From 398aef6d4ca50a9ba5d043384421546f147c3f48 Mon Sep 17 00:00:00 2001
From: Katie Smith <klssmith@users.noreply.github.com>
Date: Mon, 21 Jan 2019 15:44:15 +0000
Subject: [PATCH] Revert "Stop automatically resending email verification
 links"

---
 app/main/views/two_factor.py                | 16 ++++++++++++++--
 app/notify_client/user_api_client.py        |  8 +++++++-
 app/templates/views/email-link-invalid.html | 19 -------------------
 tests/app/main/views/test_two_factor.py     | 19 +++++++++++--------
 4 files changed, 32 insertions(+), 30 deletions(-)
 delete mode 100644 app/templates/views/email-link-invalid.html

diff --git a/app/main/views/two_factor.py b/app/main/views/two_factor.py
index f883701a5..aca8889da 100644
--- a/app/main/views/two_factor.py
+++ b/app/main/views/two_factor.py
@@ -2,6 +2,7 @@ import json
 
 from flask import (
     current_app,
+    flash,
     redirect,
     render_template,
     request,
@@ -41,14 +42,25 @@ def two_factor_email(token):
             current_app.config['EMAIL_2FA_EXPIRY_SECONDS']
         ))
     except SignatureExpired:
-        return render_template('views/email-link-invalid.html')
+        # lets decode again, without the expiry, to get the user id out
+        orig_data = json.loads(check_token(
+            token,
+            current_app.config['SECRET_KEY'],
+            current_app.config['DANGEROUS_SALT'],
+            None
+        ))
+        session['user_details'] = {'id': orig_data['user_id']}
+        flash("The link in the email we sent you has expired. We’ve sent you a new one.")
+        return redirect(url_for('.resend_email_link'))
 
     user_id = token_data['user_id']
     # checks if code was already used
     logged_in, msg = user_api_client.check_verify_code(user_id, token_data['secret_code'], "email")
 
     if not logged_in:
-        return render_template('views/email-link-invalid.html')
+        flash("This link has already been used")
+        session['user_details'] = {'id': user_id}
+        return redirect(url_for('.resend_email_link'))
     return log_in_user(user_id)
 
 
diff --git a/app/notify_client/user_api_client.py b/app/notify_client/user_api_client.py
index fad3368dd..869e8030b 100644
--- a/app/notify_client/user_api_client.py
+++ b/app/notify_client/user_api_client.py
@@ -129,7 +129,13 @@ class UserApiClient(NotifyAdminAPIClient):
             return True, ''
         except HTTPError as e:
             if e.status_code == 400 or e.status_code == 404:
-                return False, e.message
+                if 'Code not found' in e.message:
+                    return False, 'Code not found'
+                elif 'Code has expired' in e.message:
+                    return False, 'Code has expired'
+                else:
+                    # TODO what is the default message?
+                    return False, 'Code not found'
             raise e
 
     def get_users_for_service(self, service_id):
diff --git a/app/templates/views/email-link-invalid.html b/app/templates/views/email-link-invalid.html
deleted file mode 100644
index 738261e3f..000000000
--- a/app/templates/views/email-link-invalid.html
+++ /dev/null
@@ -1,19 +0,0 @@
-{% extends "withoutnav_template.html" %}
-{% from "components/page-footer.html" import page_footer %}
-
-{% block per_page_title %}
-  Invalid email link
-{% endblock %}
-
-{% block maincolumn_content %}
-
-<div class="grid-row">
-  <div class="column-two-thirds">
-    <h1 class="heading-large">The link has expired</h1>
-
-    <p><a href="{{ url_for('main.sign_in') }}">Sign in again</a> to get a new link.</p>
-
-  </div>
-</div>
-
-{% endblock %}
diff --git a/tests/app/main/views/test_two_factor.py b/tests/app/main/views/test_two_factor.py
index c6d86fcf6..dbc7c63b8 100644
--- a/tests/app/main/views/test_two_factor.py
+++ b/tests/app/main/views/test_two_factor.py
@@ -235,8 +235,11 @@ def test_two_factor_email_link_has_expired(
     assert response.status_code == 200
     page = BeautifulSoup(response.data.decode('utf-8'), 'html.parser')
 
-    assert page.h1.text.strip() == 'The link has expired'
-    mock_send_verify_code.assert_not_called
+    assert normalize_spaces(
+        page.select_one('.banner-dangerous').text
+    ) == "The link in the email we sent you has expired. We’ve sent you a new one."
+    assert page.h1.text.strip() == 'Email resent'
+    mock_send_verify_code.assert_called_once_with(fake_uuid, 'email', None)
 
 
 def test_two_factor_email_link_is_invalid(
@@ -269,11 +272,11 @@ def test_two_factor_email_link_is_already_used(
     )
 
     page = BeautifulSoup(response.data.decode('utf-8'), 'html.parser')
+    assert normalize_spaces(
+        page.select_one('.banner-dangerous').text
+    ) == "This link has already been used"
     assert response.status_code == 200
 
-    assert page.h1.text.strip() == 'The link has expired'
-    mock_send_verify_code.assert_not_called
-
 
 def test_two_factor_email_link_when_user_is_locked_out(
     client,
@@ -289,11 +292,11 @@ def test_two_factor_email_link_when_user_is_locked_out(
     )
 
     page = BeautifulSoup(response.data.decode('utf-8'), 'html.parser')
+    assert normalize_spaces(
+        page.select_one('.banner-dangerous').text
+    ) == "This link has already been used"
     assert response.status_code == 200
 
-    assert page.h1.text.strip() == 'The link has expired'
-    mock_send_verify_code.assert_not_called
-
 
 def test_two_factor_email_link_used_when_user_already_logged_in(
     logged_in_client,