Skip to content

Commit d5a6893

Browse files
ssddanbrownssddanbrown
committed
MFA: Copied autocomplete changes from totp to backup codes
Also added tests to cover. Related to #4849
1 parent bc24a13 commit d5a6893

File tree

2 files changed

+20
-1
lines changed

2 files changed

+20
-1
lines changed

resources/views/mfa/parts/verify-backup_codes.blade.php

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -2,10 +2,11 @@
22

33
<p class="small mb-m">{{ trans('auth.mfa_verify_backup_code_desc') }}</p>
44

5-
<form action="{{ url('/mfa/backup_codes/verify') }}" method="post">
5+
<form action="{{ url('/mfa/backup_codes/verify') }}" method="post" autocomplete="off">
66
{{ csrf_field() }}
77
<input type="text"
88
name="code"
9+
autocomplete="one-time-code"
910
placeholder="{{ trans('auth.mfa_verify_backup_code_enter_here') }}"
1011
class="input-fill-width {{ $errors->has('code') ? 'neg' : '' }}">
1112
@if($errors->has('code'))

tests/Auth/MfaVerificationTest.php

Lines changed: 18 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -57,6 +57,15 @@ public function test_totp_verification_fails_on_missing_invalid_code()
5757
$this->assertNull(auth()->user());
5858
}
5959

60+
public function test_totp_form_has_autofill_configured()
61+
{
62+
[$user, $secret, $loginResp] = $this->startTotpLogin();
63+
$html = $this->withHtml($this->get('/mfa/verify'));
64+
65+
$html->assertElementExists('form[autocomplete="off"][action$="/verify"]');
66+
$html->assertElementExists('input[autocomplete="one-time-code"][name="code"]');
67+
}
68+
6069
public function test_backup_code_verification()
6170
{
6271
[$user, $codes, $loginResp] = $this->startBackupCodeLogin();
@@ -138,6 +147,15 @@ public function test_backup_code_verification_shows_warning_when_limited_codes_r
138147
$resp->assertSeeText('You have less than 5 backup codes remaining, Please generate and store a new set before you run out of codes to prevent being locked out of your account.');
139148
}
140149

150+
public function test_backup_code_form_has_autofill_configured()
151+
{
152+
[$user, $codes, $loginResp] = $this->startBackupCodeLogin();
153+
$html = $this->withHtml($this->get('/mfa/verify'));
154+
155+
$html->assertElementExists('form[autocomplete="off"][action$="/verify"]');
156+
$html->assertElementExists('input[autocomplete="one-time-code"][name="code"]');
157+
}
158+
141159
public function test_both_mfa_options_available_if_set_on_profile()
142160
{
143161
$user = $this->users->editor();

0 commit comments

Comments
 (0)