-
Notifications
You must be signed in to change notification settings - Fork 24
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #771 from numerique-gouv/add-totp-error-message
feat: display errored input when totp code is invalid
- Loading branch information
Showing
9 changed files
with
99 additions
and
11 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,7 +1,8 @@ | ||
INSERT INTO users | ||
(id, email, email_verified, email_verified_at, encrypted_password, created_at, updated_at, given_name, family_name, phone_number, job, force_2fa) | ||
VALUES | ||
(1, '[email protected]', true, CURRENT_TIMESTAMP, '$2a$10$kzY3LINL6..50Fy9shWCcuNlRfYq0ft5lS.KCcJ5PzrhlWfKK4NIO', CURRENT_TIMESTAMP, CURRENT_TIMESTAMP, 'Lion', 'El''Jonson', 'I', 'Primarque', false); | ||
(1, '[email protected]', true, CURRENT_TIMESTAMP, '$2a$10$kzY3LINL6..50Fy9shWCcuNlRfYq0ft5lS.KCcJ5PzrhlWfKK4NIO', CURRENT_TIMESTAMP, CURRENT_TIMESTAMP, 'Lion', 'El''Jonson', 'I', 'Primarque', false), | ||
(2, '[email protected]', true, CURRENT_TIMESTAMP, '$2a$10$kzY3LINL6..50Fy9shWCcuNlRfYq0ft5lS.KCcJ5PzrhlWfKK4NIO', CURRENT_TIMESTAMP, CURRENT_TIMESTAMP, 'Raphapha', 'Dubibi', '0123456789', 'Sbire', false); | ||
|
||
INSERT INTO organizations | ||
(id, siret, created_at, updated_at) | ||
|
@@ -11,4 +12,5 @@ VALUES | |
INSERT INTO users_organizations | ||
(user_id, organization_id, is_external, verification_type, has_been_greeted) | ||
VALUES | ||
(1, 1, false, 'verified_email_domain', true); | ||
(1, 1, false, 'verified_email_domain', true), | ||
(2, 1, false, 'verified_email_domain', true); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -12,6 +12,8 @@ describe("add 2fa authentication", () => { | |
.contains("Configurer un code à usage unique") | ||
.click(); | ||
|
||
cy.contains("Configurer une application d’authentification"); | ||
|
||
// Extract the code from the front to generate the TOTP key | ||
cy.get("#humanReadableTotpKey") | ||
.invoke("text") | ||
|
@@ -36,4 +38,21 @@ describe("add 2fa authentication", () => { | |
}, | ||
); | ||
}); | ||
|
||
it("should see an help link on third failed attempt", function () { | ||
cy.visit("/connection-and-account"); | ||
|
||
cy.login("[email protected]"); | ||
|
||
cy.get('[href="/authenticator-app-configuration"]') | ||
.contains("Configurer un code à usage unique") | ||
.click(); | ||
|
||
cy.get("[name=totpToken]").type("123456"); | ||
cy.get( | ||
'[action="/authenticator-app-configuration"] [type="submit"]', | ||
).click(); | ||
|
||
cy.contains("Code invalide."); | ||
}); | ||
}); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -19,6 +19,12 @@ VALUES | |
'Jean', 'Jean', '0123456789', 'Sbire', | ||
'kuOSXGk68H2B3pYnph0uyXAHrmpbWaWyX/iX49xVaUc=.VMPBZSO+eAng7mjS.cI2kRY9rwhXchcKiiaMZIg==', | ||
CURRENT_TIMESTAMP, true | ||
), | ||
(4, '[email protected]', true, CURRENT_TIMESTAMP, | ||
'$2a$10$kzY3LINL6..50Fy9shWCcuNlRfYq0ft5lS.KCcJ5PzrhlWfKK4NIO', CURRENT_TIMESTAMP, CURRENT_TIMESTAMP, | ||
'Jean', 'Jean', '0123456789', 'Sbire', | ||
'kuOSXGk68H2B3pYnph0uyXAHrmpbWaWyX/iX49xVaUc=.VMPBZSO+eAng7mjS.cI2kRY9rwhXchcKiiaMZIg==', | ||
CURRENT_TIMESTAMP, true | ||
); | ||
|
||
INSERT INTO organizations | ||
|
@@ -30,7 +36,9 @@ INSERT INTO users_organizations | |
(user_id, organization_id, is_external, verification_type, has_been_greeted) | ||
VALUES | ||
(1, 1, false, 'domain', true), | ||
(2, 1, false, 'domain', true); | ||
(2, 1, false, 'domain', true), | ||
(3, 1, false, 'domain', true), | ||
(4, 1, false, 'domain', true); | ||
|
||
INSERT INTO oidc_clients | ||
(client_name, client_id, client_secret, redirect_uris, | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -71,17 +71,28 @@ describe("sign-in with TOTP on untrusted browser", () => { | |
cy.contains('"amr": [\n "pwd",\n "totp",\n "mfa"\n ],'); | ||
}); | ||
|
||
it("should trigger totp rate limiting", function () { | ||
it("should display error message", function () { | ||
cy.visit("/users/start-sign-in"); | ||
|
||
cy.login("[email protected]"); | ||
|
||
cy.get("[name=totpToken]").type("123456"); | ||
cy.get( | ||
'[action="/users/2fa-sign-in-with-authenticator-app"] [type="submit"]', | ||
).click(); | ||
cy.contains("Code invalide."); | ||
}); | ||
|
||
it("should trigger totp rate limiting", function () { | ||
cy.visit("/users/start-sign-in"); | ||
|
||
cy.login("[email protected]"); | ||
|
||
for (let i = 0; i < 5; i++) { | ||
cy.get("[name=totpToken]").type("123456"); | ||
cy.get( | ||
'[action="/users/2fa-sign-in-with-authenticator-app"] [type="submit"]', | ||
).click(); | ||
cy.contains("le code que vous avez utilisé est invalide."); | ||
} | ||
|
||
cy.get("[name=totpToken]").type("123456"); | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters