From 76ffd5dda5318b5e0ea7cf8970b4cc6c2cebf895 Mon Sep 17 00:00:00 2001
From: Andrew Moores <andrew.moores@digital.cabinet-office.gov.uk>
Date: Tue, 9 Jul 2024 16:19:26 +0100
Subject: [PATCH] AUT-2789: Log user out when they enter their password
 incorrectly max allowed times.

WIP.
---
 .../enter-mfa/tests/enter-mfa-integration.test.ts          | 4 ++--
 .../tests/enter-password-integration.test.ts               | 6 +++++-
 ...d-support-2fa-before-password-reset-integration.test.ts | 7 ++++---
 3 files changed, 11 insertions(+), 6 deletions(-)

diff --git a/src/components/enter-mfa/tests/enter-mfa-integration.test.ts b/src/components/enter-mfa/tests/enter-mfa-integration.test.ts
index defce108ce..aaf87f3b99 100644
--- a/src/components/enter-mfa/tests/enter-mfa-integration.test.ts
+++ b/src/components/enter-mfa/tests/enter-mfa-integration.test.ts
@@ -67,9 +67,9 @@ describe("Integration:: enter mfa", () => {
     app = await require("../../../app").createApp();
     baseApi = process.env.FRONTEND_API_BASE_URL || "";
 
-    request(app)
+    await request(app)
       .get(PATH_NAMES.ENTER_MFA)
-      .end((err, res) => {
+      .then((res) => {
         const $ = cheerio.load(res.text);
         token = $("[name=_csrf]").val();
         cookies = res.headers["set-cookie"];
diff --git a/src/components/enter-password/tests/enter-password-integration.test.ts b/src/components/enter-password/tests/enter-password-integration.test.ts
index 5b8e872edd..3e9e45a2d7 100644
--- a/src/components/enter-password/tests/enter-password-integration.test.ts
+++ b/src/components/enter-password/tests/enter-password-integration.test.ts
@@ -40,6 +40,7 @@ describe("Integration::enter password", () => {
 
     app = await require("../../../app").createApp();
     baseApi = process.env.FRONTEND_API_BASE_URL;
+    process.env.SUPPORT_2HR_LOCKOUT = "1";
 
     await request(app)
       .get(ENDPOINT)
@@ -57,6 +58,8 @@ describe("Integration::enter password", () => {
   after(() => {
     sinon.restore();
     app = undefined;
+    process.env.SUPPORT_2HR_LOCKOUT = "1";
+
   });
 
   it("should return enter password page", (done) => {
@@ -91,6 +94,7 @@ describe("Integration::enter password", () => {
 
   it("should return validation error when password is incorrect", (done) => {
     nock(baseApi).post(API_ENDPOINTS.LOG_IN_USER).once().reply(401);
+    process.env.SUPPORT_2HR_LOCKOUT = "0";
 
     request(app)
       .post(ENDPOINT)
@@ -137,7 +141,7 @@ describe("Integration::enter password", () => {
         _csrf: token,
         password: "password",
       })
-      .expect("Location", PATH_NAMES.ACCOUNT_LOCKED)
+      .expect("Location", PATH_NAMES.SIGNED_OUT.concat("?error=login_required"))
       .expect(302, done);
   });
 });
diff --git a/src/components/enter-password/tests/enter-password-support-2fa-before-password-reset-integration.test.ts b/src/components/enter-password/tests/enter-password-support-2fa-before-password-reset-integration.test.ts
index 0d8011b464..1e90d458aa 100644
--- a/src/components/enter-password/tests/enter-password-support-2fa-before-password-reset-integration.test.ts
+++ b/src/components/enter-password/tests/enter-password-support-2fa-before-password-reset-integration.test.ts
@@ -69,9 +69,9 @@ describe("Integration::enter password", () => {
     app = await require("../../../app").createApp();
     baseApi = process.env.FRONTEND_API_BASE_URL;
 
-    request(app)
+    await request(app)
       .get(ENDPOINT)
-      .end((err, res) => {
+      .then((res) => {
         const $ = cheerio.load(res.text);
         token = $("[name=_csrf]").val();
         cookies = res.headers["set-cookie"];
@@ -128,6 +128,7 @@ describe("Integration::enter password", () => {
 
   it("should return validation error when password is incorrect", (done) => {
     nock(baseApi).post(API_ENDPOINTS.LOG_IN_USER).once().reply(401);
+    process.env.SUPPORT_2HR_LOCKOUT = "0"
 
     request(app)
       .post(ENDPOINT)
@@ -201,7 +202,7 @@ describe("Integration::enter password", () => {
         _csrf: token,
         password: "password",
       })
-      .expect("Location", PATH_NAMES.ACCOUNT_LOCKED)
+      .expect("Location", PATH_NAMES.SIGNED_OUT.concat("?error=login_required"))
       .expect(302, done);
   });
 });