From 04f6d0a5e0447a359a5a7b31db8dbf28e0f1b84a Mon Sep 17 00:00:00 2001
From: chrisw <chris.waszczuk@digital.cabinet-office.gov.uk>
Date: Thu, 9 Nov 2017 17:06:24 +0000
Subject: [PATCH] Updated code used flow

---
 app/main/views/two_factor.py            |  5 +++--
 tests/app/main/views/test_two_factor.py | 11 +++++++----
 2 files changed, 10 insertions(+), 6 deletions(-)

diff --git a/app/main/views/two_factor.py b/app/main/views/two_factor.py
index a95ca4494..39b70fd58 100644
--- a/app/main/views/two_factor.py
+++ b/app/main/views/two_factor.py
@@ -56,8 +56,9 @@ def two_factor_email(token):
     logged_in, msg = user_api_client.check_verify_code(user_id, token_data['secret_code'], "email")
 
     if not logged_in:
-        flash("There’s something wrong with the code")
-        return redirect(url_for('.two_factor_email_sent'))
+        flash("This link has already been used")
+        session['user_details'] = {'id': user_id}
+        return redirect(url_for('.resend_email_link'))
     return log_in_user(user_id)
 
 
diff --git a/tests/app/main/views/test_two_factor.py b/tests/app/main/views/test_two_factor.py
index 97d9ef939..f9a3b0686 100644
--- a/tests/app/main/views/test_two_factor.py
+++ b/tests/app/main/views/test_two_factor.py
@@ -276,7 +276,9 @@ def test_two_factor_email_link_is_invalid(
 def test_two_factor_email_link_is_already_used(
     client,
     valid_token,
-    mocker
+    mocker,
+    mock_send_verify_code
+
 ):
     mocker.patch('app.user_api_client.check_verify_code', return_value=(False, 'Code has expired'))
 
@@ -288,14 +290,15 @@ def test_two_factor_email_link_is_already_used(
     page = BeautifulSoup(response.data.decode('utf-8'), 'html.parser')
     assert normalize_spaces(
         page.select_one('.banner-dangerous').text
-    ) == "There’s something wrong with the code"
+    ) == "This link has already been used"
     assert response.status_code == 200
 
 
 def test_two_factor_email_link_when_user_is_locked_out(
     client,
     valid_token,
-    mocker
+    mocker,
+    mock_send_verify_code
 ):
     mocker.patch('app.user_api_client.check_verify_code', return_value=(False, 'Code not found'))
 
@@ -307,7 +310,7 @@ def test_two_factor_email_link_when_user_is_locked_out(
     page = BeautifulSoup(response.data.decode('utf-8'), 'html.parser')
     assert normalize_spaces(
         page.select_one('.banner-dangerous').text
-    ) == "There’s something wrong with the code"
+    ) == "This link has already been used"
     assert response.status_code == 200