2016-03-10 14:48:33 +00:00
|
|
|
|
from flask import url_for
|
2015-12-04 16:21:01 +00:00
|
|
|
|
|
2016-03-17 13:07:52 +00:00
|
|
|
|
from bs4 import BeautifulSoup
|
|
|
|
|
|
|
2015-12-04 16:21:01 +00:00
|
|
|
|
|
2016-01-27 12:22:32 +00:00
|
|
|
|
def test_should_return_verify_template(app_,
|
|
|
|
|
|
api_user_active,
|
|
|
|
|
|
mock_send_verify_code):
|
2016-01-15 15:15:35 +00:00
|
|
|
|
with app_.test_request_context():
|
|
|
|
|
|
with app_.test_client() as client:
|
2016-01-05 17:08:50 +00:00
|
|
|
|
# TODO this lives here until we work out how to
|
|
|
|
|
|
# reassign the session after it is lost mid register process
|
|
|
|
|
|
with client.session_transaction() as session:
|
2016-01-27 12:22:32 +00:00
|
|
|
|
session['user_details'] = {'email_address': api_user_active.email_address, 'id': api_user_active.id}
|
2016-01-05 17:08:50 +00:00
|
|
|
|
response = client.get(url_for('main.verify'))
|
|
|
|
|
|
assert response.status_code == 200
|
2016-03-17 13:07:52 +00:00
|
|
|
|
|
|
|
|
|
|
page = BeautifulSoup(response.data.decode('utf-8'), 'html.parser')
|
2016-04-23 16:11:41 +01:00
|
|
|
|
assert page.h1.text == 'Check your phone'
|
2016-03-18 11:20:08 +00:00
|
|
|
|
message = page.find_all('p')[1].text
|
2016-08-22 10:17:03 +01:00
|
|
|
|
assert message == "We’ve sent you a text message with a security code."
|
2015-12-04 17:10:06 +00:00
|
|
|
|
|
|
|
|
|
|
|
2016-03-17 13:07:52 +00:00
|
|
|
|
def test_should_redirect_to_add_service_when_sms_code_is_correct(app_,
|
|
|
|
|
|
api_user_active,
|
|
|
|
|
|
mock_get_user,
|
|
|
|
|
|
mock_update_user,
|
|
|
|
|
|
mock_check_verify_code):
|
2016-01-15 15:15:35 +00:00
|
|
|
|
with app_.test_request_context():
|
|
|
|
|
|
with app_.test_client() as client:
|
2016-01-05 17:08:50 +00:00
|
|
|
|
with client.session_transaction() as session:
|
2016-01-27 12:22:32 +00:00
|
|
|
|
session['user_details'] = {'email_address': api_user_active.email_address, 'id': api_user_active.id}
|
2016-01-05 17:08:50 +00:00
|
|
|
|
response = client.post(url_for('main.verify'),
|
2016-03-17 13:07:52 +00:00
|
|
|
|
data={'sms_code': '12345'})
|
2016-01-05 17:08:50 +00:00
|
|
|
|
assert response.status_code == 302
|
2016-01-18 10:47:53 +00:00
|
|
|
|
assert response.location == url_for('main.add_service', first='first', _external=True)
|
2015-12-04 17:10:06 +00:00
|
|
|
|
|
2016-03-17 13:07:52 +00:00
|
|
|
|
mock_check_verify_code.assert_called_once_with(api_user_active.id, '12345', 'sms')
|
|
|
|
|
|
|
2015-12-04 17:10:06 +00:00
|
|
|
|
|
2016-01-27 16:30:33 +00:00
|
|
|
|
def test_should_activate_user_after_verify(app_,
|
2016-09-09 15:22:56 +01:00
|
|
|
|
mocker,
|
|
|
|
|
|
api_user_pending,
|
2016-01-27 16:30:33 +00:00
|
|
|
|
mock_send_verify_code,
|
|
|
|
|
|
mock_check_verify_code,
|
|
|
|
|
|
mock_update_user):
|
2016-09-09 15:22:56 +01:00
|
|
|
|
mocker.patch('app.user_api_client.get_user', return_value=api_user_pending)
|
2016-01-23 23:14:50 +00:00
|
|
|
|
with app_.test_request_context():
|
|
|
|
|
|
with app_.test_client() as client:
|
|
|
|
|
|
with client.session_transaction() as session:
|
2016-09-09 15:22:56 +01:00
|
|
|
|
session['user_details'] = {'email_address': api_user_pending.email_address, 'id': api_user_pending.id}
|
2016-01-23 23:14:50 +00:00
|
|
|
|
client.post(url_for('main.verify'),
|
2016-03-17 13:07:52 +00:00
|
|
|
|
data={'sms_code': '12345'})
|
2016-01-27 16:30:33 +00:00
|
|
|
|
assert mock_update_user.called
|
2015-12-07 16:08:30 +00:00
|
|
|
|
|
|
|
|
|
|
|
2016-03-17 13:07:52 +00:00
|
|
|
|
def test_should_return_200_when_sms_code_is_wrong(app_,
|
|
|
|
|
|
api_user_active,
|
|
|
|
|
|
mock_get_user,
|
|
|
|
|
|
mock_check_verify_code_code_not_found):
|
2016-01-15 15:15:35 +00:00
|
|
|
|
with app_.test_request_context():
|
|
|
|
|
|
with app_.test_client() as client:
|
2016-01-05 17:08:50 +00:00
|
|
|
|
with client.session_transaction() as session:
|
2016-01-27 12:22:32 +00:00
|
|
|
|
session['user_details'] = {'email_address': api_user_active.email_address, 'id': api_user_active.id}
|
2016-01-05 17:08:50 +00:00
|
|
|
|
response = client.post(url_for('main.verify'),
|
2016-03-17 13:07:52 +00:00
|
|
|
|
data={'sms_code': '12345'})
|
2016-01-05 17:08:50 +00:00
|
|
|
|
assert response.status_code == 200
|
|
|
|
|
|
resp_data = response.get_data(as_text=True)
|
2016-03-17 13:07:52 +00:00
|
|
|
|
assert resp_data.count('Code not found') == 1
|
2016-03-22 13:38:35 +00:00
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
def test_verify_email_redirects_to_verify_if_token_valid(app_,
|
|
|
|
|
|
mocker,
|
2016-03-29 12:13:36 +01:00
|
|
|
|
api_user_pending,
|
|
|
|
|
|
mock_get_user_pending,
|
2016-03-22 13:38:35 +00:00
|
|
|
|
mock_send_verify_code,
|
|
|
|
|
|
mock_check_verify_code):
|
|
|
|
|
|
import json
|
2016-03-29 12:13:36 +01:00
|
|
|
|
token_data = {"user_id": api_user_pending.id, "secret_code": 12345}
|
2016-04-14 12:00:55 +01:00
|
|
|
|
mocker.patch('app.main.views.verify.check_token', return_value=json.dumps(token_data))
|
2016-03-22 13:38:35 +00:00
|
|
|
|
|
|
|
|
|
|
with app_.test_request_context():
|
|
|
|
|
|
with app_.test_client() as client:
|
|
|
|
|
|
with client.session_transaction() as session:
|
2016-03-29 12:13:36 +01:00
|
|
|
|
session['user_details'] = {'email_address': api_user_pending.email_address, 'id': api_user_pending.id}
|
2016-03-22 13:38:35 +00:00
|
|
|
|
|
|
|
|
|
|
response = client.get(url_for('main.verify_email', token='notreal'))
|
|
|
|
|
|
|
|
|
|
|
|
assert response.status_code == 302
|
|
|
|
|
|
assert response.location == url_for('main.verify', _external=True)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
def test_verify_email_redirects_to_email_sent_if_token_expired(app_,
|
|
|
|
|
|
mocker,
|
2016-03-29 12:13:36 +01:00
|
|
|
|
api_user_pending,
|
2016-03-22 13:38:35 +00:00
|
|
|
|
mock_check_verify_code):
|
|
|
|
|
|
from itsdangerous import SignatureExpired
|
2016-04-14 12:00:55 +01:00
|
|
|
|
mocker.patch('app.main.views.verify.check_token', side_effect=SignatureExpired('expired'))
|
2016-03-22 13:38:35 +00:00
|
|
|
|
|
|
|
|
|
|
with app_.test_request_context():
|
|
|
|
|
|
with app_.test_client() as client:
|
|
|
|
|
|
with client.session_transaction() as session:
|
2016-03-29 12:13:36 +01:00
|
|
|
|
session['user_details'] = {'email_address': api_user_pending.email_address, 'id': api_user_pending.id}
|
2016-03-22 13:38:35 +00:00
|
|
|
|
|
|
|
|
|
|
response = client.get(url_for('main.verify_email', token='notreal'))
|
|
|
|
|
|
|
|
|
|
|
|
assert response.status_code == 302
|
|
|
|
|
|
assert response.location == url_for('main.resend_email_verification', _external=True)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
def test_verify_email_redirects_to_email_sent_if_token_used(app_,
|
|
|
|
|
|
mocker,
|
2016-03-29 12:13:36 +01:00
|
|
|
|
api_user_pending,
|
|
|
|
|
|
mock_get_user_pending,
|
2016-03-22 13:38:35 +00:00
|
|
|
|
mock_send_verify_code,
|
|
|
|
|
|
mock_check_verify_code_code_expired):
|
|
|
|
|
|
from itsdangerous import SignatureExpired
|
2016-04-14 12:00:55 +01:00
|
|
|
|
mocker.patch('app.main.views.verify.check_token', side_effect=SignatureExpired('expired'))
|
2016-03-22 13:38:35 +00:00
|
|
|
|
|
|
|
|
|
|
with app_.test_request_context():
|
|
|
|
|
|
with app_.test_client() as client:
|
|
|
|
|
|
with client.session_transaction() as session:
|
2016-03-29 12:13:36 +01:00
|
|
|
|
session['user_details'] = {'email_address': api_user_pending.email_address, 'id': api_user_pending.id}
|
2016-03-22 13:38:35 +00:00
|
|
|
|
|
|
|
|
|
|
response = client.get(url_for('main.verify_email', token='notreal'))
|
|
|
|
|
|
|
|
|
|
|
|
assert response.status_code == 302
|
|
|
|
|
|
assert response.location == url_for('main.resend_email_verification', _external=True)
|
2016-03-29 12:13:36 +01:00
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
def test_verify_email_redirects_to_sign_in_if_user_active(app_,
|
|
|
|
|
|
mocker,
|
|
|
|
|
|
api_user_active,
|
|
|
|
|
|
mock_get_user,
|
|
|
|
|
|
mock_send_verify_code,
|
|
|
|
|
|
mock_check_verify_code):
|
|
|
|
|
|
import json
|
|
|
|
|
|
token_data = {"user_id": api_user_active.id, "secret_code": 12345}
|
2016-04-14 12:00:55 +01:00
|
|
|
|
mocker.patch('app.main.views.verify.check_token', return_value=json.dumps(token_data))
|
2016-03-29 12:13:36 +01:00
|
|
|
|
|
|
|
|
|
|
with app_.test_request_context():
|
|
|
|
|
|
with app_.test_client() as client:
|
|
|
|
|
|
with client.session_transaction() as session:
|
|
|
|
|
|
session['user_details'] = {'email_address': api_user_active.email_address, 'id': api_user_active.id}
|
|
|
|
|
|
|
|
|
|
|
|
response = client.get(url_for('main.verify_email', token='notreal'), follow_redirects=True)
|
|
|
|
|
|
page = BeautifulSoup(response.data.decode('utf-8'), 'html.parser')
|
|
|
|
|
|
assert page.h1.text == 'Sign in'
|
|
|
|
|
|
flash_banner = page.find('div', class_='banner-dangerous').string.strip()
|
2016-03-29 13:21:51 +01:00
|
|
|
|
assert flash_banner == "That verification link has expired."
|
2016-06-17 11:36:30 +01:00
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
def test_verify_redirects_to_sign_in_if_not_logged_in(app_):
|
|
|
|
|
|
with app_.test_request_context(), app_.test_client() as client:
|
|
|
|
|
|
response = client.get(url_for('main.verify'))
|
|
|
|
|
|
|
|
|
|
|
|
assert response.location == url_for('main.sign_in', _external=True)
|
|
|
|
|
|
assert response.status_code == 302
|