From ed0f5a7b9eb52863364e79e46f8ebacc3bd34825 Mon Sep 17 00:00:00 2001 From: Beverly Nguyen Date: Mon, 10 Jun 2024 16:05:59 -0700 Subject: [PATCH 01/11] removed old login announcement page and added new sign in button --- app/assets/images/logo-login.svg | 1 + .../uswds/_uswds-theme-custom-styles.scss | 13 +++++ app/main/views/index.py | 15 +++++- app/templates/views/signedout.html | 2 +- app/templates/views/signin.html | 53 ------------------- 5 files changed, 28 insertions(+), 56 deletions(-) create mode 100644 app/assets/images/logo-login.svg delete mode 100644 app/templates/views/signin.html diff --git a/app/assets/images/logo-login.svg b/app/assets/images/logo-login.svg new file mode 100644 index 000000000..019713377 --- /dev/null +++ b/app/assets/images/logo-login.svg @@ -0,0 +1 @@ + diff --git a/app/assets/sass/uswds/_uswds-theme-custom-styles.scss b/app/assets/sass/uswds/_uswds-theme-custom-styles.scss index d66e276bd..0451be565 100644 --- a/app/assets/sass/uswds/_uswds-theme-custom-styles.scss +++ b/app/assets/sass/uswds/_uswds-theme-custom-styles.scss @@ -157,6 +157,19 @@ td.table-empty-message { } } +.usa-button svg { + margin-left: .5rem; + height: 1rem; +} + +.login-button.login-button--primary, .login-button.login-button--primary:hover { + color: #112e51; + background-color: #fff; + border: 1px solid #767676; + display: inline-flex; + justify-content: center; +} + .user-list-edit-link:active:before, .user-list-edit-link:focus:before { box-shadow: none; diff --git a/app/main/views/index.py b/app/main/views/index.py index c68605b2e..7c6c6a68c 100644 --- a/app/main/views/index.py +++ b/app/main/views/index.py @@ -1,6 +1,6 @@ import os -from flask import abort, redirect, render_template, request, url_for +from flask import abort, current_app, redirect, render_template, request, url_for from flask_login import current_user from app import status_api_client @@ -9,6 +9,7 @@ from app.main import main from app.main.views.pricing import CURRENT_SMS_RATE from app.main.views.sub_navigation_dictionaries import features_nav, using_notify_nav from app.utils.user import user_is_logged_in +from notifications_utils.url_safe_token import generate_token login_dot_gov_url = os.getenv("LOGIN_DOT_GOV_INITIAL_SIGNIN_URL") @@ -17,12 +18,22 @@ login_dot_gov_url = os.getenv("LOGIN_DOT_GOV_INITIAL_SIGNIN_URL") def index(): if current_user and current_user.is_authenticated: return redirect(url_for("main.choose_account")) - + token = generate_token( + str(request.remote_addr), + current_app.config["SECRET_KEY"], + current_app.config["DANGEROUS_SALT"], + ) + url = os.getenv("LOGIN_DOT_GOV_INITIAL_SIGNIN_URL") + # handle unit tests + if url is not None: + url = url.replace("NONCE", token) + url = url.replace("STATE", token) return render_template( "views/signedout.html", sms_rate=CURRENT_SMS_RATE, counts=status_api_client.get_count_of_live_services_and_organizations(), login_dot_gov_url=login_dot_gov_url, + initial_signin_url=url, ) diff --git a/app/templates/views/signedout.html b/app/templates/views/signedout.html index a2aa554f0..9d19d8b9f 100644 --- a/app/templates/views/signedout.html +++ b/app/templates/views/signedout.html @@ -21,7 +21,7 @@ Notify.gov

Reach people where they are with government-powered text messages

Notify.gov is a text message service that helps federal, state, local, tribal and territorial governments more effectively communicate with the people they serve.

- Sign in + if you are an existing pilot partner

Currently we are only working with select pilot partners. If you are interested in using Notify.gov in the future, please contact
tts-benefits-studio@gsa.gov to learn more.

diff --git a/app/templates/views/signin.html b/app/templates/views/signin.html deleted file mode 100644 index f3b3006d7..000000000 --- a/app/templates/views/signin.html +++ /dev/null @@ -1,53 +0,0 @@ -{% extends "base.html" %} -{% from "components/page-footer.html" import page_footer %} -{% from "components/form.html" import form_wrapper %} - -{% block per_page_title %} - {% if again %} - You need to sign in again - {% else %} - Sign in - {% endif %} -{% endblock %} - -{% block maincolumn_content %} - -
-
- {% if again %} -

You need to sign in again

- {% if other_device %} -

- We signed you out because you logged in to Notify on another device. -

- {% else %} -

- We signed you out because you have not used Notify for a while. -

- {% endif %} - Sign in with Login.gov - {% else %} -

Sign in

-

Access your Notify.gov account by signing in with Login.gov:

- Sign in with Login.gov - {% endif %} -
-
-

Effective April 16, 2024 Notify.gov requires you sign-in through Login.gov

-

Why are we doing this?

-
    -
  • Enhanced security: Login.gov is really secure and trustworthy
    • -
  • One single source for signing in: You can use Login.gov for other services within the federal government
    • -
  • 2FA flexibility: Login.gov supports multiple methods for users to verify their identity.
    • -
-

What do I need to do?

-
    -
  • If you have a Login.gov account, start using it to sign in to Notify today.
    • -
  • If you don’t have a Login.gov account, you must create one to continue to access Notify.
    • -
-
- Create Login.gov account -
-
- -{% endblock %} From 8407f5605b22830285f5ede41a7486ec46ffb1e2 Mon Sep 17 00:00:00 2001 From: Beverly Nguyen Date: Tue, 11 Jun 2024 11:06:13 -0700 Subject: [PATCH 02/11] add back signin.html and removed login banner --- app/templates/views/signin.html | 37 +++++++++++++++++++++++++++++++++ 1 file changed, 37 insertions(+) create mode 100644 app/templates/views/signin.html diff --git a/app/templates/views/signin.html b/app/templates/views/signin.html new file mode 100644 index 000000000..c2c6ebe1d --- /dev/null +++ b/app/templates/views/signin.html @@ -0,0 +1,37 @@ +{% extends "base.html" %} +{% from "components/page-footer.html" import page_footer %} +{% from "components/form.html" import form_wrapper %} + +{% block per_page_title %} + {% if again %} + You need to sign in again + {% else %} + Sign in + {% endif %} +{% endblock %} + +{% block maincolumn_content %} + +
+
+ {% if again %} +

You need to sign in again

+ {% if other_device %} +

+ We signed you out because you logged in to Notify on another device. +

+ {% else %} +

+ We signed you out because you have not used Notify for a while. +

+ {% endif %} + Sign in with Login.gov + {% else %} +

Sign in

+

Access your Notify.gov account by signing in with Login.gov:

+ Sign in with Login.gov + {% endif %} +
+
+ +{% endblock %} From 89bd835cd8cb16a2d7765db55a4bdb64305ad871 Mon Sep 17 00:00:00 2001 From: Beverly Nguyen Date: Tue, 11 Jun 2024 12:35:59 -0700 Subject: [PATCH 03/11] update testing --- tests/app/main/views/test_dashboard.py | 28 +++++++++++--------------- tests/app/main/views/test_index.py | 6 +++--- 2 files changed, 15 insertions(+), 19 deletions(-) diff --git a/tests/app/main/views/test_dashboard.py b/tests/app/main/views/test_dashboard.py index 285444b1b..e83dacbae 100644 --- a/tests/app/main/views/test_dashboard.py +++ b/tests/app/main/views/test_dashboard.py @@ -1893,26 +1893,22 @@ def app_with_socketio(): ( SERVICE_ONE_ID, {"start_date": "2024-01-01", "days": 7}, - {"service_id": SERVICE_ONE_ID, "start_date": "2024-01-01", "days": 7} + {"service_id": SERVICE_ONE_ID, "start_date": "2024-01-01", "days": 7}, ), ( SERVICE_TWO_ID, {"start_date": "2023-06-01", "days": 7}, - {"service_id": SERVICE_TWO_ID, "start_date": "2023-06-01", "days": 7} + {"service_id": SERVICE_TWO_ID, "start_date": "2023-06-01", "days": 7}, ), - ] + ], ) def test_fetch_daily_stats( - app_with_socketio, mocker, - service_id, - date_range, - expected_call_args + app_with_socketio, mocker, service_id, date_range, expected_call_args ): app, socketio = app_with_socketio mocker.patch( - "app.main.views.dashboard.get_stats_date_range", - return_value=date_range + "app.main.views.dashboard.get_stats_date_range", return_value=date_range ) mock_service_api = mocker.patch( @@ -1920,9 +1916,9 @@ def test_fetch_daily_stats( return_value={ date_range["start_date"]: { "email": {"delivered": 0, "failure": 0, "requested": 0}, - "sms": {"delivered": 0, "failure": 1, "requested": 1} + "sms": {"delivered": 0, "failure": 1, "requested": 1}, }, - } + }, ) client = SocketIOTestClient(app, socketio) @@ -1930,22 +1926,22 @@ def test_fetch_daily_stats( connected = client.is_connected() assert connected, "Client should be connected" - client.emit('fetch_daily_stats', service_id) + client.emit("fetch_daily_stats", service_id) received = client.get_received() assert received, "Should receive a response message" - assert received[0]['name'] == 'daily_stats_update' - assert received[0]['args'][0] == { + assert received[0]["name"] == "daily_stats_update" + assert received[0]["args"][0] == { date_range["start_date"]: { "email": {"delivered": 0, "failure": 0, "requested": 0}, - "sms": {"delivered": 0, "failure": 1, "requested": 1} + "sms": {"delivered": 0, "failure": 1, "requested": 1}, }, } mock_service_api.assert_called_once_with( service_id, start_date=expected_call_args["start_date"], - days=expected_call_args["days"] + days=expected_call_args["days"], ) finally: client.disconnect() diff --git a/tests/app/main/views/test_index.py b/tests/app/main/views/test_index.py index 57bdfaa70..cc29c963c 100644 --- a/tests/app/main/views/test_index.py +++ b/tests/app/main/views/test_index.py @@ -19,9 +19,9 @@ def test_non_logged_in_user_can_see_homepage( "Reach people where they are with government-powered text messages" ) - assert page.select_one("a.usa-button.usa-button--big")["href"] == url_for( - "main.sign_in", - ) + assert page.select_one( + "a.usa-button.login-button.login-button--primary.margin-right-2" + )["href"] assert page.select_one("meta[name=description]") is not None # This area is hidden for the pilot From cfa31af6524a6c080e4482bbe3b0849291a621f4 Mon Sep 17 00:00:00 2001 From: Beverly Nguyen Date: Tue, 11 Jun 2024 13:38:26 -0700 Subject: [PATCH 04/11] fixed testing --- .ds.baseline | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.ds.baseline b/.ds.baseline index ec87d9c30..10d8f3ba6 100644 --- a/.ds.baseline +++ b/.ds.baseline @@ -591,7 +591,7 @@ "filename": "tests/app/main/views/test_sign_in.py", "hashed_secret": "1348b145fa1a555461c1b790a2f66614781091e9", "is_verified": false, - "line_number": 31, + "line_number": 30, "is_secret": false }, { @@ -599,7 +599,7 @@ "filename": "tests/app/main/views/test_sign_in.py", "hashed_secret": "8b8b69116ee882b5e987e330f55db81aba0636f9", "is_verified": false, - "line_number": 104, + "line_number": 103, "is_secret": false } ], @@ -710,5 +710,5 @@ } ] }, - "generated_at": "2024-06-05T22:01:56Z" + "generated_at": "2024-06-11T20:36:19Z" } From 7b8db705523a16b2d68595211747085863f184ab Mon Sep 17 00:00:00 2001 From: Beverly Nguyen Date: Tue, 11 Jun 2024 14:01:40 -0700 Subject: [PATCH 05/11] fixed testing --- .ds.baseline | 12 ++---------- tests/app/main/views/test_sign_in.py | 13 ------------- 2 files changed, 2 insertions(+), 23 deletions(-) diff --git a/.ds.baseline b/.ds.baseline index 10d8f3ba6..29ab6333e 100644 --- a/.ds.baseline +++ b/.ds.baseline @@ -586,20 +586,12 @@ } ], "tests/app/main/views/test_sign_in.py": [ - { - "type": "Private Key", - "filename": "tests/app/main/views/test_sign_in.py", - "hashed_secret": "1348b145fa1a555461c1b790a2f66614781091e9", - "is_verified": false, - "line_number": 30, - "is_secret": false - }, { "type": "Secret Keyword", "filename": "tests/app/main/views/test_sign_in.py", "hashed_secret": "8b8b69116ee882b5e987e330f55db81aba0636f9", "is_verified": false, - "line_number": 103, + "line_number": 91, "is_secret": false } ], @@ -710,5 +702,5 @@ } ] }, - "generated_at": "2024-06-11T20:36:19Z" + "generated_at": "2024-06-11T21:01:12Z" } diff --git a/tests/app/main/views/test_sign_in.py b/tests/app/main/views/test_sign_in.py index 135f4a5ba..81d32253a 100644 --- a/tests/app/main/views/test_sign_in.py +++ b/tests/app/main/views/test_sign_in.py @@ -20,25 +20,12 @@ def test_render_sign_in_template_for_new_user(client_request): # then these indices need to be 1 instead of 0. # Currently it's not enabled for the test or production environments. assert page.select("main a")[0].text == "Sign in with Login.gov" - assert page.select("main a")[1].text == "Create Login.gov account" # TODO: We'll have to adjust this depending on whether Login.gov is # enabled or not; fix this in the future. assert "Sign in again" not in normalize_spaces(page.text) -def test_reformat_keystring(): - orig = "-----BEGIN PRIVATE KEY----- blah blah blah -----END PRIVATE KEY-----" - expected = """-----BEGIN PRIVATE KEY----- -blah -blah -blah ------END PRIVATE KEY----- -""" - reformatted = _reformat_keystring(orig) - assert reformatted == expected - - def test_sign_in_explains_session_timeout(client_request): client_request.logout() page = client_request.get("main.sign_in", next="/foo") From 53c938ebc61d0b25d2a82db9bdea18d9f8dfd6f9 Mon Sep 17 00:00:00 2001 From: Beverly Nguyen Date: Tue, 11 Jun 2024 15:12:05 -0700 Subject: [PATCH 06/11] fixed css --- app/assets/sass/uswds/_uswds-theme-custom-styles.scss | 9 ++++----- app/templates/views/signedout.html | 3 ++- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/app/assets/sass/uswds/_uswds-theme-custom-styles.scss b/app/assets/sass/uswds/_uswds-theme-custom-styles.scss index 0451be565..ae9542349 100644 --- a/app/assets/sass/uswds/_uswds-theme-custom-styles.scss +++ b/app/assets/sass/uswds/_uswds-theme-custom-styles.scss @@ -157,15 +157,14 @@ td.table-empty-message { } } -.usa-button svg { +.usa-button img { margin-left: .5rem; height: 1rem; } -.login-button.login-button--primary, .login-button.login-button--primary:hover { - color: #112e51; - background-color: #fff; - border: 1px solid #767676; +.login-button.login-button--primary,.login-button.login-button--primary:hover{ + color:#112e51;background-color:#fff; + border:1px solid #767676; display: inline-flex; justify-content: center; } diff --git a/app/templates/views/signedout.html b/app/templates/views/signedout.html index 9d19d8b9f..fab9fbb30 100644 --- a/app/templates/views/signedout.html +++ b/app/templates/views/signedout.html @@ -21,7 +21,8 @@ Notify.gov

Reach people where they are with government-powered text messages

Notify.gov is a text message service that helps federal, state, local, tribal and territorial governments more effectively communicate with the people they serve.

- + if you are an existing pilot partner

Currently we are only working with select pilot partners. If you are interested in using Notify.gov in the future, please contact
tts-benefits-studio@gsa.gov to learn more.

From c8fb1b2f91952189da8ffceafa8d1437f3e04b58 Mon Sep 17 00:00:00 2001 From: Beverly Nguyen Date: Tue, 11 Jun 2024 15:28:46 -0700 Subject: [PATCH 07/11] fixed import errors --- .ds.baseline | 4 ++-- tests/app/main/views/test_sign_in.py | 1 - 2 files changed, 2 insertions(+), 3 deletions(-) diff --git a/.ds.baseline b/.ds.baseline index 29ab6333e..82ab59b8d 100644 --- a/.ds.baseline +++ b/.ds.baseline @@ -591,7 +591,7 @@ "filename": "tests/app/main/views/test_sign_in.py", "hashed_secret": "8b8b69116ee882b5e987e330f55db81aba0636f9", "is_verified": false, - "line_number": 91, + "line_number": 90, "is_secret": false } ], @@ -702,5 +702,5 @@ } ] }, - "generated_at": "2024-06-11T21:01:12Z" + "generated_at": "2024-06-11T22:26:18Z" } diff --git a/tests/app/main/views/test_sign_in.py b/tests/app/main/views/test_sign_in.py index 81d32253a..efa01deb7 100644 --- a/tests/app/main/views/test_sign_in.py +++ b/tests/app/main/views/test_sign_in.py @@ -3,7 +3,6 @@ import uuid import pytest from flask import url_for -from app.main.views.sign_in import _reformat_keystring from app.models.user import User from tests.conftest import SERVICE_ONE_ID, normalize_spaces From 5147072621a329056f008bf0ee25fa21811985e5 Mon Sep 17 00:00:00 2001 From: Beverly Nguyen Date: Tue, 11 Jun 2024 15:46:36 -0700 Subject: [PATCH 08/11] fixed e2e test --- tests/end_to_end/test_landing_and_sign_in_pages.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/end_to_end/test_landing_and_sign_in_pages.py b/tests/end_to_end/test_landing_and_sign_in_pages.py index a9148cb31..df4ec486c 100644 --- a/tests/end_to_end/test_landing_and_sign_in_pages.py +++ b/tests/end_to_end/test_landing_and_sign_in_pages.py @@ -22,7 +22,7 @@ def test_landing_page(end_to_end_context): "heading", name="Reach people where they are with government-powered text messages", ) - sign_in_button = page.get_by_role("link", name="Sign in") + sign_in_button = page.get_by_role("link", name="Sign in with") benefits_studio_email = page.get_by_role("link", name="tts-benefits-studio@gsa.gov") # Check to make sure the elements are visible. @@ -31,7 +31,7 @@ def test_landing_page(end_to_end_context): expect(benefits_studio_email).to_be_visible() # Check to make sure the sign-in button and email links are correct. - expect(sign_in_button).to_have_attribute("href", "/sign-in") + expect(sign_in_button).to_have_attribute("href") expect(benefits_studio_email).to_have_attribute( "href", "mailto:tts-benefits-studio@gsa.gov" ) From 6be4f878e484fc783a35561a32a30544ce10455f Mon Sep 17 00:00:00 2001 From: Beverly Nguyen Date: Tue, 11 Jun 2024 16:22:38 -0700 Subject: [PATCH 09/11] fixed end2end --- app/main/views/index.py | 3 --- tests/app/main/views/test_index.py | 3 +-- tests/end_to_end/test_landing_and_sign_in_pages.py | 4 +++- 3 files changed, 4 insertions(+), 6 deletions(-) diff --git a/app/main/views/index.py b/app/main/views/index.py index 7c6c6a68c..ec489d5ac 100644 --- a/app/main/views/index.py +++ b/app/main/views/index.py @@ -11,8 +11,6 @@ from app.main.views.sub_navigation_dictionaries import features_nav, using_notif from app.utils.user import user_is_logged_in from notifications_utils.url_safe_token import generate_token -login_dot_gov_url = os.getenv("LOGIN_DOT_GOV_INITIAL_SIGNIN_URL") - @main.route("/") def index(): @@ -32,7 +30,6 @@ def index(): "views/signedout.html", sms_rate=CURRENT_SMS_RATE, counts=status_api_client.get_count_of_live_services_and_organizations(), - login_dot_gov_url=login_dot_gov_url, initial_signin_url=url, ) diff --git a/tests/app/main/views/test_index.py b/tests/app/main/views/test_index.py index cc29c963c..1e08cd606 100644 --- a/tests/app/main/views/test_index.py +++ b/tests/app/main/views/test_index.py @@ -21,8 +21,7 @@ def test_non_logged_in_user_can_see_homepage( assert page.select_one( "a.usa-button.login-button.login-button--primary.margin-right-2" - )["href"] - + ).text == "Sign in with \n" assert page.select_one("meta[name=description]") is not None # This area is hidden for the pilot # assert normalize_spaces(page.select_one('#whos-using-notify').text) == ( diff --git a/tests/end_to_end/test_landing_and_sign_in_pages.py b/tests/end_to_end/test_landing_and_sign_in_pages.py index df4ec486c..4cdabe61c 100644 --- a/tests/end_to_end/test_landing_and_sign_in_pages.py +++ b/tests/end_to_end/test_landing_and_sign_in_pages.py @@ -31,7 +31,9 @@ def test_landing_page(end_to_end_context): expect(benefits_studio_email).to_be_visible() # Check to make sure the sign-in button and email links are correct. - expect(sign_in_button).to_have_attribute("href") + href_value = sign_in_button.get_attribute('href') + assert href_value is not None, "The sign-in button does not have an href attribute" + # expect(sign_in_button).to_have_attribute("href") expect(benefits_studio_email).to_have_attribute( "href", "mailto:tts-benefits-studio@gsa.gov" ) From d028beda4f5acd7fc37c96916e60c07d46a33b89 Mon Sep 17 00:00:00 2001 From: Beverly Nguyen Date: Tue, 11 Jun 2024 16:29:31 -0700 Subject: [PATCH 10/11] Removed comments --- tests/end_to_end/test_landing_and_sign_in_pages.py | 1 - 1 file changed, 1 deletion(-) diff --git a/tests/end_to_end/test_landing_and_sign_in_pages.py b/tests/end_to_end/test_landing_and_sign_in_pages.py index 4cdabe61c..513269f51 100644 --- a/tests/end_to_end/test_landing_and_sign_in_pages.py +++ b/tests/end_to_end/test_landing_and_sign_in_pages.py @@ -33,7 +33,6 @@ def test_landing_page(end_to_end_context): # Check to make sure the sign-in button and email links are correct. href_value = sign_in_button.get_attribute('href') assert href_value is not None, "The sign-in button does not have an href attribute" - # expect(sign_in_button).to_have_attribute("href") expect(benefits_studio_email).to_have_attribute( "href", "mailto:tts-benefits-studio@gsa.gov" ) From b5623ca96bd2b7b66ba0e719cd72378763fa5615 Mon Sep 17 00:00:00 2001 From: Beverly Nguyen Date: Thu, 13 Jun 2024 12:10:22 -0700 Subject: [PATCH 11/11] updated css --- app/assets/sass/uswds/_uswds-theme-custom-styles.scss | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/assets/sass/uswds/_uswds-theme-custom-styles.scss b/app/assets/sass/uswds/_uswds-theme-custom-styles.scss index ae9542349..efe86c763 100644 --- a/app/assets/sass/uswds/_uswds-theme-custom-styles.scss +++ b/app/assets/sass/uswds/_uswds-theme-custom-styles.scss @@ -162,7 +162,7 @@ td.table-empty-message { height: 1rem; } -.login-button.login-button--primary,.login-button.login-button--primary:hover{ +.usa-button.login-button.login-button--primary,.login-button.login-button--primary:hover{ color:#112e51;background-color:#fff; border:1px solid #767676; display: inline-flex;