109526520: Implement verify flow

When a person registers with a valid mobile number and email address, a code will be sent to each. That person can enter the verify codes and continue to the add-service page.
2026-02-05 10:53:28 -05:00 · 2015-12-07 16:08:30 +00:00
parent 56db1ad400
commit 16618e80f9
8 changed files with 122 additions and 22 deletions
--- a/tests/app/main/dao/test_users_dao.py
+++ b/tests/app/main/dao/test_users_dao.py
@@ -119,3 +119,23 @@ def test_user_is_active_is_false_if_state_is_inactive(notifications_admin, notif

    saved_user = users_dao.get_user_by_id(user.id)
    assert saved_user.is_active() is False
+
+
+def test_should_update_user_to_active(notifications_admin, notifications_admin_db):
+    user = User(name='Make user active',
+                password='somepassword',
+                email_address='activate@user.gov.uk',
+                mobile_number='+441234123412',
+                created_at=datetime.now(),
+                role_id=1,
+                state='pending')
+    users_dao.insert_user(user)
+    users_dao.activate_user(user.id)
+    updated_user = users_dao.get_user_by_id(user.id)
+    assert updated_user.state == 'active'
+
+
+def test_should_throws_error_when_id_does_not_exist(notifications_admin, notifications_admin_db):
+    with pytest.raises(AttributeError) as error:
+        users_dao.activate_user(123)
+    assert '''object has no attribute 'state''''' in str(error.value)
--- a/tests/app/main/views/test_verify.py
+++ b/tests/app/main/views/test_verify.py
@@ -1,9 +1,12 @@
+from datetime import datetime
+
+from app.main.dao import users_dao
 from app.main.encryption import hashpw
+from app.models import User


 def test_should_return_verify_template(notifications_admin, notifications_admin_db):
    response = notifications_admin.test_client().get('/verify')
-
    assert response.status_code == 200
    assert 'Activate your account' in response.get_data(as_text=True)

@@ -11,6 +14,8 @@ def test_should_return_verify_template(notifications_admin, notifications_admin_
 def test_should_redirect_to_add_service_when_code_are_correct(notifications_admin, notifications_admin_db):
    with notifications_admin.test_client() as client:
        with client.session_transaction() as session:
+            user = _create_test_user()
+            session['user_id'] = user.id
            session['sms_code'] = hashpw('12345')
            session['email_code'] = hashpw('23456')
        response = client.post('/verify',
@@ -20,13 +25,70 @@ def test_should_redirect_to_add_service_when_code_are_correct(notifications_admi
        assert response.location == 'http://localhost/add-service'


+def test_should_activate_user_after_verify(notifications_admin, notifications_admin_db):
+    with notifications_admin.test_client() as client:
+        with client.session_transaction() as session:
+            user = _create_test_user()
+            session['user_id'] = user.id
+            session['sms_code'] = hashpw('12345')
+            session['email_code'] = hashpw('23456')
+        client.post('/verify',
+                    data={'sms_code': '12345',
+                          'email_code': '23456'})
+
+        after_verify = users_dao.get_user_by_id(user.id)
+        assert after_verify.state == 'active'
+
+
 def test_should_return_400_when_sms_code_is_wrong(notifications_admin, notifications_admin_db):
    with notifications_admin.test_client() as client:
        with client.session_transaction() as session:
+            user = _create_test_user()
+            session['user_id'] = user.id
            session['sms_code'] = hashpw('12345')
            session['email_code'] = hashpw('23456')
        response = client.post('/verify',
                               data={'sms_code': '98765',
                                     'email_code': '23456'})
        assert response.status_code == 400
-        assert 'sms_code' in response.get_data(as_text=True)
+        assert '"sms_code": "does not match"' in response.get_data(as_text=True)
+
+
+def test_should_return_400_when_email_code_is_wrong(notifications_admin, notifications_admin_db):
+    with notifications_admin.test_client() as client:
+        with client.session_transaction() as session:
+            user = _create_test_user()
+            session['user_id'] = user.id
+            session['sms_code'] = hashpw('12345')
+            session['email_code'] = hashpw('98456')
+        response = client.post('/verify',
+                               data={'sms_code': '12345',
+                                     'email_code': '23456'})
+        assert response.status_code == 400
+        assert '"email_code": "does not match"' in response.get_data(as_text=True)
+
+
+def test_should_return_400_when_sms_code_is_missing(notifications_admin, notifications_admin_db):
+    response = notifications_admin.test_client().post('/verify',
+                                                      data={'email_code': '23456'})
+    assert response.status_code == 400
+    assert 'SMS code can not be empty' in response.get_data(as_text=True)
+
+
+def test_should_return_400_when_email_code_is_missing(notifications_admin, notifications_admin_db):
+    response = notifications_admin.test_client().post('/verify',
+                                                      data={'sms_code': '23456'})
+    assert response.status_code == 400
+    assert 'Email code can not be empty' in response.get_data(as_text=True)
+
+
+def _create_test_user():
+    user = User(name='Test User',
+                password='somepassword',
+                email_address='test@user.gov.uk',
+                mobile_number='+441234123412',
+                created_at=datetime.now(),
+                role_id=1,
+                state='pending')
+    users_dao.insert_user(user)
+    return user