diff --git a/app/main/views/two_factor.py b/app/main/views/two_factor.py index 20816a81c..0cd8b8444 100644 --- a/app/main/views/two_factor.py +++ b/app/main/views/two_factor.py @@ -96,7 +96,7 @@ def log_in_user(user_id): session['current_session_id'] = user.current_session_id # Check if coming from new password page if 'password' in session.get('user_details', {}): - user.update_password(session['user_details']['password'], from_email=True) + user.update_password(session['user_details']['password'], validated_email_access=True) user.activate() user.login() finally: diff --git a/app/models/user.py b/app/models/user.py index 28fab973f..fa1c8b24c 100644 --- a/app/models/user.py +++ b/app/models/user.py @@ -106,8 +106,8 @@ class User(JSONModel, UserMixin): response = user_api_client.update_user_attribute(self.id, **kwargs) self.__init__(response) - def update_password(self, password, from_email=False): - response = user_api_client.update_password(self.id, password, from_email=from_email) + def update_password(self, password, validated_email_access=False): + response = user_api_client.update_password(self.id, password, validated_email_access=validated_email_access) self.__init__(response) def password_changed_more_recently_than(self, datetime_string): diff --git a/app/notify_client/user_api_client.py b/app/notify_client/user_api_client.py index 014b5330a..c97b241be 100644 --- a/app/notify_client/user_api_client.py +++ b/app/notify_client/user_api_client.py @@ -75,10 +75,10 @@ class UserApiClient(NotifyAdminAPIClient): return user_data['data'] @cache.delete('user-{user_id}') - def update_password(self, user_id, password, from_email=False): + def update_password(self, user_id, password, validated_email_access=False): data = {"_password": password} - if from_email: - data["from_email"] = from_email + if validated_email_access: + data["validated_email_access"] = validated_email_access url = "/user/{}/update-password".format(user_id) user_data = self.post(url, data=data) return user_data['data'] diff --git a/tests/app/main/views/test_new_password.py b/tests/app/main/views/test_new_password.py index 618c0527f..80359bcd7 100644 --- a/tests/app/main/views/test_new_password.py +++ b/tests/app/main/views/test_new_password.py @@ -112,6 +112,6 @@ def test_should_sign_in_when_password_reset_is_successful_for_email_auth( # the log-in flow makes a couple of calls mock_get_user.assert_called_once_with(user['id']) - mock_update_user_password.assert_called_once_with(user['id'], 'a-new_password', from_email=True) + mock_update_user_password.assert_called_once_with(user['id'], 'a-new_password', validated_email_access=True) assert not mock_send_verify_code.called diff --git a/tests/app/main/views/test_two_factor.py b/tests/app/main/views/test_two_factor.py index 0eaff8489..f8333c5c8 100644 --- a/tests/app/main/views/test_two_factor.py +++ b/tests/app/main/views/test_two_factor.py @@ -191,7 +191,9 @@ def test_two_factor_should_set_password_when_new_password_exists_in_session( assert response.status_code == 302 assert response.location == url_for('main.show_accounts_or_dashboard', _external=True) - mock_update_user_password.assert_called_once_with(api_user_active['id'], 'changedpassword', from_email=True) + mock_update_user_password.assert_called_once_with( + api_user_active['id'], 'changedpassword', validated_email_access=True + ) def test_two_factor_returns_error_when_user_is_locked( diff --git a/tests/conftest.py b/tests/conftest.py index c2aa8d3ad..6335f0c17 100644 --- a/tests/conftest.py +++ b/tests/conftest.py @@ -1515,7 +1515,7 @@ def mock_verify_password(mocker): @pytest.fixture(scope='function') def mock_update_user_password(mocker, api_user_active): - def _update(user_id, password, from_email=False): + def _update(user_id, password, validated_email_access=False): api_user_active['id'] = user_id return api_user_active