From 12444a766fea8b560a89bfb3201e3c85dcb35d38 Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Mon, 16 Mar 2026 13:44:27 +0000 Subject: [PATCH 1/2] Initial plan From b4d123f3dba71068365792937e7fc611b93737e7 Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Mon, 16 Mar 2026 13:52:10 +0000 Subject: [PATCH 2/2] refactor: remove redundant try/finally blocks in functional mail tests Co-authored-by: davideluque <10492210+davideluque@users.noreply.github.com> --- tests/functional/profile/totp.spec.ts | 150 ++++++++++------------ tests/functional/profile/webauthn.spec.ts | 139 ++++++++++---------- 2 files changed, 135 insertions(+), 154 deletions(-) diff --git a/tests/functional/profile/totp.spec.ts b/tests/functional/profile/totp.spec.ts index a76db81..8be9f82 100644 --- a/tests/functional/profile/totp.spec.ts +++ b/tests/functional/profile/totp.spec.ts @@ -63,33 +63,29 @@ test.group('Profile TOTP', (group) => { test('verify queues an email when TOTP is enabled', async ({ client }) => { const fakeMailer = mail.fake() - try { - const totpSecret = await adonis2fa.generateSecret('user@example.com') - const user = await createUser({ - email: 'user@example.com', - totpEnabled: false, - totpSecretEncrypted: encryption.encrypt(totpSecret.secret), - totpRecoveryCodesEncrypted: encryption.encrypt(['CODE-1', 'CODE-2']), - }) - - const response = await client - .post('/profile/totp/verify') - .json({ otp: adonis2fa.generateToken(totpSecret.secret)! }) - .withCsrfToken() - .loginAs(user) - - response.assertStatus(200) - - fakeMailer.mails.assertQueuedCount(SecuritySettingsChangedMail, 1) - fakeMailer.mails.assertQueued(SecuritySettingsChangedMail, (notification) => { - notification.message.assertTo(user.email) - notification.message.assertSubject('Two-factor authentication enabled') - notification.message.assertTextIncludes('Two-factor authentication was enabled') - return true - }) - } finally { - mail.restore() - } + const totpSecret = await adonis2fa.generateSecret('user@example.com') + const user = await createUser({ + email: 'user@example.com', + totpEnabled: false, + totpSecretEncrypted: encryption.encrypt(totpSecret.secret), + totpRecoveryCodesEncrypted: encryption.encrypt(['CODE-1', 'CODE-2']), + }) + + const response = await client + .post('/profile/totp/verify') + .json({ otp: adonis2fa.generateToken(totpSecret.secret)! }) + .withCsrfToken() + .loginAs(user) + + response.assertStatus(200) + + fakeMailer.mails.assertQueuedCount(SecuritySettingsChangedMail, 1) + fakeMailer.mails.assertQueued(SecuritySettingsChangedMail, (notification) => { + notification.message.assertTo(user.email) + notification.message.assertSubject('Two-factor authentication enabled') + notification.message.assertTextIncludes('Two-factor authentication was enabled') + return true + }) }) test('destroy throws error when TOTP is not enabled', async ({ client }) => { @@ -108,33 +104,29 @@ test.group('Profile TOTP', (group) => { test('destroy queues an email when TOTP is disabled', async ({ client }) => { const fakeMailer = mail.fake() - try { - const totpSecret = await adonis2fa.generateSecret('user@example.com') - const user = await createUser({ - email: 'user@example.com', - totpEnabled: true, - totpSecretEncrypted: encryption.encrypt(totpSecret.secret), - totpRecoveryCodesEncrypted: encryption.encrypt(['CODE-1', 'CODE-2']), - }) - - const response = await client - .delete('/profile/totp') - .withCsrfToken() - .loginAs(user) - .withSession(withSecurityConfirmed()) - - response.assertStatus(204) - - fakeMailer.mails.assertQueuedCount(SecuritySettingsChangedMail, 1) - fakeMailer.mails.assertQueued(SecuritySettingsChangedMail, (notification) => { - notification.message.assertTo(user.email) - notification.message.assertSubject('Two-factor authentication disabled') - notification.message.assertTextIncludes('Two-factor authentication was disabled') - return true - }) - } finally { - mail.restore() - } + const totpSecret = await adonis2fa.generateSecret('user@example.com') + const user = await createUser({ + email: 'user@example.com', + totpEnabled: true, + totpSecretEncrypted: encryption.encrypt(totpSecret.secret), + totpRecoveryCodesEncrypted: encryption.encrypt(['CODE-1', 'CODE-2']), + }) + + const response = await client + .delete('/profile/totp') + .withCsrfToken() + .loginAs(user) + .withSession(withSecurityConfirmed()) + + response.assertStatus(204) + + fakeMailer.mails.assertQueuedCount(SecuritySettingsChangedMail, 1) + fakeMailer.mails.assertQueued(SecuritySettingsChangedMail, (notification) => { + notification.message.assertTo(user.email) + notification.message.assertSubject('Two-factor authentication disabled') + notification.message.assertTextIncludes('Two-factor authentication was disabled') + return true + }) }) test('regenerateRecoveryCodes throws error when TOTP is not enabled', async ({ client }) => { @@ -153,32 +145,28 @@ test.group('Profile TOTP', (group) => { test('regenerateRecoveryCodes queues an email when recovery codes change', async ({ client }) => { const fakeMailer = mail.fake() - try { - const totpSecret = await adonis2fa.generateSecret('user@example.com') - const user = await createUser({ - email: 'user@example.com', - totpEnabled: true, - totpSecretEncrypted: encryption.encrypt(totpSecret.secret), - totpRecoveryCodesEncrypted: encryption.encrypt(['CODE-1', 'CODE-2']), - }) - - const response = await client - .post('/profile/totp/regeneration') - .withCsrfToken() - .loginAs(user) - .withSession(withSecurityConfirmed()) - - response.assertStatus(200) - - fakeMailer.mails.assertQueuedCount(SecuritySettingsChangedMail, 1) - fakeMailer.mails.assertQueued(SecuritySettingsChangedMail, (notification) => { - notification.message.assertTo(user.email) - notification.message.assertSubject('Recovery codes regenerated') - notification.message.assertTextIncludes('New two-factor recovery codes were generated') - return true - }) - } finally { - mail.restore() - } + const totpSecret = await adonis2fa.generateSecret('user@example.com') + const user = await createUser({ + email: 'user@example.com', + totpEnabled: true, + totpSecretEncrypted: encryption.encrypt(totpSecret.secret), + totpRecoveryCodesEncrypted: encryption.encrypt(['CODE-1', 'CODE-2']), + }) + + const response = await client + .post('/profile/totp/regeneration') + .withCsrfToken() + .loginAs(user) + .withSession(withSecurityConfirmed()) + + response.assertStatus(200) + + fakeMailer.mails.assertQueuedCount(SecuritySettingsChangedMail, 1) + fakeMailer.mails.assertQueued(SecuritySettingsChangedMail, (notification) => { + notification.message.assertTo(user.email) + notification.message.assertSubject('Recovery codes regenerated') + notification.message.assertTextIncludes('New two-factor recovery codes were generated') + return true + }) }) }) diff --git a/tests/functional/profile/webauthn.spec.ts b/tests/functional/profile/webauthn.spec.ts index 518388f..6a02437 100644 --- a/tests/functional/profile/webauthn.spec.ts +++ b/tests/functional/profile/webauthn.spec.ts @@ -141,88 +141,81 @@ test.group('Profile WebAuthn', (group) => { test('store queues an email when a passkey is registered', async ({ client }) => { const fakeMailer = mail.fake() - try { - const user = await createUser() - - app.container.swap(WebauthnService, () => { - const service = new WebauthnService() - Sinon.stub(service.webauthnServer, 'verifyRegistrationResponse').resolves({ - verified: true, - registrationInfo: { - credential: { - id: 'credential-id', - publicKey: new Uint8Array([1, 2, 3]), - counter: 0, - }, - credentialDeviceType: 'singleDevice', - credentialBackedUp: false, + const user = await createUser() + + app.container.swap(WebauthnService, () => { + const service = new WebauthnService() + Sinon.stub(service.webauthnServer, 'verifyRegistrationResponse').resolves({ + verified: true, + registrationInfo: { + credential: { + id: 'credential-id', + publicKey: new Uint8Array([1, 2, 3]), + counter: 0, }, - } as any) - return service - }) + credentialDeviceType: 'singleDevice', + credentialBackedUp: false, + }, + } as any) + return service + }) - const response = await client - .post('/profile/webauthn') - .json({ - friendlyName: 'Work laptop', - attestation: { - id: 'test-id', - rawId: 'test-raw-id', - type: 'public-key', - response: { - clientDataJSON: 'test', - attestationObject: 'test', - }, + const response = await client + .post('/profile/webauthn') + .json({ + friendlyName: 'Work laptop', + attestation: { + id: 'test-id', + rawId: 'test-raw-id', + type: 'public-key', + response: { + clientDataJSON: 'test', + attestationObject: 'test', }, - }) - .withCsrfToken() - .loginAs(user) - .withSession({ ...withSecurityConfirmed(), [WEBAUTHN_REG_CHALLENGE_KEY]: 'test-challenge' }) - - response.assertStatus(200) - - fakeMailer.mails.assertQueuedCount(SecuritySettingsChangedMail, 1) - fakeMailer.mails.assertQueued(SecuritySettingsChangedMail, (notification) => { - notification.message.assertTo(user.email) - notification.message.assertSubject('Passkey added') - notification.message.assertTextIncludes('A passkey was added to your account.') - notification.message.assertTextIncludes('Passkey name: Work laptop') - return true + }, }) - } finally { - mail.restore() - app.container.restore(WebauthnService) - } + .withCsrfToken() + .loginAs(user) + .withSession({ ...withSecurityConfirmed(), [WEBAUTHN_REG_CHALLENGE_KEY]: 'test-challenge' }) + + response.assertStatus(200) + + fakeMailer.mails.assertQueuedCount(SecuritySettingsChangedMail, 1) + fakeMailer.mails.assertQueued(SecuritySettingsChangedMail, (notification) => { + notification.message.assertTo(user.email) + notification.message.assertSubject('Passkey added') + notification.message.assertTextIncludes('A passkey was added to your account.') + notification.message.assertTextIncludes('Passkey name: Work laptop') + return true + }) + + app.container.restore(WebauthnService) }) test('destroy queues an email when a passkey is removed', async ({ client }) => { const fakeMailer = mail.fake() - try { - const user = await createUser() - const credential = await createWebauthnCredential({ - userId: user.id, - friendlyName: 'Phone', - }) + const user = await createUser() + const credential = await createWebauthnCredential({ + userId: user.id, + friendlyName: 'Phone', + }) - const response = await client - .delete(`/profile/webauthn/${credential.id}`) - .withCsrfToken() - .loginAs(user) - .withSession(withSecurityConfirmed()) - - response.assertStatus(200) - - fakeMailer.mails.assertQueuedCount(SecuritySettingsChangedMail, 1) - fakeMailer.mails.assertQueued(SecuritySettingsChangedMail, (notification) => { - notification.message.assertTo(user.email) - notification.message.assertSubject('Passkey removed') - notification.message.assertTextIncludes('A passkey was removed from your account.') - notification.message.assertTextIncludes('Passkey name: Phone') - return true - }) - } finally { - mail.restore() - } + const response = await client + .delete(`/profile/webauthn/${credential.id}`) + .withCsrfToken() + .loginAs(user) + .withSession(withSecurityConfirmed()) + + response.assertStatus(200) + + fakeMailer.mails.assertQueuedCount(SecuritySettingsChangedMail, 1) + fakeMailer.mails.assertQueued(SecuritySettingsChangedMail, (notification) => { + notification.message.assertTo(user.email) + notification.message.assertSubject('Passkey removed') + notification.message.assertTextIncludes('A passkey was removed from your account.') + notification.message.assertTextIncludes('Passkey name: Phone') + return true + }) }) })