109526520: Implement verify flow

When a person registers with a valid mobile number and email address, a code will be sent to each. That person can enter the verify codes and continue to the add-service page.
2026-05-03 23:51:22 -04:00 · 2015-12-07 16:08:30 +00:00
parent 56db1ad400
commit 16618e80f9
8 changed files with 122 additions and 22 deletions
--- a/app/init.py
+++ b/app/init.py
@@ -34,7 +34,7 @@ def create_app(config_name):
    init_csrf(application)

    login_manager.init_app(application)
-    login_manager.login_view = 'main.sign_in.render_sign_in'
+    # login_manager.login_view = 'main.sign_in.render_sign_in'

    from app.main import main as main_blueprint
    application.register_blueprint(main_blueprint)
--- a/app/main/dao/users_dao.py
+++ b/app/main/dao/users_dao.py
@@ -30,3 +30,10 @@ def increment_failed_login_count(id):
    user = User.query.filter_by(id=id).first()
    user.failed_login_count += 1
    db.session.commit()
+
+
+def activate_user(id):
+    user = get_user_by_id(id)
+    user.state = 'active'
+    db.session.add(user)
+    db.session.commit()
--- a/app/main/forms.py
+++ b/app/main/forms.py
@@ -39,5 +39,7 @@ class RegisterUserForm(Form):


 class VerifyForm(Form):
-    sms_code = IntegerField(DataRequired(message='SMS code can not be empty'))
-    email_code = IntegerField(DataRequired(message='Email code can not be empty'))
+    sms_code = IntegerField("Text message confirmation code",
+                            validators=[DataRequired(message='SMS code can not be empty')])
+    email_code = IntegerField("Email confirmation code",
+                              validators=[DataRequired(message='Email code can not be empty')])
--- a/app/main/views/register.py
+++ b/app/main/views/register.py
@@ -36,6 +36,7 @@ def process_register():
            session['email_code'] = hashpw(email_code)
            session['expiry_date'] = str(datetime.now() + timedelta(hours=1))
            users_dao.insert_user(user)
+            session['user_id'] = user.id
        except AdminApiClientException as e:
            return jsonify(admin_api_client_error=e.value)
        except SQLAlchemyError:
--- a/app/main/views/verify.py
+++ b/app/main/views/verify.py
@@ -1,6 +1,8 @@
-from app.main import main
 from flask import render_template, redirect, jsonify, session
+from flask_login import login_user

+from app.main import main
+from app.main.dao import users_dao
 from app.main.encryption import checkpw
 from app.main.forms import VerifyForm

@@ -13,15 +15,18 @@ def render_verify():
@main.route('/verify', methods=['POST'])
 def process_verify():
    form = VerifyForm()
-
    if form.validate_on_submit():
        valid_sms = checkpw(form.sms_code.data, session['sms_code'])
        valid_email = checkpw(form.email_code.data, session['email_code'])
        if valid_sms is False:
-            return jsonify(sms_code='invalid'), 400
+            return jsonify(sms_code='does not match'), 400
        if valid_email is False:
-            return jsonify(email_code='invalid'), 400
+            return jsonify(email_code='does not match'), 400
    else:
        return jsonify(form.errors), 400

+    user = users_dao.get_user_by_id(session['user_id'])
+    users_dao.activate_user(user.id)
+    login_user(user)
+
    return redirect('/add-service')
--- a/app/templates/verify.html
+++ b/app/templates/verify.html
@@ -12,20 +12,23 @@ GOV.UK Notify | Confirm email address and mobile number

 		<p>We've sent you confirmation codes by email and text message. You need to enter both codes here.</p>

-		<p>
-		<label class="form-label" for="emailverify">Email confirmation code<br>
-  		<input class="form-control-1-4" id="emailverify" type="text"><br>
-  		<span class="font-xsmall"><a href="email-not-received">I haven't received an email</a></span>
-  		</p>
-  		<p>
-  		<label class="form-label" for="email">Text message confirmation code<br>
-  		<input class="form-control-1-4" id="email" type="text"><br>
-  		<span class="font-xsmall"><a href="text-not-received">I haven't received a text</a></span>
-  		</p>
+		<form  autocomplete="off" action="" method="post">
+			{{ form.hidden_tag() }}
+			<p>
+			<label class="form-label">{{ form.email_code.label }}</label>
+				{{ form.email_code(class="form-control-1-4", autocomplete="off") }}<br>
+			<span class="font-xsmall"><a href="email-not-received">I haven't received an email</a></span>
+			</p>
+			<p>
+			<label class="form-label">{{ form.sms_code.label }}</label>
+				{{ form.sms_code(class="form-control-1-4", autocomplete="off") }} <br>
+			<span class="font-xsmall"><a href="text-not-received">I haven't received a text</a></span>
+			</p>

-  		<p>
-  		<a class="button" href="add-service" role="button">Continue</a>
-  		</p>
+			<p>
+			<button class="button" href="add-service" role="button">Continue</button>
+			</p>
+		</form>
 	</div>
 </div>