require password for sensitive read endpoints

2025-09-09 15:58:48 +00:00 · 2025-08-03 14:12:24 -04:00
parent 68341db0fe
commit 3a19ef9c2a
4 changed files with 22 additions and 8 deletions
--- a/src/tests/test_api.py
+++ b/src/tests/test_api.py
@@ -78,6 +78,7 @@ def test_get_entry_by_id(client):
    headers = {
        "Authorization": f"Bearer {token}",
        "Origin": "http://example.com",
+        "X-SeedPass-Password": "pw",
    }
    res = cl.get("/api/v1/entry/1", headers=headers)
    assert res.status_code == 200
--- a/src/tests/test_api_new_endpoints.py
+++ b/src/tests/test_api_new_endpoints.py
@@ -136,7 +136,7 @@ def test_totp_export_endpoint(client):
    cl, token = client
    api._pm.entry_manager.export_totp_entries = lambda seed: {"entries": ["x"]}
    api._pm.parent_seed = "seed"
-    headers = {"Authorization": f"Bearer {token}"}
+    headers = {"Authorization": f"Bearer {token}", "X-SeedPass-Password": "pw"}
    res = cl.get("/api/v1/totp/export", headers=headers)
    assert res.status_code == 200
    assert res.json() == {"entries": ["x"]}
@@ -148,7 +148,7 @@ def test_totp_codes_endpoint(client):
    api._pm.entry_manager.get_totp_code = lambda i, s: "123456"
    api._pm.entry_manager.get_totp_time_remaining = lambda i: 30
    api._pm.parent_seed = "seed"
-    headers = {"Authorization": f"Bearer {token}"}
+    headers = {"Authorization": f"Bearer {token}", "X-SeedPass-Password": "pw"}
    res = cl.get("/api/v1/totp", headers=headers)
    assert res.status_code == 200
    assert res.json() == {