 'twoFactorAuthSecret'];
$preferences = app('preferences')->getArrayForUser($user, $list);
$user->isAdmin = $this->repository->hasRole($user, 'owner'); $user->isAdmin = $this->repository->hasRole($user, 'owner');
$is2faEnabled = 1 === $preferences['twoFactorAuthEnabled']; $user->has2FA = null !== $user->mfa_secret;
$has2faSecret = null !== $preferences['twoFactorAuthSecret'];
$user->has2FA = ($is2faEnabled && $has2faSecret);
$user->prefs = $preferences;
} }
); );

64
app/Http/Controllers/Auth/TwoFactorController.php
View File

@ -39,6 +39,8 @@ class TwoFactorController extends Controller
{ {
/** /**
* @param Request $request * @param Request $request
*
* @return \Illuminate\Http\RedirectResponse|\Illuminate\Routing\Redirector
*/ */
public function submitMFA(Request $request) public function submitMFA(Request $request)
{ {
@ -119,40 +121,6 @@ class TwoFactorController extends Controller
Preferences::set('mfa_history', $newHistory); Preferences::set('mfa_history', $newHistory);
} }
/**
* Show 2FA screen.
*
* @param Request $request
*
* @return \Illuminate\Contracts\View\Factory|\Illuminate\Http\RedirectResponse|\Illuminate\Routing\Redirector|\Illuminate\View\View
*
* @throws FireflyException
* @SuppressWarnings(PHPMD.CyclomaticComplexity)
*/
public function index(Request $request)
{
die('this auth controller must be refactored.');
$user = auth()->user();
// to make sure the validator in the next step gets the secret, we push it in session
$secretPreference = app('preferences')->get('twoFactorAuthSecret', null);
$secret = null === $secretPreference ? null : $secretPreference->data;
$title = (string)trans('firefly.two_factor_title');
// make sure the user has two factor configured:
$has2FA = app('preferences')->get('twoFactorAuthEnabled', false)->data;
if (null === $has2FA || false === $has2FA) {
return redirect(route('index'));
}
if ('' === (string)$secret) {
throw new FireflyException('Your two factor authentication secret is empty, which it cannot be at this point. Please check the log files.');
}
$request->session()->flash('two-factor-secret', $secret);
return view('auth.two-factor', compact('user', 'title'));
}
/** /**
* What to do if 2FA lost? * What to do if 2FA lost?
* *
@ -174,34 +142,6 @@ class TwoFactorController extends Controller
return view('auth.lost-two-factor', compact('user', 'siteOwner', 'title')); return view('auth.lost-two-factor', compact('user', 'siteOwner', 'title'));
} }
/**
* Submit 2FA code.
*
* @param TokenFormRequest $request
* @param CookieJar $cookieJar
*
* @return mixed
*/
public function postIndex(TokenFormRequest $request, CookieJar $cookieJar)
{
// wants to remember session?
$remember = $request->session()->get('remember_login') ?? false;
$minutes = config('session.lifetime');
if (true === $remember) {
// set cookie with a long lifetime (30 days)
$minutes = 43200;
}
$cookie = $cookieJar->make(
'twoFactorAuthenticated', 'true', $minutes, config('session.path'), config('session.domain'), config('session.secure'), config('session.http_only')
);
// whatever the case, forget about it:
$request->session()->forget('remember_login');
return redirect(route('home'))->withCookie($cookie);
}
/** /**
* Each MFA history has a timestamp and a code, saving the MFA entries for 5 minutes. So if the * Each MFA history has a timestamp and a code, saving the MFA entries for 5 minutes. So if the
* submitted MFA code has been submitted in the last 5 minutes, it won't work despite being valid. * submitted MFA code has been submitted in the last 5 minutes, it won't work despite being valid.

90
app/Http/Middleware/AuthenticateTwoFactor.php
View File

@ -1,90 +0,0 @@
<?php
/**
* AuthenticateTwoFactor.php
* Copyright (c) 2017 thegrumpydictator@gmail.com
*
* This file is part of Firefly III.
*
* Firefly III is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Firefly III is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with Firefly III. If not, see <http://www.gnu.org/licenses/>.
*/
/** @noinspection PhpMethodParametersCountMismatchInspection */
declare(strict_types=1);
namespace FireflyIII\Http\Middleware;
use Closure;
use Illuminate\Contracts\Auth\Factory as Auth;
use Log;
/**
* Class AuthenticateTwoFactor.
*/
class AuthenticateTwoFactor
{
/**
* The authentication factory instance.
*
* @var \Illuminate\Contracts\Auth\Factory
*/
protected $auth;
/**
* Create a new middleware instance.
*
* @param \Illuminate\Contracts\Auth\Factory $auth
*
* @return void
*/
public function __construct(Auth $auth)
{
$this->auth = $auth;
}
/**
* Handle 2FA request.
*
* @param $request
* @param Closure $next
*
* @return \Illuminate\Http\RedirectResponse|\Illuminate\Routing\Redirector|mixed
* @throws \Psr\Container\NotFoundExceptionInterface
* @throws \Psr\Container\ContainerExceptionInterface
*
* @SuppressWarnings(PHPMD.CyclomaticComplexity)
*/
public function handle($request, Closure $next)
{
die('this middleware is deprecated.');
/** @noinspection PhpUndefinedMethodInspection */
if ($this->auth->guest()) {
return response()->redirectTo(route('login'));
}
$is2faEnabled = app('preferences')->get('twoFactorAuthEnabled', false)->data;
$has2faSecret = null !== app('preferences')->get('twoFactorAuthSecret');
/** @noinspection PhpUndefinedMethodInspection */
$is2faAuthed = 'true' === $request->cookie('twoFactorAuthenticated');
if ($is2faEnabled && $has2faSecret && !$is2faAuthed) {
Log::debug('Does not seem to be 2 factor authed, redirect.');
return response()->redirectTo(route('two-factor.index'));
}
return $next($request);
}
}

59
app/Http/Middleware/RedirectIfTwoFactorAuthenticated.php
View File

@ -1,59 +0,0 @@
<?php
/**
* RedirectIfTwoFactorAuthenticated.php
* Copyright (c) 2017 thegrumpydictator@gmail.com
*
* This file is part of Firefly III.
*
* Firefly III is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Firefly III is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with Firefly III. If not, see <http://www.gnu.org/licenses/>.
*/
declare(strict_types=1);
namespace FireflyIII\Http\Middleware;
use Closure;
use Illuminate\Support\Facades\Auth;
/**
* Class RedirectIfTwoFactorAuthenticated.
*/
class RedirectIfTwoFactorAuthenticated
{
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @param string|null $guard
*
* @return mixed
*
* @SuppressWarnings(PHPMD.CyclomaticComplexity)
*/
public function handle($request, Closure $next, $guard = null)
{
die('this middleware is deprecated.');
if (Auth::guard($guard)->check()) {
$is2faEnabled = app('preferences')->get('twoFactorAuthEnabled', false)->data;
$has2faSecret = null !== app('preferences')->get('twoFactorAuthSecret');
$is2faAuthed = 'true' === $request->cookie('twoFactorAuthenticated');
if ($is2faEnabled && $has2faSecret && $is2faAuthed) {
return response()->redirectTo(route('index'));
}
}
return $next($request);
}
}

23
app/Repositories/User/UserRepository.php
View File

@ -245,21 +245,14 @@ class UserRepository implements UserRepositoryInterface
$return = []; $return = [];
// two factor: // two factor:
die('this method references 2FA and must be refactored.'); $return['has_2fa'] = $user->mfa_secret !== null;
$is2faEnabled = app('preferences')->getForUser($user, 'twoFactorAuthEnabled', false)->data; $return['is_admin'] = $this->hasRole($user, 'owner');
$has2faSecret = null !== app('preferences')->getForUser($user, 'twoFactorAuthSecret'); $return['blocked'] = 1 === (int)$user->blocked;
$return['has_2fa'] = false; $return['blocked_code'] = $user->blocked_code;
if ($is2faEnabled && $has2faSecret) { $return['accounts'] = $user->accounts()->count();
$return['has_2fa'] = true; $return['journals'] = $user->transactionJournals()->count();
} $return['transactions'] = $user->transactions()->count();
$return['attachments'] = $user->attachments()->count();
$return['is_admin'] = $this->hasRole($user, 'owner');
$return['blocked'] = 1 === (int)$user->blocked;
$return['blocked_code'] = $user->blocked_code;
$return['accounts'] = $user->accounts()->count();
$return['journals'] = $user->transactionJournals()->count();
$return['transactions'] = $user->transactions()->count();
$return['attachments'] = $user->attachments()->count();
$return['attachments_size'] = $user->attachments()->sum('size'); $return['attachments_size'] = $user->attachments()->sum('size');
$return['bills'] = $user->bills()->count(); $return['bills'] = $user->bills()->count();
$return['categories'] = $user->categories()->count(); $return['categories'] = $user->categories()->count();

3
app/Validation/AccountValidator.php
View File

@ -162,9 +162,6 @@ class AccountValidator
case TransactionType::RECONCILIATION: case TransactionType::RECONCILIATION:
$result = $this->validateReconciliationSource($accountId); $result = $this->validateReconciliationSource($accountId);
break; break;
//case TransactionType::OPENING_BALANCE:
//case TransactionType::RECONCILIATION:
// die(sprintf('Cannot handle type "%s"', $this->transactionType));
} }
return $result; return $result;

9
tests/Feature/Controllers/Admin/UserControllerTest.php
View File

@ -102,19 +102,10 @@ class UserControllerTest extends TestCase
*/ */
public function testIndex(): void public function testIndex(): void
{ {
die('this test references old 2FA code.');
$repository = $this->mock(UserRepositoryInterface::class); $repository = $this->mock(UserRepositoryInterface::class);
$repository->shouldReceive('hasRole')->withArgs([Mockery::any(), 'owner'])->times(3)->andReturn(true); $repository->shouldReceive('hasRole')->withArgs([Mockery::any(), 'owner'])->times(3)->andReturn(true);
$user = $this->user(); $user = $this->user();
$repository->shouldReceive('all')->andReturn(new Collection([$user])); $repository->shouldReceive('all')->andReturn(new Collection([$user]));
Preferences::shouldReceive('getArrayForUser')->atLeast()->once()->andReturn(
[
'twoFactorAuthEnabled' => false,
'twoFactorAuthSecret' => null,
]
);
$this->mockDefaultSession(); $this->mockDefaultSession();
$this->be($user); $this->be($user);

96
tests/Feature/Controllers/Auth/TwoFactorControllerTest.php
View File

@ -42,114 +42,18 @@ class TwoFactorControllerTest extends TestCase
Log::info(sprintf('Now in %s.', get_class($this))); Log::info(sprintf('Now in %s.', get_class($this)));
} }
/**
* @covers \FireflyIII\Http\Controllers\Auth\TwoFactorController
*/
public function testIndex(): void
{
die('this test references old 2FA code.');
$this->mockDefaultConfiguration();
$this->be($this->user());
$truePref = new Preference;
$truePref->data = true;
$secretPreference = new Preference;
$secretPreference->data = 'JZMES376Z6YXY4QZ';
$langPreference = new Preference;
$langPreference->data = 'en_US';
Preferences::shouldReceive('get')->withArgs(['twoFactorAuthEnabled', false])->andReturn($truePref)->twice();
Preferences::shouldReceive('get')->withArgs(['twoFactorAuthSecret', null])->andReturn($secretPreference)->once();
Preferences::shouldReceive('get')->withArgs(['twoFactorAuthSecret'])->andReturn($secretPreference)->once();
Preferences::shouldReceive('get')->withArgs(['language', 'en_US'])->andReturn($langPreference);
$response = $this->get(route('two-factor.index'));
$response->assertStatus(200);
}
/**
* @covers \FireflyIII\Http\Controllers\Auth\TwoFactorController
*/
public function testIndexNo2FA(): void
{
die('this test references old 2FA code.');
$this->be($this->user());
$falsePreference = new Preference;
$falsePreference->data = false;
$langPreference = new Preference;
$langPreference->data = 'en_US';
Preferences::shouldReceive('get')->withArgs(['twoFactorAuthEnabled', false])->andReturn($falsePreference)->twice();
Preferences::shouldReceive('get')->withArgs(['twoFactorAuthSecret', null])->andReturn(null)->once();
Preferences::shouldReceive('get')->withArgs(['twoFactorAuthSecret'])->andReturn(null)->once();
Preferences::shouldReceive('get')->withArgs(['language', 'en_US'])->andReturn($langPreference);
$response = $this->get(route('two-factor.index'));
$response->assertStatus(302);
$response->assertRedirect(route('index'));
}
/**
* @covers \FireflyIII\Http\Controllers\Auth\TwoFactorController
*/
public function testIndexNoSecret(): void
{
die('this test references old 2FA code.');
$this->be($this->user());
$truePref = new Preference;
$truePref->data = true;
$secretPreference = new Preference;
$secretPreference->data = '';
$langPreference = new Preference;
$langPreference->data = 'en_US';
Preferences::shouldReceive('get')->withArgs(['twoFactorAuthEnabled', false])->andReturn($truePref)->twice();
Preferences::shouldReceive('get')->withArgs(['twoFactorAuthSecret', null])->andReturn($secretPreference)->once();
Preferences::shouldReceive('get')->withArgs(['twoFactorAuthSecret'])->andReturn($secretPreference)->once();
Preferences::shouldReceive('get')->withArgs(['language', 'en_US'])->andReturn($langPreference);
$response = $this->get(route('two-factor.index'));
$response->assertStatus(500);
}
/** /**
* @covers \FireflyIII\Http\Controllers\Auth\TwoFactorController * @covers \FireflyIII\Http\Controllers\Auth\TwoFactorController
*/ */
public function testLostTwoFactor(): void public function testLostTwoFactor(): void
{ {
die('this test references old 2FA code.');
$this->be($this->user()); $this->be($this->user());
$truePreference = new Preference;
$truePreference->data = true;
$secretPreference = new Preference;
$secretPreference->data = 'JZMES376Z6YXY4QZ';
$langPreference = new Preference; $langPreference = new Preference;
$langPreference->data = 'en_US'; $langPreference->data = 'en_US';
Preferences::shouldReceive('get')->withArgs(['twoFactorAuthEnabled', false])->andReturn($truePreference);
Preferences::shouldReceive('get')->withArgs(['twoFactorAuthSecret', null])->andReturn($secretPreference);
Preferences::shouldReceive('get')->withArgs(['twoFactorAuthSecret'])->andReturn($secretPreference);
Preferences::shouldReceive('get')->withArgs(['language', 'en_US'])->andReturn($langPreference); Preferences::shouldReceive('get')->withArgs(['language', 'en_US'])->andReturn($langPreference);
$response = $this->get(route('two-factor.lost')); $response = $this->get(route('two-factor.lost'));
$response->assertStatus(200); $response->assertStatus(200);
} }
/**
* @covers \FireflyIII\Http\Controllers\Auth\TwoFactorController
*/
public function testPostIndex(): void
{
$data = ['code' => '123456'];
Google2FA::shouldReceive('verifyKey')->andReturn(true)->once();
$this->session(['remember_login' => true]);
$this->be($this->user());
$response = $this->post(route('two-factor.post'), $data);
$response->assertStatus(302);
}
} }

27
tests/Feature/Controllers/ProfileControllerTest.php
View File

@ -167,14 +167,7 @@ class ProfileControllerTest extends TestCase
$this->mockDefaultSession(); $this->mockDefaultSession();
// mock stuff // mock stuff
$userRepos = $this->mock(UserRepositoryInterface::class); $userRepos = $this->mock(UserRepositoryInterface::class);
$userRepos->shouldReceive('hasRole')->withArgs([Mockery::any(), 'demo'])->atLeast()->once()->andReturn(false); $userRepos->shouldReceive('hasRole')->withArgs([Mockery::any(), 'demo'])->atLeast()->once()->andReturn(false);
die('the references in this test to 2FA preferences must be refactored.');
Preferences::shouldReceive('delete')->withArgs(['twoFactorAuthEnabled'])->atLeast()->once();
Preferences::shouldReceive('delete')->withArgs(['twoFactorAuthSecret'])->atLeast()->once();
$this->be($this->user()); $this->be($this->user());
$response = $this->get(route('profile.delete-code')); $response = $this->get(route('profile.delete-code'));
$response->assertStatus(302); $response->assertStatus(302);
@ -211,17 +204,6 @@ class ProfileControllerTest extends TestCase
$repository->shouldReceive('hasRole')->withArgs([Mockery::any(), 'demo'])->times(1)->andReturn(false); $repository->shouldReceive('hasRole')->withArgs([Mockery::any(), 'demo'])->times(1)->andReturn(false);
Preferences::shouldReceive('set')->once()->withArgs(['twoFactorAuthEnabled', 1]); Preferences::shouldReceive('set')->once()->withArgs(['twoFactorAuthEnabled', 1]);
//Preferences::shouldReceive('lastActivity')->once();
die('the references in this test to 2FA preferences must be refactored.');
$pref = new Preference;
$pref->data = false;
Preferences::shouldReceive('get')->withArgs(['twoFactorAuthEnabled', false])->atLeast()->once()->andReturn($pref);
$pref = new Preference;
$pref->data = 'super-secret';
Preferences::shouldReceive('get')->withArgs(['twoFactorAuthSecret'])->atLeast()->once()->andReturn($pref);
$view = new Preference; $view = new Preference;
$view->data = '1M'; $view->data = '1M';
@ -231,10 +213,6 @@ class ProfileControllerTest extends TestCase
$lang->data = 'en_US'; $lang->data = 'en_US';
Preferences::shouldReceive('get')->withArgs(['language', 'en_US'])->andReturn($lang)->atLeast()->once(); Preferences::shouldReceive('get')->withArgs(['language', 'en_US'])->andReturn($lang)->atLeast()->once();
// $pref = new Preference;
// $pref->data = 'EUR';
// Preferences::shouldReceive('getForUser')->withArgs([Mockery::any(), 'currencyPreference', 'EUR'])->atLeast()->once()->andReturn($pref);
$list = new Preference; $list = new Preference;
$list->data = 50; $list->data = 50;
Preferences::shouldReceive('get')->withArgs(['list-length', 10])->andReturn($list)->atLeast()->once(); Preferences::shouldReceive('get')->withArgs(['list-length', 10])->andReturn($list)->atLeast()->once();
@ -439,6 +417,7 @@ class ProfileControllerTest extends TestCase
*/ */
public function testPostCode(): void public function testPostCode(): void
{ {
$this->mock(UserRepositoryInterface::class);
Log::info(sprintf('Now in test %s.', __METHOD__)); Log::info(sprintf('Now in test %s.', __METHOD__));
$this->mockDefaultSession(); $this->mockDefaultSession();
@ -449,11 +428,7 @@ class ProfileControllerTest extends TestCase
$this->withoutMiddleware(); $this->withoutMiddleware();
$this->session(['two-factor-secret' => $secret]); $this->session(['two-factor-secret' => $secret]);
die('the references in this test to 2FA preferences must be refactored.');
Preferences::shouldReceive('set')->withArgs(['twoFactorAuthEnabled', 1])->once();
Preferences::shouldReceive('set')->withArgs(['twoFactorAuthSecret', $secret])->once();
Preferences::shouldReceive('mark')->once(); Preferences::shouldReceive('mark')->once();
Google2FA::shouldReceive('verifyKey')->withArgs([$secret, $key])->andReturn(true); Google2FA::shouldReceive('verifyKey')->withArgs([$secret, $key])->andReturn(true);
$data = [ $data = [

3
tests/TestCase.php
View File

@ -451,9 +451,6 @@ abstract class TestCase extends BaseTestCase
$list = new Preference; $list = new Preference;
$list->data = 50; $list->data = 50;
die('the references in this test to 2FA preferences must be refactored.');
Preferences::shouldReceive('get')->withArgs(['twoFactorAuthEnabled', false])->andReturn($false);
Preferences::shouldReceive('get')->withArgs(['twoFactorAuthSecret'])->andReturnNull();
Preferences::shouldReceive('get')->withArgs(['viewRange', Mockery::any()])->andReturn($view); Preferences::shouldReceive('get')->withArgs(['viewRange', Mockery::any()])->andReturn($view);
Preferences::shouldReceive('get')->withArgs(['language', 'en_US'])->andReturn($lang); Preferences::shouldReceive('get')->withArgs(['language', 'en_US'])->andReturn($lang);
Preferences::shouldReceive('get')->withArgs(['list-length', 10])->andReturn($list); Preferences::shouldReceive('get')->withArgs(['list-length', 10])->andReturn($list);

196
tests/Unit/Middleware/AuthenticateTwoFactorTest.php
View File

@ -1,196 +0,0 @@
<?php
/**
* AuthenticateTwoFactorTest.php
* Copyright (c) 2017 thegrumpydictator@gmail.com
*
* This file is part of Firefly III.
*
* Firefly III is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Firefly III is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with Firefly III. If not, see <http://www.gnu.org/licenses/>.
*/
declare(strict_types=1);
namespace Tests\Unit\Middleware;
use FireflyIII\Http\Middleware\AuthenticateTwoFactor;
use FireflyIII\Models\Preference;
use Log;
use Preferences;
use Route;
use Symfony\Component\HttpFoundation\Response;
use Tests\TestCase;
/**
* Class AuthenticateTwoFactorTest
*/
class AuthenticateTwoFactorTest extends TestCase
{
/**
* Set up test
*/
public function setUp(): void
{
parent::setUp();
Log::info(sprintf('Now in %s.', get_class($this)));
Route::middleware(AuthenticateTwoFactor::class)->any(
'/_test/authenticate', function () {
return 'OK';
}
);
}
/**
* @covers \FireflyIII\Http\Middleware\AuthenticateTwoFactor
*/
public function testMiddleware(): void
{
$this->withoutExceptionHandling();
$response = $this->get('/_test/authenticate');
$this->assertEquals(Response::HTTP_FOUND, $response->getStatusCode());
$response->assertRedirect(route('login'));
}
/**
* tests for user with no 2FA, should just go to requested page.
*
* 2FA enabled: false
* 2FA secret : false
* cookie : false
*
*
* @covers \FireflyIII\Http\Middleware\AuthenticateTwoFactor
*/
public function testMiddlewareNoTwoFA(): void
{
die('this test references old 2FA code.');
$this->withoutExceptionHandling();
$user = $this->user();
$user->blocked = 0;
$this->be($user);
// pref for has 2fa is false
$preference = new Preference;
$preference->data = false;
Preferences::shouldReceive('get')->withArgs(['twoFactorAuthEnabled', false])->once()->andReturn($preference);
// pref for no twoFactorAuthSecret
Preferences::shouldReceive('get')->withArgs(['twoFactorAuthSecret'])->once()->andReturn(null);
// no cookie
$cookie = [];
$response = $this->call('GET', '/_test/authenticate', [], $cookie);
$this->assertEquals(Response::HTTP_OK, $response->getStatusCode());
}
/**
* tests for user with 2FA and secret and cookie. Continue to page.
*
* 2FA enabled: true
* 2FA secret : 'abcde'
* cookie : false
*
*
* @covers \FireflyIII\Http\Middleware\AuthenticateTwoFactor
*/
public function testMiddlewareTwoFAAuthed(): void
{
die('this test references old 2FA code.');
$this->withoutExceptionHandling();
$user = $this->user();
$user->blocked = 0;
$this->be($user);
// pref for has 2fa is true
$preference = new Preference;
$preference->data = true;
Preferences::shouldReceive('get')->withArgs(['twoFactorAuthEnabled', false])->once()->andReturn($preference);
// pref for twoFactorAuthSecret
$secret = new Preference;
$secret->data = 'SomeSecret';
Preferences::shouldReceive('get')->withArgs(['twoFactorAuthSecret'])->once()->andReturn($secret);
// no cookie
$cookie = ['twoFactorAuthenticated' => 'true'];
$response = $this->call('GET', '/_test/authenticate', [], $cookie);
$this->assertEquals(Response::HTTP_OK, $response->getStatusCode());
}
/**
* tests for user with 2FA but no secret. 2FA is not fired.
*
* 2FA enabled: true
* 2FA secret : false
* cookie : false
*
*
* @covers \FireflyIII\Http\Middleware\AuthenticateTwoFactor
*/
public function testMiddlewareTwoFANoSecret(): void
{
die('this test references old 2FA code.');
$this->withoutExceptionHandling();
$user = $this->user();
$user->blocked = 0;
$this->be($user);
// pref for has 2fa is true
$preference = new Preference;
$preference->data = true;
Preferences::shouldReceive('get')->withArgs(['twoFactorAuthEnabled', false])->once()->andReturn($preference);
// pref for no twoFactorAuthSecret
Preferences::shouldReceive('get')->withArgs(['twoFactorAuthSecret'])->once()->andReturn(null);
// no cookie
$cookie = [];
$response = $this->call('GET', '/_test/authenticate', [], $cookie);
$this->assertEquals(Response::HTTP_OK, $response->getStatusCode());
}
/**
* tests for user with 2FA and secret. 2FA is checked
*
* 2FA enabled: true
* 2FA secret : 'abcde'
* cookie : false
*
*
* @covers \FireflyIII\Http\Middleware\AuthenticateTwoFactor
*/
public function testMiddlewareTwoFASecret(): void
{
die('this test references old 2FA code.');
$this->withoutExceptionHandling();
$user = $this->user();
$user->blocked = 0;
$this->be($user);
// pref for has 2fa is true
$preference = new Preference;
$preference->data = true;
Preferences::shouldReceive('get')->withArgs(['twoFactorAuthEnabled', false])->once()->andReturn($preference);
// pref for twoFactorAuthSecret
$secret = new Preference;
$secret->data = 'SomeSecret';
Preferences::shouldReceive('get')->withArgs(['twoFactorAuthSecret'])->once()->andReturn($secret);
// no cookie
$cookie = [];
$response = $this->call('GET', '/_test/authenticate', [], $cookie);
$this->assertEquals(Response::HTTP_FOUND, $response->getStatusCode());
$response->assertRedirect(route('two-factor.index'));
}
}

96
tests/Unit/Middleware/RedirectIf2FAAuthenticatedTest.php
View File

@ -1,96 +0,0 @@
<?php
/**
* RedirectIf2FAAuthenticatedTest.php
* Copyright (c) 2017 thegrumpydictator@gmail.com
*
* This file is part of Firefly III.
*
* Firefly III is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Firefly III is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with Firefly III. If not, see <http://www.gnu.org/licenses/>.
*/
declare(strict_types=1);
namespace Tests\Unit\Middleware;
use FireflyIII\Http\Middleware\RedirectIfTwoFactorAuthenticated;
use FireflyIII\Models\Preference;
use Log;
use Preferences;
use Route;
use Symfony\Component\HttpFoundation\Response;
use Tests\TestCase;
/**
* Class RedirectIf2FAAuthenticatedTest
*/
class RedirectIf2FAAuthenticatedTest extends TestCase
{
/**
* Set up test
*/
public function setUp(): void
{
parent::setUp();
Log::info(sprintf('Now in %s.', get_class($this)));
Route::middleware(RedirectIfTwoFactorAuthenticated::class)->any(
'/_test/authenticate', function () {
return 'OK';
}
);
}
/**
* @covers \FireflyIII\Http\Middleware\RedirectIfTwoFactorAuthenticated
*/
public function testMiddleware(): void
{
$response = $this->get('/_test/authenticate');
$this->assertEquals(Response::HTTP_OK, $response->getStatusCode());
}
/**
* @covers \FireflyIII\Http\Middleware\RedirectIfTwoFactorAuthenticated
*/
public function testMiddlewareAuthenticated(): void
{
die('this test references old 2FA code.');
// pref for has 2fa is true
$preference = new Preference;
$preference->data = true;
Preferences::shouldReceive('get')->withArgs(['twoFactorAuthEnabled', false])->once()->andReturn($preference);
// pref for twoFactorAuthSecret
$secret = new Preference;
$secret->data = 'SomeSecret';
Preferences::shouldReceive('get')->withArgs(['twoFactorAuthSecret'])->once()->andReturn($secret);
// no cookie
$cookie = ['twoFactorAuthenticated' => 'true'];
$this->be($this->user());
$response = $this->call('GET', '/_test/authenticate', [], $cookie);
$this->assertEquals(Response::HTTP_FOUND, $response->getStatusCode());
$response->assertRedirect(route('index'));
}
/**
* @covers \FireflyIII\Http\Middleware\RedirectIfTwoFactorAuthenticated
*/
public function testMiddlewareLightAuth(): void
{
$this->be($this->user());
$response = $this->get('/_test/authenticate');
$this->assertEquals(Response::HTTP_OK, $response->getStatusCode());
}
}