github-mirror/BookStack
2
0
Fork 0
mirror of https://github.com/BookStackApp/BookStack.git synced 2024-11-22 12:11:51 +08:00
Code Issues Actions Packages Projects Releases Wiki Activity

MFA: Copied autocomplete changes from totp to backup codes

Browse Source 
Also added tests to cover.
Related to #4849
This commit is contained in:
Dan Brown 2024-03-10 18:31:01 +00:00
parent bc24a1360f
commit d5a689366c
No known key found for this signature in database
GPG Key ID: 46D9F943C24A2EF9
2 changed files with 20 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
resources/views/mfa/parts/verify-backup_codes.blade.php
View File

@ -2,10 +2,11 @@
<p class="small mb-m">{{ trans('auth.mfa_verify_backup_code_desc') }}</p> <p class="small mb-m">{{ trans('auth.mfa_verify_backup_code_desc') }}</p>
<form action="{{ url('/mfa/backup_codes/verify') }}" method="post"> <form action="{{ url('/mfa/backup_codes/verify') }}" method="post" autocomplete="off">
{{ csrf_field() }} {{ csrf_field() }}
<input type="text" <input type="text"
name="code" name="code"
autocomplete="one-time-code"
placeholder="{{ trans('auth.mfa_verify_backup_code_enter_here') }}" placeholder="{{ trans('auth.mfa_verify_backup_code_enter_here') }}"
class="input-fill-width {{ $errors->has('code') ? 'neg' : '' }}"> class="input-fill-width {{ $errors->has('code') ? 'neg' : '' }}">
@if($errors->has('code')) @if($errors->has('code'))

18
tests/Auth/MfaVerificationTest.php
View File

@ -57,6 +57,15 @@ class MfaVerificationTest extends TestCase
$this->assertNull(auth()->user()); $this->assertNull(auth()->user());
} }
public function test_totp_form_has_autofill_configured()
{
[$user, $secret, $loginResp] = $this->startTotpLogin();
$html = $this->withHtml($this->get('/mfa/verify'));
$html->assertElementExists('form[autocomplete="off"][action$="/verify"]');
$html->assertElementExists('input[autocomplete="one-time-code"][name="code"]');
}
public function test_backup_code_verification() public function test_backup_code_verification()
{ {
[$user, $codes, $loginResp] = $this->startBackupCodeLogin(); [$user, $codes, $loginResp] = $this->startBackupCodeLogin();
@ -138,6 +147,15 @@ class MfaVerificationTest extends TestCase
$resp->assertSeeText('You have less than 5 backup codes remaining, Please generate and store a new set before you run out of codes to prevent being locked out of your account.'); $resp->assertSeeText('You have less than 5 backup codes remaining, Please generate and store a new set before you run out of codes to prevent being locked out of your account.');
} }
public function test_backup_code_form_has_autofill_configured()
{
[$user, $codes, $loginResp] = $this->startBackupCodeLogin();
$html = $this->withHtml($this->get('/mfa/verify'));
$html->assertElementExists('form[autocomplete="off"][action$="/verify"]');
$html->assertElementExists('input[autocomplete="one-time-code"][name="code"]');
}
public function test_both_mfa_options_available_if_set_on_profile() public function test_both_mfa_options_available_if_set_on_profile()
{ {
$user = $this->users->editor(); $user = $this->users->editor();