Added unit test

back/methods/account/login.js

@@ -44,7 +44,7 @@ module.exports = Self => {
             ? {email: user}
             : {name: user};
         let account = await Self.findOne({
-            fields: ['id', 'active', 'password', 'twoFactor'],
+            fields: ['id', 'active', 'email', 'password', 'twoFactor'],
             where
         });
 
@@ -80,10 +80,15 @@ module.exports = Self => {
                     expires: Date.now() + maxTTL
                 });
 
-                ctx.args.code = code;
+                const params = {
+                    recipientId: account.id,
+                    recipient: account.email,
+                    code: code
+                };
+                ctx.args = {...ctx.args, ...params};
                 await Self.sendTemplate(ctx, 'auth-code');
 
-                throw new ForbiddenError();
+                throw new ForbiddenError('REQUIRES_2FA');
             }
         }
 

back/methods/account/specs/login.spec.js

@@ -1,26 +1,35 @@
-const app = require('vn-loopback/server/server');
+const {models} = require('vn-loopback/server/server');
 
-describe('account login()', () => {
+fdescribe('account login()', () => {
-    const unauthCtx = {};
+    const employeeId = 1;
+    const unauthCtx = {
+        req: {
+            connection: {
+                remoteAddress: '127.0.0.1'
+            },
+            getLocale: () => 'en'
+        },
+        args: {}
+    };
     describe('when credentials are correct', () => {
         it('should return the token', async() => {
-            let login = await app.models.Account.login(unauthCtx, 'salesAssistant', 'nightmare');
+            let login = await models.Account.login(unauthCtx, 'salesAssistant', 'nightmare');
-            let accessToken = await app.models.AccessToken.findById(login.token);
+            let accessToken = await models.AccessToken.findById(login.token);
             let ctx = {req: {accessToken: accessToken}};
 
             expect(login.token).toBeDefined();
 
-            await app.models.Account.logout(ctx);
+            await models.Account.logout(ctx);
         });
 
         it('should return the token if the user doesnt exist but the client does', async() => {
-            let login = await app.models.Account.login(unauthCtx, 'PetterParker', 'nightmare');
+            let login = await models.Account.login(unauthCtx, 'PetterParker', 'nightmare');
-            let accessToken = await app.models.AccessToken.findById(login.token);
+            let accessToken = await models.AccessToken.findById(login.token);
             let ctx = {req: {accessToken: accessToken}};
 
             expect(login.token).toBeDefined();
 
-            await app.models.Account.logout(ctx);
+            await models.Account.logout(ctx);
         });
     });
 
@@ -29,7 +38,7 @@ describe('account login()', () => {
             let error;
 
             try {
-                await app.models.Account.login(unauthCtx, 'IDontExist', 'TotallyWrongPassword');
+                await models.Account.login(unauthCtx, 'IDontExist', 'TotallyWrongPassword');
             } catch (e) {
                 error = e;
             }
@@ -39,4 +48,27 @@ describe('account login()', () => {
             expect(error.code).toBe('LOGIN_FAILED');
         });
     });
+
+    describe('when two-factor auth is required', () => {
+        it('should throw a 403 error', async() => {
+            let error;
+            const Account = models.Account;
+
+            const employee = await Account.findById(employeeId);
+
+            try {
+                await employee.updateAttribute('twoFactor', 'email');
+
+                await Account.login(unauthCtx, 'employee', 'nightmare');
+            } catch (e) {
+                error = e;
+            }
+
+            expect(error).toBeDefined();
+            expect(error.statusCode).toBe(403);
+            expect(error.message).toBe('REQUIRES_2FA');
+
+            await employee.updateAttribute('twoFactor', null);
+        });
+    });
 });

print/templates/email/auth-code/auth-code.html

@@ -11,7 +11,7 @@
             <div class="code vn-pa-sm vn-m-md">
                 {{ code }}
             </div>
-            <p>{{$t('It expires in 5 minutes.')}}</p>
+            <p>{{$t('It expires in 5 minutes')}}</p>
         </div>
     </div>
 </email-body>

print/templates/email/auth-code/locale/en.yml

@@ -0,0 +1,5 @@
+subject: Verification code
+title: Verification code
+description: Somebody did request a verification code for login. If you didn't request it, please ignore this email.
+Enter the following code to continue to your account: Enter the following code to continue to your account
+It expires in 5 minutes: It expires in 5 minutes

print/templates/email/auth-code/locale/es.yml

@@ -2,4 +2,4 @@ subject: Código de verificación
 title: Código de verificación
 description: Alguien ha solicitado un código de verificación para poder iniciar sesión. Si no lo has solicitado tu, ignora este email.
 Enter the following code to continue to your account: Introduce el siguiente código para poder continuar con tu cuenta
-It expires in 5 minutes.: Expira en 5 minutos
+It expires in 5 minutes: Expira en 5 minutos

print/templates/email/auth-code/locale/fr.yml

@@ -2,4 +2,4 @@ subject: Code de vérification
 title: Code de vérification
 description: Quelqu'un a demandé un code de vérification pour se connecter. Si ce n'était pas toi, ignore cet email.
 Enter the following code to continue to your account: Entrez le code suivant pour continuer avec votre compte
-It expires in 5 minutes.: Il expire dans 5 minutes.
+It expires in 5 minutes: Il expire dans 5 minutes.

print/templates/email/auth-code/locale/pt.yml

@@ -2,4 +2,4 @@ subject: Código de verificação
 title: Código de verificação
 description: Alguém solicitou um código de verificação para entrar. Se você não fez essa solicitação, ignore este e-mail.
 Enter the following code to continue to your account: Insira o seguinte código para continuar com sua conta.
-It expires in 5 minutes.: Expira em 5 minutos.
+It expires in 5 minutes: Expira em 5 minutos.