mirror of
https://github.com/Bubka/2FAuth.git
synced 2025-06-21 04:07:44 +02:00
Avoid uri to be sent to front-end
This commit is contained in:
Bubka
parent
785332f62c
commit
d1d4734031
@ -42,6 +42,14 @@ class TwoFAccount extends Model implements Sortable
|
|||||||
protected $appends = ['otpType', 'counter'];
|
protected $appends = ['otpType', 'counter'];
|
||||||
|
|
||||||
|
|
||||||
|
/**
|
||||||
|
* The attributes that should be hidden for arrays.
|
||||||
|
*
|
||||||
|
* @var array
|
||||||
|
*/
|
||||||
|
protected $hidden = ['uri'];
|
||||||
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Override The "booting" method of the model
|
* Override The "booting" method of the model
|
||||||
*
|
*
|
||||||
|
|||||||
@ -60,7 +60,6 @@ class ProtectDbTest extends TestCase
|
|||||||
->assertJsonFragment([
|
->assertJsonFragment([
|
||||||
'service' => 'test',
|
'service' => 'test',
|
||||||
'account' => Crypt::decryptString($encrypted->account),
|
'account' => Crypt::decryptString($encrypted->account),
|
||||||
'uri' => Crypt::decryptString($encrypted->uri),
|
|
||||||
]);
|
]);
|
||||||
|
|
||||||
$response = $this->actingAs($this->user, 'api')
|
$response = $this->actingAs($this->user, 'api')
|
||||||
@ -69,7 +68,6 @@ class ProtectDbTest extends TestCase
|
|||||||
->assertJsonFragment([
|
->assertJsonFragment([
|
||||||
'service' => 'testAlt',
|
'service' => 'testAlt',
|
||||||
'account' => Crypt::decryptString($encryptedAlt->account),
|
'account' => Crypt::decryptString($encryptedAlt->account),
|
||||||
'uri' => Crypt::decryptString($encryptedAlt->uri),
|
|
||||||
]);
|
]);
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -129,7 +127,6 @@ class ProtectDbTest extends TestCase
|
|||||||
->assertJsonFragment([
|
->assertJsonFragment([
|
||||||
'service' => 'test',
|
'service' => 'test',
|
||||||
'account' => 'test@test.com',
|
'account' => 'test@test.com',
|
||||||
'uri' => 'otpauth://totp/test@test.com?secret=A4GRFHVVRBGY7UIW&issuer=test',
|
|
||||||
]);
|
]);
|
||||||
|
|
||||||
$response = $this->actingAs($this->user, 'api')
|
$response = $this->actingAs($this->user, 'api')
|
||||||
@ -138,7 +135,6 @@ class ProtectDbTest extends TestCase
|
|||||||
->assertJsonFragment([
|
->assertJsonFragment([
|
||||||
'service' => 'testAlt',
|
'service' => 'testAlt',
|
||||||
'account' => 'testAlt@test.com',
|
'account' => 'testAlt@test.com',
|
||||||
'uri' => 'otpauth://totp/testAlt@test.com?secret=A4GRFHVVRBGY7UIW&issuer=testAlt',
|
|
||||||
]);
|
]);
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -170,7 +166,6 @@ class ProtectDbTest extends TestCase
|
|||||||
->assertJsonFragment([
|
->assertJsonFragment([
|
||||||
'service' => 'test',
|
'service' => 'test',
|
||||||
'account' => 'test@test.com',
|
'account' => 'test@test.com',
|
||||||
'uri' => 'otpauth://totp/test@test.com?secret=A4GRFHVVRBGY7UIW&issuer=test',
|
|
||||||
]);
|
]);
|
||||||
|
|
||||||
$response = $this->actingAs($this->user, 'api')
|
$response = $this->actingAs($this->user, 'api')
|
||||||
@ -179,7 +174,6 @@ class ProtectDbTest extends TestCase
|
|||||||
->assertJsonFragment([
|
->assertJsonFragment([
|
||||||
'service' => 'testAlt',
|
'service' => 'testAlt',
|
||||||
'account' => 'testAlt@test.com',
|
'account' => 'testAlt@test.com',
|
||||||
'uri' => 'otpauth://totp/testAlt@test.com?secret=A4GRFHVVRBGY7UIW&issuer=testAlt',
|
|
||||||
]);
|
]);
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -199,7 +193,7 @@ class ProtectDbTest extends TestCase
|
|||||||
->json('POST', '/api/settings/options', [
|
->json('POST', '/api/settings/options', [
|
||||||
'useEncryption' => true,
|
'useEncryption' => true,
|
||||||
])
|
])
|
||||||
->assertStatus(422);
|
->assertStatus(400);
|
||||||
|
|
||||||
// Check ProtectDB option is not active
|
// Check ProtectDB option is not active
|
||||||
$response = $this->actingAs($this->user, 'api')
|
$response = $this->actingAs($this->user, 'api')
|
||||||
@ -234,7 +228,7 @@ class ProtectDbTest extends TestCase
|
|||||||
->json('POST', '/api/settings/options', [
|
->json('POST', '/api/settings/options', [
|
||||||
'useEncryption' => false,
|
'useEncryption' => false,
|
||||||
])
|
])
|
||||||
->assertStatus(422);
|
->assertStatus(400);
|
||||||
|
|
||||||
// Check ProtectDB option has been restored
|
// Check ProtectDB option has been restored
|
||||||
$response = $this->actingAs($this->user, 'api')
|
$response = $this->actingAs($this->user, 'api')
|
||||||
@ -263,15 +257,13 @@ class ProtectDbTest extends TestCase
|
|||||||
DB::table('twofaccounts')
|
DB::table('twofaccounts')
|
||||||
->where('id', 1)
|
->where('id', 1)
|
||||||
->update([
|
->update([
|
||||||
'account' => 'IAmYourFather',
|
'account' => 'YoushallNotPass',
|
||||||
'uri' => 'YouShallNotPass',
|
|
||||||
]);
|
]);
|
||||||
|
|
||||||
$response = $this->actingAs($this->user, 'api')
|
$response = $this->actingAs($this->user, 'api')
|
||||||
->json('GET', '/api/twofaccounts/1')
|
->json('GET', '/api/twofaccounts/1')
|
||||||
->assertStatus(200)
|
->assertStatus(200)
|
||||||
->assertJsonFragment([
|
->assertJsonFragment([
|
||||||
'uri' => '*encrypted*',
|
|
||||||
'account' => '*encrypted*',
|
'account' => '*encrypted*',
|
||||||
]);
|
]);
|
||||||
}
|
}
|
||||||
|
|||||||
@ -48,8 +48,10 @@ class TwoFAccountTest extends TestCase
|
|||||||
->assertJsonFragment([
|
->assertJsonFragment([
|
||||||
'service' => 'testTOTP',
|
'service' => 'testTOTP',
|
||||||
'account' => 'test@test.com',
|
'account' => 'test@test.com',
|
||||||
'uri' => 'otpauth://totp/test@test.com?secret=A4GRFHVVRBGY7UIW&issuer=test',
|
|
||||||
'icon' => 'test.png',
|
'icon' => 'test.png',
|
||||||
|
])
|
||||||
|
->assertJsonMissing([
|
||||||
|
'uri' => 'otpauth://totp/test@test.com?secret=A4GRFHVVRBGY7UIW&issuer=test',
|
||||||
]);
|
]);
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -85,8 +87,10 @@ class TwoFAccountTest extends TestCase
|
|||||||
->assertJsonFragment([
|
->assertJsonFragment([
|
||||||
'service' => 'testCreation',
|
'service' => 'testCreation',
|
||||||
'account' => 'test@example.org',
|
'account' => 'test@example.org',
|
||||||
'uri' => 'otpauth://totp/test@test.com?secret=A4GRFHZVRBGY7UIW&issuer=test',
|
|
||||||
'icon' => 'test.png',
|
'icon' => 'test.png',
|
||||||
|
])
|
||||||
|
->assertJsonMissing([
|
||||||
|
'uri' => 'otpauth://totp/test@test.com?secret=A4GRFHVVRBGY7UIW&issuer=test',
|
||||||
]);
|
]);
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -218,8 +222,10 @@ class TwoFAccountTest extends TestCase
|
|||||||
'id' => 1,
|
'id' => 1,
|
||||||
'service' => 'testUpdate',
|
'service' => 'testUpdate',
|
||||||
'account' => 'testUpdate@test.com',
|
'account' => 'testUpdate@test.com',
|
||||||
'uri' => $twofaccount->uri,
|
|
||||||
'icon' => 'testUpdate.png',
|
'icon' => 'testUpdate.png',
|
||||||
|
])
|
||||||
|
->assertJsonMissing([
|
||||||
|
'uri' => $twofaccount->uri,
|
||||||
]);
|
]);
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -242,15 +248,15 @@ class TwoFAccountTest extends TestCase
|
|||||||
'service' => 'testUpdate.com',
|
'service' => 'testUpdate.com',
|
||||||
'account' => 'testUpdate',
|
'account' => 'testUpdate',
|
||||||
'icon' => 'testUpdate.png',
|
'icon' => 'testUpdate.png',
|
||||||
'counter' => '5'
|
'counter' => 5
|
||||||
])
|
])
|
||||||
->assertStatus(200)
|
->assertStatus(200)
|
||||||
->assertJsonFragment([
|
->assertJsonFragment([
|
||||||
'id' => 1,
|
'id' => 1,
|
||||||
'service' => 'testUpdate.com',
|
'service' => 'testUpdate.com',
|
||||||
'account' => 'testUpdate',
|
'account' => 'testUpdate',
|
||||||
'uri' => 'otpauth://hotp/service?counter=5&secret=A4GRFHVVRBGY7UIW',
|
|
||||||
'icon' => 'testUpdate.png',
|
'icon' => 'testUpdate.png',
|
||||||
|
'counter' => 5,
|
||||||
]);
|
]);
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -293,7 +299,6 @@ class TwoFAccountTest extends TestCase
|
|||||||
'id',
|
'id',
|
||||||
'service',
|
'service',
|
||||||
'account',
|
'account',
|
||||||
'uri',
|
|
||||||
'icon',
|
'icon',
|
||||||
'created_at',
|
'created_at',
|
||||||
'updated_at'
|
'updated_at'
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user