mirror of
https://github.com/0rangebananaspy/authelia.git
synced 2024-09-14 22:47:21 +07:00
7128970a53
Before this fix, the redirection URL was stored in the user session, but this has a big drawback since user could open several pages in browser and thus override the redirection URL leading the user to be incorrectly redirected.
21 lines
1.0 KiB
Gherkin
21 lines
1.0 KiB
Gherkin
Feature: Authelia keeps user sessions despite the application restart
|
|
|
|
Scenario: Session is still valid after Authelia restarts
|
|
When I register TOTP and login with user "john" and password "password"
|
|
And the application restarts
|
|
Then I have access to:
|
|
| url |
|
|
| https://secret.test.local:8080/secret.html |
|
|
|
|
Scenario: Secrets are stored even when Authelia restarts
|
|
Given I visit "https://auth.test.local:8080/"
|
|
And I login with user "john" and password "password"
|
|
And I register a TOTP secret called "Sec0"
|
|
When the application restarts
|
|
And I visit "https://secret.test.local:8080/secret.html" and get redirected "https://auth.test.local:8080/?redirect=https%3A%2F%2Fsecret.test.local%3A8080%2Fsecret.html"
|
|
And I login with user "john" and password "password"
|
|
And I use "Sec0" as TOTP token handle
|
|
And I click on "TOTP"
|
|
Then I have access to:
|
|
| url |
|
|
| https://secret.test.local:8080/secret.html | |