feat(account): add ability to sign in with login code (#271)

Co-authored-by: Elias Schneider <login@eliasschneider.com>
2026-02-08 19:04:18 +00:00 · 2025-03-10 12:45:45 +01:00
parent a9713cf6a1
commit eb1426ed26
34 changed files with 446 additions and 191 deletions
--- a/frontend/tests/account-settings.spec.ts
+++ b/frontend/tests/account-settings.spec.ts
@@ -69,3 +69,20 @@ test('Delete passkey from account', async ({ page }) => {

 	await expect(page.getByRole('status')).toHaveText('Passkey deleted successfully');
 });
+
+test('Generate own one time access token as non admin', async ({ page, context }) => {
+	await context.clearCookies();
+	await page.goto('/login');
+	await (await passkeyUtil.init(page)).addPasskey('craig');
+
+	await page.getByRole('button', { name: 'Authenticate' }).click();
+	await page.waitForURL('/settings/account');
+
+	await page.getByRole('button', { name: 'Create' }).click();
+	const link = await page.getByTestId('login-code-link').textContent();
+
+	await context.clearCookies();
+
+	await page.goto(link!);
+	await page.waitForURL('/settings/account');
+});
--- a/frontend/tests/application-configuration.spec.ts
+++ b/frontend/tests/application-configuration.spec.ts
@@ -32,7 +32,7 @@ test('Update email configuration', async ({ page }) => {
 	await page.getByLabel('SMTP Password').fill('password');
 	await page.getByLabel('SMTP From').fill('test@gmail.com');
 	await page.getByLabel('Email Login Notification').click();
-	await page.getByLabel('Email One Time Access').click();
+	await page.getByLabel('Email Login', { exact: true }).click();

 	await page.getByRole('button', { name: 'Save' }).nth(1).click();

@@ -46,7 +46,7 @@ test('Update email configuration', async ({ page }) => {
 	await expect(page.getByLabel('SMTP Password')).toHaveValue('password');
 	await expect(page.getByLabel('SMTP From')).toHaveValue('test@gmail.com');
 	await expect(page.getByLabel('Email Login Notification')).toBeChecked();
-	await expect(page.getByLabel('Email One Time Access')).toBeChecked();
+	await expect(page.getByLabel('Email Login', { exact: true })).toBeChecked();
 });

 test('Update LDAP configuration', async ({ page }) => {
--- a/frontend/tests/one-time-access-token.spec.ts
+++ b/frontend/tests/one-time-access-token.spec.ts
@@ -1,22 +1,47 @@
 import test, { expect } from '@playwright/test';
 import { oneTimeAccessTokens } from './data';
+import { cleanupBackend } from './utils/cleanup.util';
+
+test.beforeEach(cleanupBackend);

 // Disable authentication for these tests
 test.use({ storageState: { cookies: [], origins: [] } });

-test('Sign in with one time access token', async ({ page }) => {
+test('Sign in with login code', async ({ page }) => {
 	const token = oneTimeAccessTokens.filter((t) => !t.expired)[0];
-	await page.goto(`/login/${token.token}`);
+	await page.goto(`/lc/${token.token}`);

-	await page.getByRole('button', { name: 'Continue' }).click();
 	await page.waitForURL('/settings/account');
 });

-test('Sign in with expired one time access token fails', async ({ page }) => {
-	const token = oneTimeAccessTokens.filter((t) => t.expired)[0];
-	await page.goto(`/login/${token.token}`);
+test('Sign in with login code entered manually', async ({ page }) => {
+	const token = oneTimeAccessTokens.filter((t) => !t.expired)[0];
+	await page.goto('/lc');
+
+	await page.getByPlaceholder('Code').first().fill(token.token);
+
+	await page.getByText('Submit').first().click();
+
+	await page.waitForURL('/settings/account');
+});
+
+test('Sign in with expired login code fails', async ({ page }) => {
+	const token = oneTimeAccessTokens.filter((t) => t.expired)[0];
+	await page.goto(`/lc/${token.token}`);
+
+	await expect(page.getByRole('paragraph')).toHaveText(
+		'Token is invalid or expired. Please try again.'
+	);
+});
+
+test('Sign in with login code entered manually fails', async ({ page }) => {
+	const token = oneTimeAccessTokens.filter((t) => t.expired)[0];
+	await page.goto('/lc');
+
+	await page.getByPlaceholder('Code').first().fill(token.token);
+
+	await page.getByText('Submit').first().click();

-	await page.getByRole('button', { name: 'Continue' }).click();
 	await expect(page.getByRole('paragraph')).toHaveText(
 		'Token is invalid or expired. Please try again.'
 	);
--- a/frontend/tests/user-settings.spec.ts
+++ b/frontend/tests/user-settings.spec.ts
@@ -58,14 +58,14 @@ test('Create one time access token', async ({ page }) => {
 		.getByRole('button')
 		.click();

-	await page.getByRole('menuitem', { name: 'One-time link' }).click();
+	await page.getByRole('menuitem', { name: 'Login Code' }).click();

-	await page.getByLabel('One Time Link').getByRole('combobox').click();
+	await page.getByLabel('Login Code').getByRole('combobox').click();
 	await page.getByRole('option', { name: '12 hours' }).click();
-	await page.getByRole('button', { name: 'Generate Link' }).click();
+	await page.getByRole('button', { name: 'Generate Code' }).click();

-	await expect(page.getByRole('textbox', { name: 'One Time Link' })).toHaveValue(
-		/http:\/\/localhost\/login\/.*/
+	await expect(page.getByRole('textbox', { name: 'Login Code' })).toHaveValue(
+		/http:\/\/localhost\/lc\/.*/
 	);
 });