Merge pull request #16301 from mozilla/fxa-8793

fix(signin): Redirect to totp page if user lands on signin confirm with totp enabled
2024-01-31 09:28:19 -05:00 · 2024-01-31 09:28:19 -05:00 · f5fb7cd701
--- a/packages/fxa-content-server/app/scripts/views/sign_in_token_code.js
+++ b/packages/fxa-content-server/app/scripts/views/sign_in_token_code.js
@ -28,10 +28,23 @@ const View = FormView.extend({
  },

  beforeRender() {
+    const account = this.getAccount();
+
    // user cannot confirm if they have not initiated a sign in.
-    if (!this.getAccount()) {
-      this.navigate(this._getAuthPage());
+    if (!account) {
+      return this.navigate(this._getAuthPage());
    }
+    this.broker.persistVerificationData(account);
+    return account.accountProfile().then((profile) => {
+      // Check to see if the account has 2FA and redirect to that
+      // page to verify
+      if (
+        profile.authenticationMethods &&
+        profile.authenticationMethods.includes('otp')
+      ) {
+        return this.replaceCurrentPage('/signin_totp_code');
+      }
+    });
  },

  afterVisible() {
@ -43,7 +56,6 @@ const View = FormView.extend({
    const account = this.getSignedInAccount();
    return proto.afterVisible
      .call(this)
-      .then(() => this.broker.persistVerificationData(account))
      .then(() =>
        this.invokeBrokerMethod('beforeSignUpConfirmationPoll', account)
      )
--- a/packages/fxa-content-server/app/tests/spec/views/sign_in_token_code.js
+++ b/packages/fxa-content-server/app/tests/spec/views/sign_in_token_code.js
@ -36,6 +36,7 @@ describe('views/sign_in_token_code', () => {
  let user;
  let view;
  let windowMock;
+  let accountProfile;

  beforeEach(() => {
    windowMock = new WindowMock();
@ -78,6 +79,12 @@ describe('views/sign_in_token_code', () => {
    });

    sinon.stub(view, 'getSignedInAccount').callsFake(() => account);
+    accountProfile = {
+      authenticationMethods: [],
+    };
+    sinon
+      .stub(account, 'accountProfile')
+      .callsFake(() => Promise.resolve(accountProfile));

    return view.render();
  });
@ -108,6 +115,27 @@ describe('views/sign_in_token_code', () => {
        assert.isTrue(view.navigate.calledWith('signin'));
      });
    });
+
+    describe('with totp enabled', () => {
+      beforeEach(() => {
+        view.getSignedInAccount.restore();
+        sinon.stub(view, 'getSignedInAccount').callsFake(() => account);
+        accountProfile = {
+          authenticationMethods: ['otp'],
+        };
+        account.accountProfile.restore();
+        sinon
+          .stub(account, 'accountProfile')
+          .callsFake(() => Promise.resolve(accountProfile));
+
+        sinon.spy(view, 'replaceCurrentPage');
+        return view.render();
+      });
+
+      it('redirects to the totp page', () => {
+        assert.isTrue(view.replaceCurrentPage.calledWith('/signin_totp_code'));
+      });
+    });
  });

  describe('afterVisible', () => {