Add endpoints for forgot-password.

2026-02-05 10:53:28 -05:00 · 2016-01-04 14:00:39 +00:00
parent 567ac123e3
commit 6696426dbc
10 changed files with 145 additions and 11 deletions
--- a/tests/app/main/dao/test_users_dao.py
+++ b/tests/app/main/dao/test_users_dao.py
@@ -3,6 +3,7 @@ from datetime import datetime
 import pytest
 import sqlalchemy

+from app.main.encryption import check_hash
 from app.models import User
 from app.main.dao import users_dao

@@ -161,3 +162,24 @@ def test_should_update_email_address(notifications_admin, notifications_admin_db
    users_dao.update_email_address(user.id, 'new_email@testit.gov.uk')
    updated = users_dao.get_user_by_id(user.id)
    assert updated.email_address == 'new_email@testit.gov.uk'
+
+
+def test_should_update_password(notifications_admin, notifications_admin_db, notify_db_session):
+    user = User(name='Update Email',
+                password='somepassword',
+                email_address='test@it.gov.uk',
+                mobile_number='+441234123412',
+                created_at=datetime.now(),
+                role_id=1,
+                state='active')
+    start = datetime.now()
+    users_dao.insert_user(user)
+
+    saved = users_dao.get_user_by_id(user.id)
+    assert check_hash('somepassword', saved.password)
+    assert saved.password_changed_at is None
+    users_dao.update_password(saved.id, 'newpassword')
+    updated = users_dao.get_user_by_id(user.id)
+    assert check_hash('newpassword', updated.password)
+    assert updated.password_changed_at < datetime.now()
+    assert updated.password_changed_at > start
--- a/tests/app/main/views/test_forgot_password.py
+++ b/tests/app/main/views/test_forgot_password.py
@@ -0,0 +1,16 @@
+from flask import current_app
+
+
+def test_should_render_forgot_password(notifications_admin, notifications_admin_db, notify_db_session):
+    response = notifications_admin.test_client().get('/forgot-password')
+    assert response.status_code == 200
+    assert 'If you have forgotten your password, we can send you an email to create a new password.' \
+           in response.get_data(as_text=True)
+
+
+def test_should_return_400_when_email_is_invalid(notifications_admin, notifications_admin_db, notify_db_session):
+    response = notifications_admin.test_client().post('/forgot-password',
+                                                      data={'email_address': 'not_a_valid_email'})
+    x = current_app._get_current_object()
+    assert response.status_code == 400
+    assert 'Please enter a valid email address' in response.get_data(as_text=True)