test: add unit tests for two-factor model, strategy, and registration

Add model tests for TwoFactorAuthenticatable (enabled/disabled states,
multiple methods, unknown method errors, model concern inclusion).
Add strategy tests for the base TwoFactor strategy. Add registration
tests for register_two_factor_method in devise_test.

Author: santiagorodriguez96

test/devise_test.rb

@@ -86,6 +86,29 @@ class DeviseTest < ActiveSupport::TestCase
     Devise::CONTROLLERS.delete(:kivi)
   end
 
+  test 'register_two_factor_method stores config and populates STRATEGIES' do
+    Devise.register_two_factor_method(:fake_2fa, model: 'devise/models/fake_2fa', strategy: :fake_2fa_strategy)
+    assert_equal({ model: 'devise/models/fake_2fa', strategy: :fake_2fa_strategy }, Devise.two_factor_method_configs[:fake_2fa])
+    assert_equal :fake_2fa_strategy, Devise::STRATEGIES[:fake_2fa]
+    Devise.two_factor_method_configs.delete(:fake_2fa)
+    Devise::STRATEGIES.delete(:fake_2fa)
+  end
+
+  test 'register_two_factor_method with route populates ROUTES and URL_HELPERS' do
+    Devise.register_two_factor_method(:fake_rt, model: 'x', route: { fake_rt: [nil, :new] })
+    assert_equal :fake_rt, Devise::ROUTES[:fake_rt]
+    assert_equal [nil, :new], Devise::URL_HELPERS[:fake_rt]
+    Devise.two_factor_method_configs.delete(:fake_rt)
+    Devise::ROUTES.delete(:fake_rt)
+    Devise::URL_HELPERS.delete(:fake_rt)
+  end
+
+  test 'register_two_factor_method rejects unknown options' do
+    assert_raises(ArgumentError) do
+      Devise.register_two_factor_method(:bad, model: 'x', unknown: true)
+    end
+  end
+
   test 'Devise.secure_compare fails when comparing different strings or nil' do
     [nil, ""].each do |empty|
       assert_not Devise.secure_compare(empty, "something")

test/models/two_factor_authenticatable_test.rb

@@ -0,0 +1,39 @@
+# frozen_string_literal: true
+
+require 'test_helper'
+
+class TwoFactorAuthenticatableTest < ActiveSupport::TestCase
+  test '.two_factor_modules returns the configured two_factor_methods' do
+    assert_equal [:test_otp], UserWithTwoFactor.two_factor_modules
+  end
+
+  test '#two_factor_enabled? returns true when any method reports enabled' do
+    user = new_user_with_two_factor
+    user.stubs(:test_otp_two_factor_enabled?).returns(true)
+    assert user.two_factor_enabled?
+    assert_equal [:test_otp], user.enabled_two_factors
+  end
+
+  test '#two_factor_enabled? returns false when no method reports enabled' do
+    user = new_user_with_two_factor
+    user.stubs(:test_otp_two_factor_enabled?).returns(false)
+    assert_not user.two_factor_enabled?
+    assert_empty user.enabled_two_factors
+  end
+
+  test '.two_factor_methods= raises on unknown method' do
+    klass = Class.new do
+      extend Devise::Models::TwoFactorAuthenticatable::ClassMethods
+    end
+
+    assert_raises(RuntimeError, /Unknown two-factor method/) do
+      klass.two_factor_methods = [:nonexistent]
+    end
+  end
+
+  private
+
+  def new_user_with_two_factor(attributes = {})
+    UserWithTwoFactor.new(valid_attributes(attributes))
+  end
+end

test/strategies/two_factor_test.rb

@@ -0,0 +1,27 @@
+# frozen_string_literal: true
+
+require 'test_helper'
+
+class TwoFactorStrategyTest < ActiveSupport::TestCase
+  test 'TwoFactor strategy can be loaded' do
+    assert defined?(Devise::Strategies::TwoFactor)
+  end
+
+  test 'TwoFactor base strategy is not valid without a pending session' do
+    strategy = Devise::Strategies::TwoFactor.new(env_with_session)
+    assert_not strategy.valid?
+  end
+
+  test 'verify_two_factor! raises NotImplementedError by default' do
+    strategy = Devise::Strategies::TwoFactor.new(env_with_session)
+    assert_raises(NotImplementedError) do
+      strategy.verify_two_factor!(Object.new)
+    end
+  end
+
+  private
+
+  def env_with_session(session = {})
+    { 'rack.session' => session }
+  end
+end