liangxj/assistant-storefront
1
0
Fork 0
Code Issues Pull Requests Actions 3 Packages Projects Releases Wiki Activity
Files
4bd11c0ecca09038b3db37aabcb400e41b7273c5
assistant-storefront/spec/services/mfa/authentication_service_spec.rb
Liang XJ 092fb2e083
Some checks failed
Lock Threads / action (push) Has been cancelled
Details
Mark stale issues and pull requests / stale (push) Has been cancelled
Details
Publish Chatwoot EE docker images / build (linux/amd64, ubuntu-latest) (push) Has been cancelled
Details
Publish Chatwoot EE docker images / build (linux/arm64, ubuntu-22.04-arm) (push) Has been cancelled
Details
Publish Chatwoot EE docker images / merge (push) Has been cancelled
Details
Publish Chatwoot CE docker images / build (linux/amd64, ubuntu-latest) (push) Has been cancelled
Details
Publish Chatwoot CE docker images / build (linux/arm64, ubuntu-22.04-arm) (push) Has been cancelled
Details
Publish Chatwoot CE docker images / merge (push) Has been cancelled
Details
Run Chatwoot CE spec / lint-backend (push) Has been cancelled
Details
Run Chatwoot CE spec / lint-frontend (push) Has been cancelled
Details
Run Chatwoot CE spec / frontend-tests (push) Has been cancelled
Details
Run Chatwoot CE spec / backend-tests (0, 16) (push) Has been cancelled
Details
Run Chatwoot CE spec / backend-tests (1, 16) (push) Has been cancelled
Details
Run Chatwoot CE spec / backend-tests (10, 16) (push) Has been cancelled
Details
Run Chatwoot CE spec / backend-tests (11, 16) (push) Has been cancelled
Details
Run Chatwoot CE spec / backend-tests (12, 16) (push) Has been cancelled
Details
Run Chatwoot CE spec / backend-tests (13, 16) (push) Has been cancelled
Details
Run Chatwoot CE spec / backend-tests (14, 16) (push) Has been cancelled
Details
Run Chatwoot CE spec / backend-tests (15, 16) (push) Has been cancelled
Details
Run Chatwoot CE spec / backend-tests (2, 16) (push) Has been cancelled
Details
Run Chatwoot CE spec / backend-tests (3, 16) (push) Has been cancelled
Details
Run Chatwoot CE spec / backend-tests (4, 16) (push) Has been cancelled
Details
Run Chatwoot CE spec / backend-tests (5, 16) (push) Has been cancelled
Details
Run Chatwoot CE spec / backend-tests (6, 16) (push) Has been cancelled
Details
Run Chatwoot CE spec / backend-tests (7, 16) (push) Has been cancelled
Details
Run Chatwoot CE spec / backend-tests (8, 16) (push) Has been cancelled
Details
Run Chatwoot CE spec / backend-tests (9, 16) (push) Has been cancelled
Details
Run Linux nightly installer / nightly (push) Has been cancelled
Details
Initial commit: Add logistics and order_detail message types 
- Add Logistics component with progress tracking
- Add OrderDetail component for order information
- Support data-driven steps and actions
- Add blue color scale to widget SCSS
- Fix node overflow and progress bar rendering issues
- Add English translations for dashboard components

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
2026-01-26 11:16:56 +08:00

107 lines
3.1 KiB
Ruby
Raw Blame History

require 'rails_helper'
describe Mfa::AuthenticationService do
before do
skip('Skipping since MFA is not configured in this environment') unless Chatwoot.encryption_configured?
user.enable_two_factor!
user.update!(otp_required_for_login: true)
end
let(:user) { create(:user) }
describe '#authenticate' do
context 'with OTP code' do
context 'when OTP is valid' do
it 'returns true' do
valid_otp = user.current_otp
service = described_class.new(user: user, otp_code: valid_otp)
expect(service.authenticate).to be_truthy
end
end
context 'when OTP is invalid' do
it 'returns false' do
service = described_class.new(user: user, otp_code: '000000')
expect(service.authenticate).to be_falsey
end
end
context 'when OTP is nil' do
it 'returns false' do
service = described_class.new(user: user, otp_code: nil)
expect(service.authenticate).to be_falsey
end
end
end
context 'with backup code' do
let(:backup_codes) { user.generate_backup_codes! }
context 'when backup code is valid' do
it 'returns true and invalidates the code' do
valid_code = backup_codes.first
service = described_class.new(user: user, backup_code: valid_code)
expect(service.authenticate).to be_truthy
# Code should be invalidated after use
user.reload
expect(user.otp_backup_codes).to include('XXXXXXXX')
end
end
context 'when backup code is invalid' do
it 'returns false' do
service = described_class.new(user: user, backup_code: 'invalid')
expect(service.authenticate).to be_falsey
end
end
context 'when backup code has already been used' do
it 'returns false' do
valid_code = backup_codes.first
# Use the code once
service = described_class.new(user: user, backup_code: valid_code)
service.authenticate
# Try to use it again
service2 = described_class.new(user: user.reload, backup_code: valid_code)
expect(service2.authenticate).to be_falsey
end
end
end
context 'with neither OTP nor backup code' do
it 'returns false' do
service = described_class.new(user: user)
expect(service.authenticate).to be_falsey
end
end
context 'when user is nil' do
it 'returns false' do
service = described_class.new(user: nil, otp_code: '123456')
expect(service.authenticate).to be_falsey
end
end
context 'when both OTP and backup code are provided' do
it 'uses OTP authentication first' do
valid_otp = user.current_otp
backup_codes = user.generate_backup_codes!
service = described_class.new(
user: user,
otp_code: valid_otp,
backup_code: backup_codes.first
)
expect(service.authenticate).to be_truthy
# Backup code should not be consumed
user.reload
expect(user.otp_backup_codes).not_to include('XXXXXXXX')
end
end
end
end
Reference in New Issue View Git Blame Copy Permalink