diff --git a/app/main/views/sign_in.py b/app/main/views/sign_in.py index cdbc31c8f..524a6339e 100644 --- a/app/main/views/sign_in.py +++ b/app/main/views/sign_in.py @@ -28,7 +28,6 @@ from app.main.forms import LoginForm @main.route('/sign-in', methods=(['GET', 'POST'])) def sign_in(): - if current_user and current_user.is_authenticated: return redirect(url_for('main.choose_service')) diff --git a/app/main/views/two_factor.py b/app/main/views/two_factor.py index a728aea19..022a189f5 100644 --- a/app/main/views/two_factor.py +++ b/app/main/views/two_factor.py @@ -32,7 +32,8 @@ def two_factor(): user.set_password(session['user_details']['password']) user.reset_failed_login_count() user_api_client.update_user(user) - login_user(user, remember=True) + activated_user = user_api_client.activate_user(user) + login_user(activated_user, remember=True) finally: del session['user_details'] diff --git a/app/notify_client/user_api_client.py b/app/notify_client/user_api_client.py index e3c6cc1d6..2d4a0155a 100644 --- a/app/notify_client/user_api_client.py +++ b/app/notify_client/user_api_client.py @@ -122,5 +122,8 @@ class UserApiClient(BaseAPIClient): return True def activate_user(self, user): - user.state = 'active' - return self.update_user(user) + if user.state == 'pending': + user.state = 'active' + return self.update_user(user) + else: + return user diff --git a/tests/app/main/views/test_two_factor.py b/tests/app/main/views/test_two_factor.py index cf234483f..2a5421cf0 100644 --- a/tests/app/main/views/test_two_factor.py +++ b/tests/app/main/views/test_two_factor.py @@ -222,3 +222,24 @@ def test_two_factor_should_redirect_to_sign_in_if_user_not_in_session(app_, data={'sms_code': '12345'}) assert response.status_code == 302 assert response.location == url_for('main.sign_in', _external=True) + + +def test_two_factor_should_activate_pending_user(app_, + mocker, + api_user_pending, + mock_check_verify_code, + mock_update_user + ): + mocker.patch('app.user_api_client.get_user', return_value=api_user_pending) + mocker.patch('app.service_api_client.get_services', return_value={'data': []}) + with app_.test_request_context(): + with app_.test_client() as client: + with client.session_transaction() as session: + session['user_details'] = { + 'id': api_user_pending.id, + 'email_address': api_user_pending.email_address + } + client.post(url_for('main.two_factor'), data={'sms_code': '12345'}) + + assert mock_update_user.called + assert api_user_pending.is_active diff --git a/tests/app/main/views/test_verify.py b/tests/app/main/views/test_verify.py index 4aaab069b..97f2d4da8 100644 --- a/tests/app/main/views/test_verify.py +++ b/tests/app/main/views/test_verify.py @@ -39,15 +39,16 @@ def test_should_redirect_to_add_service_when_sms_code_is_correct(app_, def test_should_activate_user_after_verify(app_, - api_user_active, - mock_get_user, + mocker, + api_user_pending, mock_send_verify_code, mock_check_verify_code, mock_update_user): + mocker.patch('app.user_api_client.get_user', return_value=api_user_pending) with app_.test_request_context(): with app_.test_client() as client: with client.session_transaction() as session: - session['user_details'] = {'email_address': api_user_active.email_address, 'id': api_user_active.id} + session['user_details'] = {'email_address': api_user_pending.email_address, 'id': api_user_pending.id} client.post(url_for('main.verify'), data={'sms_code': '12345'}) assert mock_update_user.called