extern/2FAuth
1
0
Fork 0
mirror of https://github.com/Bubka/2FAuth.git synced 2025-01-27 00:28:45 +01:00
Code Issues Packages Projects Releases Wiki Activity

Target db tables using config helper rather than hard coded strings

Browse Source
This commit is contained in:
Bubka 2024-01-26 18:16:55 +01:00
parent 8b397750e8
commit 6fe00585e5
5 changed files with 33 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
app/Console/Commands/Utils/ResetTrait.php
View File

@ -60,12 +60,12 @@ protected function resetDB(string $seeder) : void
protected function flushDB() : void protected function flushDB() : void
{ {
// Reset the db // Reset the db
DB::table('password_resets')->delete(); DB::table(config('auth.passwords.users.table'))->delete();
DB::table('oauth_access_tokens')->delete(); DB::table('oauth_access_tokens')->delete();
DB::table('oauth_personal_access_clients')->delete(); DB::table('oauth_personal_access_clients')->delete();
DB::table('oauth_refresh_tokens')->delete(); DB::table('oauth_refresh_tokens')->delete();
DB::table('webauthn_credentials')->delete(); DB::table('webauthn_credentials')->delete();
DB::table('webauthn_recoveries')->delete(); DB::table(config('auth.passwords.webauthn.table'))->delete();
DB::table('twofaccounts')->delete(); DB::table('twofaccounts')->delete();
DB::table('groups')->delete(); DB::table('groups')->delete();
DB::table('users')->delete(); DB::table('users')->delete();

4
app/Http/Controllers/Auth/UserController.php
View File

@ -72,9 +72,9 @@ public function delete(UserDeleteRequest $request)
DB::table('twofaccounts')->where('user_id', $user->id)->delete(); DB::table('twofaccounts')->where('user_id', $user->id)->delete();
DB::table('groups')->where('user_id', $user->id)->delete(); DB::table('groups')->where('user_id', $user->id)->delete();
DB::table('webauthn_credentials')->where('authenticatable_id', $user->id)->delete(); DB::table('webauthn_credentials')->where('authenticatable_id', $user->id)->delete();
DB::table('webauthn_recoveries')->where('email', $user->email)->delete(); DB::table(config('auth.passwords.webauthn.table'))->where('email', $user->email)->delete();
DB::table('oauth_access_tokens')->where('user_id', $user->id)->delete(); DB::table('oauth_access_tokens')->where('user_id', $user->id)->delete();
DB::table('password_resets')->where('email', $user->email)->delete(); DB::table(config('auth.passwords.users.table'))->where('email', $user->email)->delete();
DB::table('users')->where('id', $user->id)->delete(); DB::table('users')->where('id', $user->id)->delete();
}); });
} }

2
tests/Feature/Http/Auth/ForgotPasswordControllerTest.php
View File

@ -81,7 +81,7 @@ public function test_submit_email_password_request_returns_success()
$response->assertStatus(200); $response->assertStatus(200);
$token = \Illuminate\Support\Facades\DB::table('password_resets')->first(); $token = \Illuminate\Support\Facades\DB::table(config('auth.passwords.users.table'))->first();
$this->assertNotNull($token); $this->assertNotNull($token);
Notification::assertSentTo($this->user, ResetPassword::class, function ($notification, $channels) use ($token) { Notification::assertSentTo($this->user, ResetPassword::class, function ($notification, $channels) use ($token) {

8
tests/Feature/Http/Auth/WebAuthnDeviceLostControllerTest.php
View File

@ -58,7 +58,7 @@ public function test_sendRecoveryEmail_sends_notification_on_success()
'message', 'message',
]); ]);
$this->assertDatabaseHas('webauthn_recoveries', [ $this->assertDatabaseHas(config('auth.passwords.webauthn.table'), [
'email' => $this->user->email, 'email' => $this->user->email,
]); ]);
} }
@ -119,7 +119,7 @@ public function test_sendRecoveryEmail_does_not_send_anything_to_unknown_email()
'email', 'email',
]); ]);
$this->assertDatabaseMissing('webauthn_recoveries', [ $this->assertDatabaseMissing(config('auth.passwords.webauthn.table'), [
'email' => 'bad@email.com', 'email' => 'bad@email.com',
]); ]);
} }
@ -142,7 +142,7 @@ public function test_sendRecoveryEmail_does_not_send_anything_to_invalid_email()
'email', 'email',
]); ]);
$this->assertDatabaseMissing('webauthn_recoveries', [ $this->assertDatabaseMissing(config('auth.passwords.webauthn.table'), [
'email' => 'bad@email.com', 'email' => 'bad@email.com',
]); ]);
} }
@ -188,7 +188,7 @@ public function test_sendRecoveryEmail_is_throttled()
'message', 'message',
]); ]);
$this->assertDatabaseHas('webauthn_recoveries', [ $this->assertDatabaseHas(config('auth.passwords.webauthn.table'), [
'email' => $this->user->email, 'email' => $this->user->email,
]); ]);

32
tests/Feature/Http/Auth/WebAuthnRecoveryControllerTest.php
View File

@ -46,7 +46,7 @@ public function setUp() : void
Date::setTestNow($this->now = Date::create(2022, 11, 16, 9, 4)); Date::setTestNow($this->now = Date::create(2022, 11, 16, 9, 4));
DB::table('webauthn_recoveries')->insert([ DB::table(config('auth.passwords.webauthn.table'))->insert([
'email' => $this->user->email, 'email' => $this->user->email,
'token' => self::STORED_TOKEN_VALUE, 'token' => self::STORED_TOKEN_VALUE,
'created_at' => $this->now->toDateTimeString(), 'created_at' => $this->now->toDateTimeString(),
@ -58,7 +58,7 @@ public function setUp() : void
*/ */
public function test_recover_fails_if_no_recovery_is_set() public function test_recover_fails_if_no_recovery_is_set()
{ {
DB::table('webauthn_recoveries')->delete(); DB::table(config('auth.passwords.webauthn.table'))->delete();
$this->json('POST', '/webauthn/recover', [ $this->json('POST', '/webauthn/recover', [
'token' => self::ACTUAL_TOKEN_VALUE, 'token' => self::ACTUAL_TOKEN_VALUE,
@ -91,8 +91,8 @@ public function test_recover_with_expired_token_returns_validation_error()
{ {
Date::setTestNow($now = Date::create(2020, 01, 01, 16, 30)); Date::setTestNow($now = Date::create(2020, 01, 01, 16, 30));
DB::table('webauthn_recoveries')->delete(); DB::table(config('auth.passwords.webauthn.table'))->delete();
DB::table('webauthn_recoveries')->insert([ DB::table(config('auth.passwords.webauthn.table'))->insert([
'token' => self::STORED_TOKEN_VALUE, 'token' => self::STORED_TOKEN_VALUE,
'email' => $this->user->email, 'email' => $this->user->email,
'created_at' => $now->clone()->subHour()->subSecond()->toDateTimeString(), 'created_at' => $now->clone()->subHour()->subSecond()->toDateTimeString(),
@ -148,13 +148,29 @@ public function test_recover_returns_success()
]) ])
->assertStatus(200); ->assertStatus(200);
$this->assertDatabaseMissing('webauthn_recoveries', [ $this->assertDatabaseMissing(config('auth.passwords.webauthn.table'), [
'token' => self::STORED_TOKEN_VALUE, 'token' => self::STORED_TOKEN_VALUE,
]); ]);
}
$this->assertDatabaseMissing('options', [ /**
'key' => 'useWebauthnOnly', * @test
]); */
public function test_recover_resets_useWebauthnOnly_user_preference()
{
$this->user['preferences->useWebauthnOnly'] = true;
$this->user->save();
$response = $this->json('POST', '/webauthn/recover', [
'token' => self::ACTUAL_TOKEN_VALUE,
'email' => $this->user->email,
'password' => UserFactory::USER_PASSWORD,
])
->assertStatus(200);
$this->user->refresh();
$this->assertFalse($this->user->preferences['useWebauthnOnly']);
} }
/** /**