From 96685fdc5b4aa8d5d3a8fe5d836f931add5558e0 Mon Sep 17 00:00:00 2001 From: kolaente Date: Tue, 21 Apr 2026 10:51:42 +0200 Subject: [PATCH] test(e2e): cover TOTP disable flow --- frontend/tests/e2e/user/settings/totp.spec.ts | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/frontend/tests/e2e/user/settings/totp.spec.ts b/frontend/tests/e2e/user/settings/totp.spec.ts index 2ea9ed2ae..6c9dfb854 100644 --- a/frontend/tests/e2e/user/settings/totp.spec.ts +++ b/frontend/tests/e2e/user/settings/totp.spec.ts @@ -1,6 +1,8 @@ import {test, expect} from '../../../support/fixtures' import {authenticator} from 'otplib' import {gotoUserSettings} from '../../../support/userSettings' +import {TotpFactory} from '../../../factories/totp' +import {TEST_PASSWORD} from '../../../support/constants' test.describe('TOTP', () => { test('enrolls TOTP and forces re-login', async ({authenticatedPage: page}) => { @@ -19,4 +21,18 @@ test.describe('TOTP', () => { // TOTP.vue:152 calls authStore.logout() on confirm success. await expect(page).toHaveURL(/\/login/) }) + + test('disables an enabled TOTP', async ({authenticatedPage: page, currentUser}) => { + await TotpFactory.create(1, {user_id: currentUser.id}, false) + await gotoUserSettings(page, 'totp') + + await page.getByRole('button', {name: 'Disable'}).click() + await page.locator('#currentPassword').fill(TEST_PASSWORD) + + // Second "Disable" inside the form submits it. + await page.locator('.card').getByRole('button', {name: 'Disable'}).last().click() + + await expect(page.locator('.global-notification')).toContainText('Success') + await expect(page.getByRole('button', {name: 'Enroll'})).toBeVisible() + }) })