mirror of
https://github.com/GSA/notifications-admin.git
synced 2026-02-05 10:53:28 -05:00
Re-implement forgot password
This commit is contained in:
Rebecca Law
@@ -9,13 +9,10 @@ def test_should_render_forgot_password(app_):
|
||||
in response.get_data(as_text=True)
|
||||
|
||||
|
||||
def test_should_redirect_to_password_reset_sent_and_state_updated(
|
||||
app_,
|
||||
api_user_active,
|
||||
mock_get_user_by_email,
|
||||
mock_update_user,
|
||||
mock_send_email
|
||||
):
|
||||
def test_should_redirect_to_password_reset_sent_for_valid_email(
|
||||
app_,
|
||||
api_user_active,
|
||||
mock_reset_user_password):
|
||||
with app_.test_request_context():
|
||||
response = app_.test_client().post(
|
||||
url_for('.forgot_password'),
|
||||
@@ -24,23 +21,4 @@ def test_should_redirect_to_password_reset_sent_and_state_updated(
|
||||
assert (
|
||||
'You have been sent an email containing a link'
|
||||
' to reset your password.') in response.get_data(as_text=True)
|
||||
assert mock_send_email.call_count == 1
|
||||
|
||||
|
||||
def test_should_redirect_to_password_reset_sent_for_non_existant_email_address(
|
||||
app_,
|
||||
api_user_active,
|
||||
mock_dont_get_user_by_email,
|
||||
mock_update_user,
|
||||
mock_send_email
|
||||
):
|
||||
with app_.test_request_context():
|
||||
response = app_.test_client().post(
|
||||
url_for('.forgot_password'),
|
||||
data={'email_address': 'nope@example.gov.uk'})
|
||||
assert response.status_code == 200
|
||||
assert (
|
||||
'You have been sent an email containing a link'
|
||||
' to reset your password.') in response.get_data(as_text=True)
|
||||
mock_dont_get_user_by_email.assert_called_once_with('nope@example.gov.uk')
|
||||
assert not mock_send_email.called
|
||||
mock_reset_user_password.assert_called_once_with(api_user_active.email_address)
|
||||
|
||||
@@ -1,9 +1,8 @@
|
||||
import json
|
||||
from datetime import datetime
|
||||
|
||||
from flask import url_for
|
||||
|
||||
from app.main.dao import users_dao
|
||||
from app.main.encryption import check_hash
|
||||
from app.notify_client.sender import generate_token
|
||||
|
||||
from utils.url_safe_token import generate_token
|
||||
import pytest
|
||||
|
||||
|
||||
@@ -14,59 +13,62 @@ def test_should_render_new_password_template(app_,
|
||||
mock_get_user_by_email_request_password_reset):
|
||||
with app_.test_request_context():
|
||||
with app_.test_client() as client:
|
||||
token = generate_token(api_user_active.email_address)
|
||||
data = json.dumps({'email': api_user_active.email_address, 'created_at': str(datetime.now())})
|
||||
token = generate_token(data, app_.config['SECRET_KEY'],
|
||||
app_.config['DANGEROUS_SALT'])
|
||||
response = client.get(url_for('.new_password', token=token))
|
||||
assert response.status_code == 200
|
||||
assert 'You can now create a new password for your account.' in response.get_data(as_text=True)
|
||||
|
||||
|
||||
@pytest.mark.skipif(True, reason='Password reset no implemented')
|
||||
def test_should_render_new_password_template_with_message_of_bad_token(app_,
|
||||
mock_get_user_by_email):
|
||||
def test_should_return_404_when_email_address_does_not_exist(app_, mock_get_user_by_email_not_found):
|
||||
with app_.test_request_context():
|
||||
with app_.test_client() as client:
|
||||
token = generate_token('no_user@d.gov.uk')
|
||||
data = json.dumps({'email': 'no_user@d.gov.uk', 'created_at': str(datetime.now())})
|
||||
token = generate_token(data, app_.config['SECRET_KEY'], app_.config['DANGEROUS_SALT'])
|
||||
response = client.get(url_for('.new_password', token=token))
|
||||
assert response.status_code == 200
|
||||
assert 'Message about email address does not exist. Some one needs to figure out the words here.' in \
|
||||
response.get_data(as_text=True)
|
||||
assert response.status_code == 404
|
||||
|
||||
|
||||
@pytest.mark.skipif(True, reason='Password reset no implemented')
|
||||
def test_should_redirect_to_two_factor_when_password_reset_is_successful(app_,
|
||||
mock_get_user_by_email_request_password_reset,
|
||||
mock_login):
|
||||
mock_login,
|
||||
mock_send_verify_code):
|
||||
with app_.test_request_context():
|
||||
with app_.test_client() as client:
|
||||
user = mock_get_user_by_email_request_password_reset.return_value
|
||||
token = generate_token(user.email_address)
|
||||
data = json.dumps({'email': user.email_address, 'created_at': str(datetime.now())})
|
||||
token = generate_token(data, app_.config['SECRET_KEY'], app_.config['DANGEROUS_SALT'])
|
||||
response = client.post(url_for('.new_password', token=token), data={'new_password': 'a-new_password'})
|
||||
assert response.status_code == 302
|
||||
assert response.location == url_for('.two_factor', _external=True)
|
||||
mock_get_user_by_email_request_password_reset.assert_called_once_with(user.email_address)
|
||||
|
||||
|
||||
def test_should_redirect_index_if_user_has_already_changed_password(app_,
|
||||
mock_get_user_by_email_user_changed_password,
|
||||
mock_login,
|
||||
mock_send_verify_code):
|
||||
with app_.test_request_context():
|
||||
with app_.test_client() as client:
|
||||
user = mock_get_user_by_email_user_changed_password.return_value
|
||||
data = json.dumps({'email': user.email_address, 'created_at': str(datetime.now())})
|
||||
token = generate_token(data, app_.config['SECRET_KEY'], app_.config['DANGEROUS_SALT'])
|
||||
response = client.post(url_for('.new_password', token=token), data={'new_password': 'a-new_password'})
|
||||
assert response.status_code == 302
|
||||
assert response.location == url_for('.index', _external=True)
|
||||
mock_get_user_by_email_user_changed_password.assert_called_once_with(user.email_address)
|
||||
|
||||
|
||||
def test_should_redirect_to_forgot_password_with_flash_message_when_token_is_expired(
|
||||
app_, mock_get_user_by_email_request_password_reset, mock_login
|
||||
app_, mock_get_user_by_email_request_password_reset, mock_login
|
||||
):
|
||||
with app_.test_request_context():
|
||||
with app_.test_client() as client:
|
||||
app_.config['TOKEN_MAX_AGE_SECONDS'] = -1000
|
||||
user = mock_get_user_by_email_request_password_reset.return_value
|
||||
token = generate_token(user.email_address)
|
||||
token = generate_token(user.email_address, app_.config['SECRET_KEY'], app_.config['DANGEROUS_SALT'])
|
||||
response = client.post(url_for('.new_password', token=token), data={'new_password': 'a-new_password'})
|
||||
assert response.status_code == 302
|
||||
assert response.location == url_for('.forgot_password', _external=True)
|
||||
app_.config['TOKEN_MAX_AGE_SECONDS'] = 3600
|
||||
|
||||
|
||||
@pytest.mark.skipif(True, reason='Password reset no implemented')
|
||||
def test_should_redirect_to_forgot_pass_when_user_active_should_be_request_passw_reset(
|
||||
app_, mock_get_user_by_email_request_password_reset, mock_login
|
||||
):
|
||||
with app_.test_request_context():
|
||||
with app_.test_client() as client:
|
||||
user = mock_get_user_by_email_request_password_reset.return_value
|
||||
token = generate_token(user.email_address)
|
||||
response = client.post(url_for('.new_password', token=token), data={'new_password': 'a-new_password'})
|
||||
assert response.status_code == 302
|
||||
assert response.location == url_for('.index', _external=True)
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
import uuid
|
||||
from datetime import date
|
||||
from datetime import date, datetime, timedelta
|
||||
import pytest
|
||||
|
||||
from app import create_app
|
||||
@@ -268,9 +268,27 @@ def api_user_request_password_reset():
|
||||
'password': 'somepassword',
|
||||
'email_address': 'test@user.gov.uk',
|
||||
'mobile_number': '+4412341234',
|
||||
'state': 'request_password_reset',
|
||||
'state': 'active',
|
||||
'failed_login_count': 5,
|
||||
'permissions': {}
|
||||
'permissions': {},
|
||||
'password_changed_at': None
|
||||
}
|
||||
user = User(user_data)
|
||||
return user
|
||||
|
||||
|
||||
@pytest.fixture(scope='function')
|
||||
def api_user_changed_password():
|
||||
from app.notify_client.user_api_client import User
|
||||
user_data = {'id': 555,
|
||||
'name': 'Test User',
|
||||
'password': 'somepassword',
|
||||
'email_address': 'test@user.gov.uk',
|
||||
'mobile_number': '+4412341234',
|
||||
'state': 'active',
|
||||
'failed_login_count': 5,
|
||||
'permissions': {},
|
||||
'password_changed_at': str(datetime.now() + timedelta(minutes=1))
|
||||
}
|
||||
user = User(user_data)
|
||||
return user
|
||||
@@ -345,6 +363,13 @@ def mock_get_user_by_email_request_password_reset(mocker, api_user_request_passw
|
||||
return_value=api_user_request_password_reset)
|
||||
|
||||
|
||||
@pytest.fixture(scope='function')
|
||||
def mock_get_user_by_email_user_changed_password(mocker, api_user_changed_password):
|
||||
return mocker.patch(
|
||||
'app.user_api_client.get_user_by_email',
|
||||
return_value=api_user_changed_password)
|
||||
|
||||
|
||||
@pytest.fixture(scope='function')
|
||||
def mock_get_user_by_email_locked(mocker, api_user_locked):
|
||||
return mocker.patch(
|
||||
@@ -382,14 +407,6 @@ def mock_verify_password(mocker):
|
||||
side_effect=_verify_password)
|
||||
|
||||
|
||||
@pytest.fixture(scope='function')
|
||||
def mock_password_reset(mocker, api_user_active):
|
||||
|
||||
def _reset(email):
|
||||
api_user_active.state = 'request_password_reset'
|
||||
return mocker.patch('app.main.dao.users_dao.request_password_reset', side_effect=_reset)
|
||||
|
||||
|
||||
@pytest.fixture(scope='function')
|
||||
def mock_update_user(mocker):
|
||||
|
||||
@@ -645,3 +662,8 @@ def mock_add_user_to_service(mocker, service_one, api_user_active):
|
||||
@pytest.fixture(scope='function')
|
||||
def mock_set_user_permissions(mocker):
|
||||
return mocker.patch('app.user_api_client.set_user_permissions', return_value=None)
|
||||
|
||||
|
||||
@pytest.fixture(scope='function')
|
||||
def mock_reset_user_password(mocker):
|
||||
return mocker.patch('app.user_api_client.send_reset_password_url', return_value=None)
|
||||
|
||||
Reference in New Issue
Block a user