1
0
mirror of https://github.com/BookStackApp/BookStack.git synced 2024-11-22 19:02:31 +01:00

Merge branch 'totp-patch' into development

This commit is contained in:
Dan Brown 2024-03-10 18:32:02 +00:00
commit c9d9ad10f2
No known key found for this signature in database
GPG Key ID: 46D9F943C24A2EF9
3 changed files with 22 additions and 2 deletions

View File

@ -2,10 +2,11 @@
<p class="small mb-m">{{ trans('auth.mfa_verify_backup_code_desc') }}</p>
<form action="{{ url('/mfa/backup_codes/verify') }}" method="post">
<form action="{{ url('/mfa/backup_codes/verify') }}" method="post" autocomplete="off">
{{ csrf_field() }}
<input type="text"
name="code"
autocomplete="one-time-code"
placeholder="{{ trans('auth.mfa_verify_backup_code_enter_here') }}"
class="input-fill-width {{ $errors->has('code') ? 'neg' : '' }}">
@if($errors->has('code'))

View File

@ -2,10 +2,11 @@
<p class="small mb-m">{{ trans('auth.mfa_verify_totp_desc') }}</p>
<form action="{{ url('/mfa/totp/verify') }}" method="post">
<form action="{{ url('/mfa/totp/verify') }}" method="post" autocomplete="off">
{{ csrf_field() }}
<input type="text"
name="code"
autocomplete="one-time-code"
autofocus
placeholder="{{ trans('auth.mfa_gen_totp_provide_code_here') }}"
class="input-fill-width {{ $errors->has('code') ? 'neg' : '' }}">

View File

@ -57,6 +57,15 @@ class MfaVerificationTest extends TestCase
$this->assertNull(auth()->user());
}
public function test_totp_form_has_autofill_configured()
{
[$user, $secret, $loginResp] = $this->startTotpLogin();
$html = $this->withHtml($this->get('/mfa/verify'));
$html->assertElementExists('form[autocomplete="off"][action$="/verify"]');
$html->assertElementExists('input[autocomplete="one-time-code"][name="code"]');
}
public function test_backup_code_verification()
{
[$user, $codes, $loginResp] = $this->startBackupCodeLogin();
@ -138,6 +147,15 @@ class MfaVerificationTest extends TestCase
$resp->assertSeeText('You have less than 5 backup codes remaining, Please generate and store a new set before you run out of codes to prevent being locked out of your account.');
}
public function test_backup_code_form_has_autofill_configured()
{
[$user, $codes, $loginResp] = $this->startBackupCodeLogin();
$html = $this->withHtml($this->get('/mfa/verify'));
$html->assertElementExists('form[autocomplete="off"][action$="/verify"]');
$html->assertElementExists('input[autocomplete="one-time-code"][name="code"]');
}
public function test_both_mfa_options_available_if_set_on_profile()
{
$user = $this->users->editor();