mirror of
https://github.com/plausible/analytics.git
synced 2024-11-29 14:04:12 +03:00
da0fa6c355
* Add 2FA actions to `AuthController` * Hook up new `AuthController` actions to router * Add `qr_code` to project dependencies * Implement generic `qr_code` component rendering SVG QR code from text * Implement enabled and disabled 2FA setting state in user settings view * Implement view for initiating 2FA setup * Implement view for verifying 2FA setup * Implement view for rendering generated 2FA recovery codes * Implement view for verifying 2FA code * Implement view for verifying 2FA recovery code * Improve `input_with_clipboard` component * Improve view for initiating 2FA setup * Improve verify 2FA setup view * Implement `verify_2fa_input` component * Improve view for verifying 2FA setup * Improve view rendering generated 2FA recovery codes * Use `verify_2fa_input` component in verify 2FA view * Do not render PA contact on self-hosted instances * Improve flash message phrasing on generated recovery codes * Add byline with a warning to disable 2FA modal * Extract modal to component and move 2FA components to dedicated module * First pass on loading state for "generate new codes" * Adjust modal button logic * Fix button in verify_2fa_input component * Use button component in activate view * Implement wait states for recovery code related actions properly * Apply rate limiting to 2FA verification * Log failed 2FA code input attempts * Add ability to trust device and skip 2FA for 30 days * Improve styling in dark mode * Fix waiting state under Chrome and Safari * Delete trust cookie when disabling 2FA * Put 2FA behind a feature flag * Extract 2FA cookie deletion * ff fixup * Improve session management during 2FA login * Extract part of 2FA controller logic to a separate module and clean up a bit * Clear 2FA user session when rate limit hit * Add id to form in verify 2FA setup view * Add controller tests for 2FA actions and login action * Update CHANGELOG.md * Use `full_build?()` instead of `@is_selfhost` removed after rebase * Update `Auth.TOTP` moduledoc * Add TOTP token management and make `TOTP.enable` more test-friendly * Use TOTP token for device trust feature * Use zero-deps `eqrcode` instead of deps-heavy `qr_code` * Improve flash messages copy Co-authored-by: hq1 <hq@mtod.org> * Make one more copy improvement Co-authored-by: hq1 <hq@mtod.org> * Fix copy in remaining spots * Change redirect after login to accept URLs from #3560 (h/t @aerosol) * Add tests checking handling login_dest on login and 2FA verification * Fix regression in email activation form submit button behavior * Rename `PlausibleWeb.TwoFactor` -> `PlausibleWeb.TwoFactor.Session` * Move `qr_code` component under `Components.TwoFactor` * Set domain and secure options for new cookies --------- Co-authored-by: hq1 <hq@mtod.org>
56 lines
1.5 KiB
Elixir
56 lines
1.5 KiB
Elixir
defmodule PlausibleWeb.ConnCase do
|
|
@moduledoc """
|
|
This module defines the test case to be used by
|
|
tests that require setting up a connection.
|
|
|
|
Such tests rely on `Phoenix.ConnTest` and also
|
|
import other functionality to make it easier
|
|
to build common data structures and query the data layer.
|
|
|
|
Finally, if the test case interacts with the database,
|
|
it cannot be async. For this reason, every test runs
|
|
inside a transaction which is reset at the beginning
|
|
of the test unless the test case is marked as async.
|
|
"""
|
|
|
|
use ExUnit.CaseTemplate
|
|
|
|
using do
|
|
quote do
|
|
# Import conveniences for testing with connections
|
|
use Plausible.TestUtils
|
|
use Plausible
|
|
import Plug.Conn
|
|
import Phoenix.ConnTest
|
|
alias PlausibleWeb.Router.Helpers, as: Routes
|
|
import Plausible.Factory
|
|
|
|
# The default endpoint for testing
|
|
@endpoint PlausibleWeb.Endpoint
|
|
end
|
|
end
|
|
|
|
setup tags do
|
|
:ok = Ecto.Adapters.SQL.Sandbox.checkout(Plausible.Repo)
|
|
|
|
unless tags[:async] do
|
|
Ecto.Adapters.SQL.Sandbox.mode(Plausible.Repo, {:shared, self()})
|
|
end
|
|
|
|
# randomize client ip to avoid accidentally hitting
|
|
# rate limiting during tests
|
|
conn =
|
|
Phoenix.ConnTest.build_conn()
|
|
|> Map.put(:secret_key_base, secret_key_base())
|
|
|> Plug.Conn.put_req_header("x-forwarded-for", Plausible.TestUtils.random_ip())
|
|
|
|
{:ok, conn: conn}
|
|
end
|
|
|
|
defp secret_key_base() do
|
|
:plausible
|
|
|> Application.fetch_env!(PlausibleWeb.Endpoint)
|
|
|> Keyword.fetch!(:secret_key_base)
|
|
end
|
|
end
|