From 1b5de906572c95eafbf5bc7d93d4f6ad9b12d235 Mon Sep 17 00:00:00 2001 From: Andrew Shumway Date: Wed, 14 Jun 2023 09:42:22 -0600 Subject: [PATCH 1/2] Form is visible in html/text added for clarification on validation --- app/templates/views/email-link-interstitial.html | 12 ++++-------- app/templates/views/email-link-invalid.html | 4 ++-- app/templates/views/re-validate-email-sent.html | 2 +- tests/app/main/views/test_two_factor.py | 15 ++++++--------- 4 files changed, 13 insertions(+), 20 deletions(-) diff --git a/app/templates/views/email-link-interstitial.html b/app/templates/views/email-link-interstitial.html index a0b41c965..1bf2f1a67 100644 --- a/app/templates/views/email-link-interstitial.html +++ b/app/templates/views/email-link-interstitial.html @@ -3,23 +3,19 @@ {% from "components/page-footer.html" import page_footer %} {% block per_page_title %} - Sign in + Click below to complete email re-verification and finish signing in. {% endblock %} {% block maincolumn_content %} -
+
- {{ page_header('Sign in') }} +

Click below to complete email re-verification and finish signing in.

- {{ page_footer('Continue to dashboard') }} + {{ page_footer('Verify email') }}
- - {% endblock %} diff --git a/app/templates/views/email-link-invalid.html b/app/templates/views/email-link-invalid.html index ba3cede98..77863b231 100644 --- a/app/templates/views/email-link-invalid.html +++ b/app/templates/views/email-link-invalid.html @@ -2,14 +2,14 @@ {% from "components/page-footer.html" import page_footer %} {% block per_page_title %} - Invalid email link + This link has expired {% endblock %} {% block maincolumn_content %}
-

The link has expired

+

This link has expired

diff --git a/app/templates/views/re-validate-email-sent.html b/app/templates/views/re-validate-email-sent.html index 2e32e0a2b..47f5b095e 100644 --- a/app/templates/views/re-validate-email-sent.html +++ b/app/templates/views/re-validate-email-sent.html @@ -11,7 +11,7 @@

{{ title }}

For security, we need to check if you still have access to your email address.

-

We’ve sent you a link to sign in to Notify. The link will open in a new browser window, so you can close this one.

+

We’ve sent you a link valid for 1 hour to sign in to Notify. The link will open in a new browser window, so you can close this one.

{{ page_footer( secondary_link=url_for('main.email_not_received', next=redirect_url), diff --git a/tests/app/main/views/test_two_factor.py b/tests/app/main/views/test_two_factor.py index cefb5f057..64997c207 100644 --- a/tests/app/main/views/test_two_factor.py +++ b/tests/app/main/views/test_two_factor.py @@ -390,9 +390,9 @@ def test_valid_two_factor_email_link_shows_interstitial( client_request.logout() page = client_request.get_url(token_url) - assert normalize_spaces(page.select_one('main .js-hidden').text) == ( - 'Sign in ' - 'Continue to dashboard' + assert normalize_spaces(page.select_one('main').text) == ( + 'Click below to complete email re-verification and finish signing in. ' + 'Verify email' ) form = page.select_one('form') @@ -400,9 +400,6 @@ def test_valid_two_factor_email_link_shows_interstitial( assert 'action' not in form assert form['method'] == 'post' assert form['id'] == expected_form_id - assert page.select_one('main script').string.strip() == ( - f'document.getElementById("{expected_form_id}").submit();' - ) assert mock_check_code.called is False @@ -443,7 +440,7 @@ def test_two_factor_email_link_has_expired( _follow_redirects=True, ) - assert page.h1.text.strip() == 'The link has expired' + assert page.h1.text.strip() == 'This link has expired' assert page.select_one('a:contains("Sign in again")')['href'] == url_for('main.sign_in', next=redirect_url) assert mock_send_verify_code.called is False @@ -486,7 +483,7 @@ def test_two_factor_email_link_is_already_used( _follow_redirects=True, ) - assert page.h1.text.strip() == 'The link has expired' + assert page.h1.text.strip() == 'This link has expired' assert page.select_one('a:contains("Sign in again")')['href'] == url_for('main.sign_in', next=redirect_url) assert mock_send_verify_code.called is False @@ -506,7 +503,7 @@ def test_two_factor_email_link_when_user_is_locked_out( _follow_redirects=True, ) - assert page.h1.text.strip() == 'The link has expired' + assert page.h1.text.strip() == 'This link has expired' assert mock_send_verify_code.called is False From e0d4fee515bcc66300ac1248d0d03b0f5e09013d Mon Sep 17 00:00:00 2001 From: Andrew Shumway Date: Thu, 15 Jun 2023 08:54:52 -0600 Subject: [PATCH 2/2] Replaced 30 min email exp variable with 1 hour in config for consistency --- app/main/views/two_factor.py | 2 +- tests/app/main/views/test_two_factor.py | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/app/main/views/two_factor.py b/app/main/views/two_factor.py index 231859e47..b2d9ae004 100644 --- a/app/main/views/two_factor.py +++ b/app/main/views/two_factor.py @@ -52,7 +52,7 @@ def two_factor_email(token): token, current_app.config['SECRET_KEY'], current_app.config['DANGEROUS_SALT'], - current_app.config['EMAIL_2FA_EXPIRY_SECONDS'] + current_app.config['EMAIL_EXPIRY_SECONDS'] )) except SignatureExpired: return render_template('views/email-link-invalid.html', redirect_url=redirect_url) diff --git a/tests/app/main/views/test_two_factor.py b/tests/app/main/views/test_two_factor.py index 64997c207..d4705006c 100644 --- a/tests/app/main/views/test_two_factor.py +++ b/tests/app/main/views/test_two_factor.py @@ -434,7 +434,7 @@ def test_two_factor_email_link_has_expired( ): client_request.logout() - with set_config(notify_admin, 'EMAIL_2FA_EXPIRY_SECONDS', -1): + with set_config(notify_admin, 'EMAIL_EXPIRY_SECONDS', -1): page = client_request.post_url( url_for_endpoint_with_token('main.two_factor_email', token=valid_token, next=redirect_url), _follow_redirects=True,