From acafa6db10b238dae5b66851cc2c5dedbd51bbd1 Mon Sep 17 00:00:00 2001 From: kolaente Date: Fri, 20 Mar 2026 10:26:42 +0100 Subject: [PATCH] fix: update TOTP reuse test to use user10 matching rebased fixture --- pkg/db/fixtures/totp.yml | 10 ++++++++-- pkg/user/totp_test.go | 5 +++-- 2 files changed, 11 insertions(+), 4 deletions(-) diff --git a/pkg/db/fixtures/totp.yml b/pkg/db/fixtures/totp.yml index 68da6b7fd..6eece9462 100644 --- a/pkg/db/fixtures/totp.yml +++ b/pkg/db/fixtures/totp.yml @@ -1,5 +1,11 @@ - id: 1 - user_id: 1 + user_id: 10 secret: 'JBSWY3DPEHPK3PXP' enabled: true - url: 'otpauth://totp/Vikunja:user1?secret=JBSWY3DPEHPK3PXP&issuer=Vikunja' + url: 'otpauth://totp/Vikunja:user10?secret=JBSWY3DPEHPK3PXP&issuer=Vikunja' +# user1 has TOTP enrolled but not yet enabled — used by existing TOTP enrollment tests +- id: 2 + user_id: 1 + secret: 'HXDMVJECJJWSRB3HWIZR4IFUGFTMXBOZ' + enabled: false + url: 'otpauth://totp/Vikunja:user1?secret=HXDMVJECJJWSRB3HWIZR4IFUGFTMXBOZ&issuer=Vikunja' diff --git a/pkg/user/totp_test.go b/pkg/user/totp_test.go index 0a4722ca9..10307967a 100644 --- a/pkg/user/totp_test.go +++ b/pkg/user/totp_test.go @@ -32,12 +32,13 @@ func TestTOTPPasscodeCannotBeReused(t *testing.T) { s := db.NewSession() defer s.Close() - // Generate a valid TOTP passcode for user1's secret from the fixture + // Generate a valid TOTP passcode for user10's secret from the fixture + // user10 has TOTP enabled with this secret in pkg/db/fixtures/totp.yml secret := "JBSWY3DPEHPK3PXP" //nolint:gosec passcode, err := totp.GenerateCode(secret, time.Now()) require.NoError(t, err) - user := &User{ID: 1} + user := &User{ID: 10} // First use should succeed _, err = ValidateTOTPPasscode(s, &TOTPPasscode{