template-monorepo/test/k6/journeys/change_password_totp_guard.js

// Journey: TOTP enrolled → change password without step-up must fail (403)
import { post, checkError } from '../lib/http.js';
import { registerAndConfirm } from '../lib/auth.js';
import { enrollTOTP } from '../lib/member.js';

export const options = {
  vus: 1,
  iterations: 1,
  thresholds: { checks: ['rate==1.0'] },
};

export default function () {
  const { identity, tokens } = registerAndConfirm();
  const bearer = { Authorization: `Bearer ${tokens.access_token}` };

  enrollTOTP(bearer);

  checkError(
    post(
      '/api/v1/members/me/password',
      {
        current_password: identity.password,
        new_password: 'K6-NewPass-9!',
      },
      bearer,
    ),
    'POST /me/password without step-up (totp enrolled)',
    403,
    29505000,
  );
}
add fix eage case 2026-05-27 09:28:13 +00:00			`// Journey: TOTP enrolled → change password without step-up must fail (403)`
			`import { post, checkError } from '../lib/http.js';`
			`import { registerAndConfirm } from '../lib/auth.js';`
			`import { enrollTOTP } from '../lib/member.js';`

			`export const options = {`
			`vus: 1,`
			`iterations: 1,`
			`thresholds: { checks: ['rate==1.0'] },`
			`};`

			`export default function () {`
			`const { identity, tokens } = registerAndConfirm();`
			const bearer = { Authorization: `Bearer ${tokens.access_token}` };

			`enrollTOTP(bearer);`

			`checkError(`
			`post(`
			`'/api/v1/members/me/password',`
			`{`
			`current_password: identity.password,`
			`new_password: 'K6-NewPass-9!',`
			`},`
			`bearer,`
			`),`
			`'POST /me/password without step-up (totp enrolled)',`
			`403,`
			`29505000,`
			`);`
			`}`