You are here

Home » API reference » Google Authenticator login 7 » ga_login.test » GaLoginBasicPermissionsTestCase

public function GaLoginBasicPermissionsTestCase::testCreateOwnLoginCodeOncePermission in Google Authenticator login 7

Test create own login code once.

File

./ga_login.test, line 210
Tests for ga_login.module.

Class

GaLoginBasicPermissionsTestCase
Test basic permissions.

Code

public function testCreateOwnLoginCodeOncePermission() {
  $account = $this
    ->drupalCreateUser(array(
    'create own login code once',
  ));

  // Valid password.
  $edit = array();
  $edit['name'] = $account->name;
  $edit['pass'] = $account->pass_raw;
  $this
    ->drupalPost('user', $edit, t('Log in'));
  $this
    ->assertText(t("You don't have a login code yet. Please add one to your account below."));
  $this
    ->assertUrl("user/{$account->uid}/ga_login");
  $this
    ->drupalLogout();

  // Wrong password.
  $edit = array();
  $edit['name'] = $account->name;
  $edit['pass'] = "Wrong password" . $account->pass_raw;
  $this
    ->drupalPost('user', $edit, t('Log in'));
  $this
    ->assertText(t('Sorry, unrecognized username or password'));

  // Valid password with invalid code and invalid format.
  $edit = array();
  $edit['name'] = $account->name;
  $edit['pass'] = $account->pass_raw;
  $edit['gacode'] = '12345';
  $this
    ->drupalPost('user', $edit, t('Log in'));
  $this
    ->assertText(t('Code has to be exactly 6 digits.'));
  $this
    ->drupalLogout();

  // Valid password with invalid code, but valid format.
  $edit = array();
  $edit['name'] = $account->name;
  $edit['pass'] = $account->pass_raw;
  $edit['gacode'] = '123456';
  $this
    ->drupalPost('user', $edit, t('Log in'));
  $this
    ->assertText(t("You don't have a login code yet. Please add one to your account below."));
  $this
    ->assertUrl("user/{$account->uid}/ga_login");
  $this
    ->drupalLogout();

  // Wrong password with invalid code, but valid format.
  $edit = array();
  $edit['name'] = $account->name;
  $edit['pass'] = "Wrong password" . $account->pass_raw;
  $edit['gacode'] = '123456';
  $this
    ->drupalPost('user', $edit, t('Log in'));
  $this
    ->assertText(t('Sorry, unrecognized username or password'));

  // Use reset login link.
  $full_account = user_load($account->uid, TRUE);
  $timestamp = $full_account->login;
  $this
    ->drupalGet("user/reset/{$full_account->uid}/{$timestamp}/" . user_pass_rehash($full_account->pass, $timestamp, $full_account->login, $full_account->uid));
  $this
    ->assertText(t('Click on this button to log in to the site and change your password.'));
  $this
    ->drupalLogout();

  // Login and set a code.
  $edit = array();
  $edit['name'] = $account->name;
  $edit['pass'] = $account->pass_raw;
  $this
    ->drupalPost('user', $edit, t('Log in'));
  $this
    ->assertText(t("You don't have a login code yet. Please add one to your account below."));
  $this
    ->assertUrl("user/{$account->uid}/ga_login");

  // First step is information.
  $edit = array();
  $this
    ->drupalPost("user/{$account->uid}/ga_login", $edit, t('Get started'));

  // Seconds step: select time based code.
  $edit = array();
  $edit['tokentype'] = 'TOTP';
  $this
    ->drupalPost(NULL, $edit, t('Create code'));

  // Get the secret key from the page.
  $code_on_page = $this
    ->xpath('//span[@class=:class]', array(
    ':class' => 'secret-key',
  ));
  $code_on_page = $code_on_page[0][0];
  $edit = array();
  $edit['verify_code'] = ga_login_test_generate_code($code_on_page);
  $this
    ->drupalPost(NULL, $edit, t('Use this code'));
  $this
    ->assertText(t("You can now log in with your new code."));
  $this
    ->assertUrl("user/{$account->uid}");

  // Make sure we no longer can access the ga_login tab.
  $edit = array();
  $this
    ->drupalGet("user/{$account->uid}/ga_login");
  $this
    ->assertText(t("You are not authorized to access this page."));
  $this
    ->drupalLogout();

  // Login using a code.
  $edit = array();
  $edit['name'] = $account->name;
  $edit['pass'] = $account->pass_raw;

  // Make sure we have a new code.
  $edit['gacode'] = ga_login_test_generate_code($code_on_page, 1);
  $this
    ->drupalPost('user', $edit, t('Log in'));
  $this
    ->assertText(t('Member for'));
  $this
    ->drupalLogout();

  // Try to log in with the same code.
  $this
    ->drupalPost('user', $edit, t('Log in'));
  $this
    ->assertText(t("Your code isn't valid or has already been used."));
  $this
    ->assertText(t("Sorry, unrecognized username or password."));
  $this
    ->drupalLogout();
}