provvedo/wiregui
2
0
Fork 0
Code Issues Pull requests Projects Releases 6 Packages 1 Wiki Activity Actions
wiregui/tests/test_mfa.py
Stefano Bertelli a012635dff
Some checks failed
Dev / test (push) Failing after 7m41s
Details
Dev / docker (push) Has been skipped
Details
fix: remove unit tests redundant with e2e, fix test DB isolation 
Remove 7 test files fully covered by e2e tests (admin, account, models,
API routes, integration MFA/OIDC, notifications). Trim 5 more files to
keep only edge cases not reachable via e2e.

Fix conftest to replace wiregui.db engine/session at import time so all
code uses the test database. Use session-scoped tables with per-test
savepoint isolation to prevent data leaking between tests.
2026-03-31 21:27:46 -05:00

73 lines
1.9 KiB
Python
Raw Blame History

"""Tests for TOTP MFA — URI format, edge cases, QR generation, DB relationships."""
import pyotp
from wiregui.auth.mfa import (
generate_totp_qr_svg,
generate_totp_secret,
get_totp_uri,
verify_totp_code,
)
from wiregui.models.mfa_method import MFAMethod
from wiregui.models.user import User
# --- TOTP URI format ---
def test_get_totp_uri():
uri = get_totp_uri("JBSWY3DPEHPK3PXP", "user@example.com")
assert uri.startswith("otpauth://totp/")
assert "user%40example.com" in uri or "user@example.com" in uri
assert "secret=JBSWY3DPEHPK3PXP" in uri
assert "issuer=WireGUI" in uri
def test_get_totp_uri_custom_issuer():
uri = get_totp_uri("SECRET", "test@test.com", issuer="MyVPN")
assert "issuer=MyVPN" in uri
# --- TOTP verification edge cases ---
def test_verify_wrong_secret():
secret1 = generate_totp_secret()
secret2 = generate_totp_secret()
code = pyotp.TOTP(secret1).now()
assert verify_totp_code(secret2, code) is False
def test_verify_empty_code():
secret = generate_totp_secret()
assert verify_totp_code(secret, "") is False
# --- QR code generation ---
def test_generate_qr_svg():
uri = get_totp_uri("SECRET", "test@test.com")
svg = generate_totp_qr_svg(uri)
assert "<svg" in svg
assert "</svg>" in svg
# --- MFA method DB relationships ---
async def test_user_multiple_mfa_methods(session):
user = User(email="multi-mfa@example.com")
session.add(user)
await session.flush()
m1 = MFAMethod(name="Phone", type="totp", payload={"secret": generate_totp_secret()}, user_id=user.id)
m2 = MFAMethod(name="Backup", type="totp", payload={"secret": generate_totp_secret()}, user_id=user.id)
session.add_all([m1, m2])
await session.flush()
from sqlmodel import select, func
count = (await session.execute(
select(func.count()).select_from(MFAMethod).where(MFAMethod.user_id == user.id)
)).scalar()
assert count == 2
Reference in a new issue View git blame Copy permalink