(
app: FastAPIAppAdapter,
core_lifecycle_td: AstrBotCoreLifecycle,
)
| 663 | |
| 664 | @pytest.mark.asyncio |
| 665 | async def test_auth_login_accepts_valid_totp_code( |
| 666 | app: FastAPIAppAdapter, |
| 667 | core_lifecycle_td: AstrBotCoreLifecycle, |
| 668 | ): |
| 669 | original_dashboard_config = copy.deepcopy( |
| 670 | core_lifecycle_td.astrbot_config["dashboard"] |
| 671 | ) |
| 672 | test_client = app.test_client() |
| 673 | _, recovery_code_hash = generate_recovery_code() |
| 674 | secret = pyotp.random_base32() |
| 675 | |
| 676 | try: |
| 677 | core_lifecycle_td.astrbot_config["dashboard"]["totp"] = { |
| 678 | "enable": True, |
| 679 | "secret": secret, |
| 680 | "recovery_code_hash": recovery_code_hash, |
| 681 | } |
| 682 | response = await test_client.post( |
| 683 | "/api/auth/login", |
| 684 | json={ |
| 685 | "username": core_lifecycle_td.astrbot_config["dashboard"]["username"], |
| 686 | "password": _resolve_dashboard_password(core_lifecycle_td), |
| 687 | "code": pyotp.TOTP(secret).now(), |
| 688 | }, |
| 689 | ) |
| 690 | data = await response.get_json() |
| 691 | assert data["status"] == "ok" |
| 692 | assert "token" in data["data"] |
| 693 | finally: |
| 694 | await _restore_dashboard_password_state( |
| 695 | core_lifecycle_td, |
| 696 | original_dashboard_config, |
| 697 | ) |
| 698 | |
| 699 | |
| 700 | @pytest.mark.asyncio |
nothing calls this directly
no test coverage detected