1 # Pleroma: A lightweight social networking server
2 # Copyright © 2017-2022 Pleroma Authors <https://pleroma.social/>
3 # SPDX-License-Identifier: AGPL-3.0-only
5 defmodule Pleroma.MFATest do
6 use Pleroma.DataCase, async: true
11 describe "mfa_settings" do
12 test "returns settings user's" do
15 multi_factor_authentication_settings: %MFA.Settings{
17 totp: %MFA.Settings.TOTP{secret: "xx", confirmed: true}
21 settings = MFA.mfa_settings(user)
22 assert match?(^settings, %{enabled: true, totp: true})
26 describe "generate backup codes" do
27 test "returns backup codes" do
30 {:ok, [code1, code2]} = MFA.generate_backup_codes(user)
31 updated_user = refresh_record(user)
32 [hash1, hash2] = updated_user.multi_factor_authentication_settings.backup_codes
33 assert Pleroma.Password.Pbkdf2.verify_pass(code1, hash1)
34 assert Pleroma.Password.Pbkdf2.verify_pass(code2, hash2)
38 describe "invalidate_backup_code" do
39 test "invalid used code" do
42 {:ok, _} = MFA.generate_backup_codes(user)
43 user = refresh_record(user)
44 assert length(user.multi_factor_authentication_settings.backup_codes) == 2
45 [hash_code | _] = user.multi_factor_authentication_settings.backup_codes
47 {:ok, user} = MFA.invalidate_backup_code(user, hash_code)
49 assert length(user.multi_factor_authentication_settings.backup_codes) == 1