mirror of https://github.com/go-gitea/gitea.git
You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
55 lines
1.3 KiB
55 lines
1.3 KiB
// Copyright 2023 The Gitea Authors. All rights reserved. |
|
// SPDX-License-Identifier: MIT |
|
|
|
package integration |
|
|
|
import ( |
|
"net/http" |
|
"testing" |
|
"time" |
|
|
|
auth_model "code.gitea.io/gitea/models/auth" |
|
"code.gitea.io/gitea/models/db" |
|
"code.gitea.io/gitea/models/unittest" |
|
user_model "code.gitea.io/gitea/models/user" |
|
"code.gitea.io/gitea/tests" |
|
|
|
"github.com/pquerna/otp/totp" |
|
"github.com/stretchr/testify/assert" |
|
) |
|
|
|
func TestAPITwoFactor(t *testing.T) { |
|
defer tests.PrepareTestEnv(t)() |
|
|
|
user := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 16}) |
|
|
|
req := NewRequest(t, "GET", "/api/v1/user"). |
|
AddBasicAuth(user.Name) |
|
MakeRequest(t, req, http.StatusOK) |
|
|
|
otpKey, err := totp.Generate(totp.GenerateOpts{ |
|
SecretSize: 40, |
|
Issuer: "gitea-test", |
|
AccountName: user.Name, |
|
}) |
|
assert.NoError(t, err) |
|
|
|
tfa := &auth_model.TwoFactor{ |
|
UID: user.ID, |
|
} |
|
assert.NoError(t, tfa.SetSecret(otpKey.Secret())) |
|
|
|
assert.NoError(t, auth_model.NewTwoFactor(db.DefaultContext, tfa)) |
|
|
|
req = NewRequest(t, "GET", "/api/v1/user"). |
|
AddBasicAuth(user.Name) |
|
MakeRequest(t, req, http.StatusUnauthorized) |
|
|
|
passcode, err := totp.GenerateCode(otpKey.Secret(), time.Now()) |
|
assert.NoError(t, err) |
|
|
|
req = NewRequest(t, "GET", "/api/v1/user"). |
|
AddBasicAuth(user.Name) |
|
req.Header.Set("X-Gitea-OTP", passcode) |
|
MakeRequest(t, req, http.StatusOK) |
|
}
|
|
|