o Lf1@s2ddlmZmZddlZddlmZddlmZddlm Z ddl m Z ddl Z ddl mZddlmZdd lmZdd lmZdd lmZdd lmZe jd dddZddZddZddZddZddZ ddZ!ddZ"dd Z#d!d"Z$d#d$Z%d%d&Z&d'd(Z'd)d*Z(d+d,Z)d-d.Z*d/d0Z+dS)1)ANYpatchN)settings)cache)Client)reverse)assertFormError)"AUTHENTICATION_METHODS_SESSION_KEY) EmailAddress) app_settings) get_adapter) Authenticatorurl_name)mfa_activate_totp mfa_indexmfa_deactivate_totpcCs6|t|}|jdksJ|dtdsJdS)N.location account_login)getr status_code startswith)clientrrespr]/var/www/html/humari/django-venv/lib/python3.10/site-packages/allauth/mfa/tests/test_views.pytest_login_required_viewss rcCsn||td}|tdddi}Wdn1swY|jdjdtjdgiks5JdS)Nrcode123formincorrect_code)rrpostcontexterrorsr error_messages) auth_clientreauthentication_bypassrrrr&test_activate_totp_with_incorrect_code!s r'c Cstjj|djdd|,|td}||tdddi}Wdn1s.wYWdn1s=wY|jdjdt j dgiksSJdS) N)userF)verifiedrrrrunverified_email) r objectsfilterupdaterrr!r"r#r r$)r%r(totp_validation_bypassr&rrrr(test_activate_totp_with_unverified_email/s r/c Csd|_|,|td}||tdddi}Wdn1s&wYWdn1s5wY|dtdksDJtjj|tjjd sRJtjj|tjj d s`Jt |dkshJd |d j vsqJd |d j vszJdS) NTrrrrmfa_view_recovery_codesr(typezAuthenticator App ActivatedrzAuthenticator app activated.)ACCOUNT_EMAIL_NOTIFICATIONSrrr!r r+r,TypeTOTPexistsRECOVERY_CODESlensubjectbody)r%r.r(r&r mailoutboxrrrrtest_activate_totp_successAs4 r=cCs |td}d|jvsJdS)Nrauthenticators)rrr"r%user_with_totprrrr test_index_rAcCsd|_|td}|jdksJ|dtdsJ||dd|i}|jdks-J|td}|jdks;J|dtdksEJt|dksMJd |d jvsVJd |d jvs_JdS) NTrrraccount_reauthenticatepasswordrr3zAuthenticator App DeactivatedrzAuthenticator app deactivated.) r4rrrrr!r9r:r;)r%r@ user_passwordrr<rrrrtest_deactivate_totp_successdsrFcCs |td}|jdksJdS)Nrirrr)r%rrrr&test_user_without_totp_deactivate_totpurBrHcCsZ||td}Wdn1swY|jdks!J|dtdks+JdS)NrrrrrG)r%r@r&rrrr!test_user_with_totp_activate_totpzs rIcCs|td|j|d}|jdksJ|dtdksJ|td}|jdjjs-J|tdddi}|jd jdt j d giksHJ||tdddi}Wdn1s`wY|jdkslJ|dt j ksuJ|j td t|jd d tttjjdgksJdS)NrloginrDrrmfa_authenticaterequestrrrr rDmethodatusernamemfarOrPidr2)r!rrQrrr"r( is_anonymousr#r r$rLOGIN_REDIRECT_URLsessionr rr r5r6)rr@rEr.rrrrtest_totp_logins0    rXcCsh|td}|dtdsJ||dd|i}|jdks#J||d}|ddks2JdS)Nmfa_download_recovery_codesrrCrDrzcontent-dispositionz)attachment; filename="recovery-codes.txt")rrrr!rr%user_with_recovery_codesrErrrrtest_download_recovery_codess r\cCsp|td}|dtdsJ||dd|i}|jdks#J||d}t|jdtjks6JdS)Nr0rrCrDr unused_codes) rrrr!rr9r"r RECOVERY_CODE_COUNTrZrrrtest_view_recovery_codess r_cCsd|_tjj|tjjd}|d}|td}|d tds'J| |dd|i}|j dks8J| |d}|dtd ksIJtjj|tjjd}| |r\Jt |d ksdJd |djvsmJd |djvsvJdS) NTr1rmfa_generate_recovery_codesrrCrDrr0r3zNew Recovery Codes Generatedz A new set of)r4r r+rr5r8wrapget_unused_codesrrr!r validate_coder9r:r;)r%r[rErr<rc prev_coderrrrtest_generate_recovery_codess, rfcCs|td|j|d}|jdksJ|dtdksJ|td}|jdjjs-J|tdddi}|jd jdt j d giksHJt j j|t j jd }|tdd|d i}|jdksiJ|dtjksrJ|jtd t|jddttt j jdgksJdS)NrrJrrrLrMrrrr r1rrDrNrRrS)r!rrQrrr"r(rUr#r r$r r+r5r8rarbrrVrWr r)rr@r[rErrdrrrtest_recovery_codes_logins:    rgcCsB|tdddd}|jdksJ|jdjddgiksJdS) N account_emailzchange-to@this.org) action_addemailrrkzUYou cannot add an email address to an account protected by two-factor authentication.)r!rrr"r#r?rrrtest_add_email_not_alloweds rmcCsd|_|td|j|d}|jdksJ|dtdks JtdD].}|dk}|tddd i}tjd krGt|j d d|rCd nd q$t|d d|rOd nd q$dS)NrrJrrrLrwrong)r3rz0Too many failed login attempts. Try again later.zIncorrect code.) ACCOUNT_LOGIN_ATTEMPTS_LIMITr!rrQrrangedjangoVERSIONrr")r enable_cacher@rErri is_lockedrrrtest_totp_login_rate_limits>   rycCstdm}d|_|td}|jdksJ|dtds!J||dd|i}|jdks2J|td}|jdjd t j d giksJJ|td}|jd ksXJ|jdjd t j d giksiJWddS1stwYdS) Nz>allauth.mfa.adapter.DefaultMFAAdapter.can_delete_authenticatorFrrrrCrDr__all__cannot_delete_authenticatorrl) r return_valuerrrrr!r"r#r r$)r%r@rEcda_mockrrrrtest_cannot_deactivate_totps(    "r~c CsdD]s\}}}|r tt}|td|j|d}|jdks#J|dtdks-J||tdd|i}Wdn1sEwY|r]|jdksSJ|dtjks\Jq|jdksdJ|j d j dt j d giksuJqdS) N))rFTrFF)456FTr)rTTrrJrrrLrrlrr ) rclearrr!rrQrrrVr"r#r r$) r@rEr.rvr time_lapseexpect_successrrrrrtest_totp_code_reuse4s0    r), unittest.mockrrrt django.confrdjango.core.cacher django.testr django.urlsrpytestpytest_django.assertsrallauth.account.authenticationr allauth.account.modelsr allauth.mfar allauth.mfa.adapterr allauth.mfa.modelsr mark parametrizerr'r/r=rArFrHrIrXr\r_rfrgrmryr~rrrrrsD              # %