darkhelm/notifications-admin
1
0
Fork 0
mirror of https://github.com/GSA/notifications-admin.git synced 2026-02-05 10:53:28 -05:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #333 from alphagov/registration-bug-fix

Browse Source 
Fix for trying to verify email on partially complete registration
This commit is contained in:
Adam Shimali
2016-03-22 14:43:52 +00:00
parent 10de99e97f 8fc154d3d2
commit 40fdbca28b
2 changed files with 66 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
app/main/views/verify.py
View File

@@ -55,17 +55,19 @@ def verify_email(token):
token_data = json.loads(token_data)
verified = user_api_client.check_verify_code(token_data['user_id'], token_data['secret_code'], 'email')
if verified[0]:
user = user_api_client.get_user(token_data['user_id'])
user_api_client.send_verify_code(user.id, 'sms', user.mobile_number)
session['user_details'] = {"email": user.email_address, "id": user.id}
return redirect('verify')
else:
message = "There was a problem verifying your account. Error message: '{}'".format(verified[1])
flash(message)
# TODO could this ask for a resend instead?
return redirect(url_for('main.index'))
if verified[1] == 'Code has expired':
flash("The link in the email we sent you has expired. We've sent you a new one.")
return redirect(url_for('main.resend_email_verification'))
else:
message = "There was a problem verifying your account. Error message: '{}'".format(verified[1])
flash(message)
return redirect(url_for('main.index'))
except SignatureExpired:
flash('The link in the email we sent you has expired')

59
tests/app/main/views/test_verify.py
View File

@@ -66,3 +66,62 @@ def test_should_return_200_when_sms_code_is_wrong(app_,
assert response.status_code == 200
resp_data = response.get_data(as_text=True)
assert resp_data.count('Code not found') == 1
def test_verify_email_redirects_to_verify_if_token_valid(app_,
mocker,
api_user_active,
mock_get_user,
mock_send_verify_code,
mock_check_verify_code):
import json
token_data = {"user_id": api_user_active.id, "secret_code": 12345}
mocker.patch('utils.url_safe_token.check_token', return_value=json.dumps(token_data))
with app_.test_request_context():
with app_.test_client() as client:
with client.session_transaction() as session:
session['user_details'] = {'email_address': api_user_active.email_address, 'id': api_user_active.id}
response = client.get(url_for('main.verify_email', token='notreal'))
assert response.status_code == 302
assert response.location == url_for('main.verify', _external=True)
def test_verify_email_redirects_to_email_sent_if_token_expired(app_,
mocker,
api_user_active,
mock_check_verify_code):
from itsdangerous import SignatureExpired
mocker.patch('utils.url_safe_token.check_token', side_effect=SignatureExpired('expired'))
with app_.test_request_context():
with app_.test_client() as client:
with client.session_transaction() as session:
session['user_details'] = {'email_address': api_user_active.email_address, 'id': api_user_active.id}
response = client.get(url_for('main.verify_email', token='notreal'))
assert response.status_code == 302
assert response.location == url_for('main.resend_email_verification', _external=True)
def test_verify_email_redirects_to_email_sent_if_token_used(app_,
mocker,
api_user_active,
mock_get_user,
mock_send_verify_code,
mock_check_verify_code_code_expired):
from itsdangerous import SignatureExpired
mocker.patch('utils.url_safe_token.check_token', side_effect=SignatureExpired('expired'))
with app_.test_request_context():
with app_.test_client() as client:
with client.session_transaction() as session:
session['user_details'] = {'email_address': api_user_active.email_address, 'id': api_user_active.id}
response = client.get(url_for('main.verify_email', token='notreal'))
assert response.status_code == 302
assert response.location == url_for('main.resend_email_verification', _external=True)