Add setting for enforcing 2FA (#1259)

* Add setting for enforcing 2FA * Changes after code-review * Add Test-Cases for Obligatory 2FA
2019-06-17 17:08:27 +02:00
parent c5a2bd35b7
commit 0a1429ed60
5 changed files with 75 additions and 3 deletions
--- a/src/tests/control/test_auth.py
+++ b/src/tests/control/test_auth.py
@@ -769,3 +769,33 @@ def test_staff_session_require_staff(user, client):
    session.save()
    response = client.post('/control/sudo/')
    assert response.status_code == 403
+
+
+@override_settings(PRETIX_OBLIGATORY_2FA=True)
+class Obligatory2FATest(TestCase):
+    def setUp(self):
+        super().setUp()
+        self.user = User.objects.create_user('demo@demo.dummy', 'demo')
+        self.client.login(email='demo@demo.dummy', password='demo')
+
+    def test_enabled_2fa_not_setup(self):
+        response = self.client.get('/control/events/')
+        assert response.status_code == 302
+        assert response.url == '/control/settings/2fa/'
+
+    def test_enabled_2fa_setup_not_enabled(self):
+        U2FDevice.objects.create(user=self.user, name='test', json_data="{}", confirmed=True)
+        self.user.require_2fa = False
+        self.user.save()
+
+        response = self.client.get('/control/events/')
+        assert response.status_code == 302
+        assert response.url == '/control/settings/2fa/'
+
+    def test_enabled_2fa_setup_enabled(self):
+        U2FDevice.objects.create(user=self.user, name='test', json_data="{}", confirmed=True)
+        self.user.require_2fa = True
+        self.user.save()
+
+        response = self.client.get('/control/events/')
+        assert response.status_code == 200