diff --git a/app/main/views/code_not_received.py b/app/main/views/code_not_received.py index 25e2f060a..37269a7d2 100644 --- a/app/main/views/code_not_received.py +++ b/app/main/views/code_not_received.py @@ -43,7 +43,7 @@ def check_and_resend_verification_code(): if user.state == 'pending': return redirect(url_for('main.verify', next=redirect_url)) else: - return redirect(url_for('main.two_factor', next=redirect_url)) + return redirect(url_for('main.two_factor_sms', next=redirect_url)) @main.route('/email-not-received', methods=['GET']) diff --git a/app/main/views/new_password.py b/app/main/views/new_password.py index 22f2a9719..e060736a1 100644 --- a/app/main/views/new_password.py +++ b/app/main/views/new_password.py @@ -49,6 +49,6 @@ def new_password(token): else: # send user a 2fa sms code user.send_verify_code() - return redirect(url_for('main.two_factor', next=request.args.get('next'))) + return redirect(url_for('main.two_factor_sms', next=request.args.get('next'))) else: return render_template('views/new-password.html', token=token, form=form, user=user) diff --git a/app/main/views/sign_in.py b/app/main/views/sign_in.py index edca1bc12..a119faada 100644 --- a/app/main/views/sign_in.py +++ b/app/main/views/sign_in.py @@ -46,7 +46,7 @@ def sign_in(): invited_user.accept_invite() if user and user.sign_in(): if user.sms_auth: - return redirect(url_for('.two_factor', next=redirect_url)) + return redirect(url_for('.two_factor_sms', next=redirect_url)) if user.email_auth: return redirect(url_for('.two_factor_email_sent', next=redirect_url)) if user.webauthn_auth: diff --git a/app/main/views/two_factor.py b/app/main/views/two_factor.py index 6757d6391..163c71b05 100644 --- a/app/main/views/two_factor.py +++ b/app/main/views/two_factor.py @@ -60,9 +60,10 @@ def two_factor_email(token): return log_in_user(user_id) +@main.route('/two-factor-sms', methods=['GET', 'POST']) @main.route('/two-factor', methods=['GET', 'POST']) @redirect_to_sign_in -def two_factor(): +def two_factor_sms(): user_id = session['user_details']['id'] user = User.from_id(user_id) @@ -79,7 +80,7 @@ def two_factor(): user_api_client.send_verify_code(user.id, 'email', None, redirect_url) return redirect(url_for('.revalidate_email_sent', next=redirect_url)) - return render_template('views/two-factor.html', form=form, redirect_url=redirect_url) + return render_template('views/two-factor-sms.html', form=form, redirect_url=redirect_url) @main.route('/two-factor-webauthn', methods=['GET']) diff --git a/app/main/views/verify.py b/app/main/views/verify.py index b1d27ea10..87c8fa95d 100644 --- a/app/main/views/verify.py +++ b/app/main/views/verify.py @@ -36,7 +36,7 @@ def verify(): finally: session.pop('user_details', None) - return render_template('views/two-factor.html', form=form) + return render_template('views/two-factor-sms.html', form=form) @main.route('/verify-email/') diff --git a/app/navigation.py b/app/navigation.py index 447a1b102..2ceda0b15 100644 --- a/app/navigation.py +++ b/app/navigation.py @@ -107,7 +107,7 @@ class HeaderNavigation(Navigation): 'sign-in': { 'revalidate_email_sent', 'sign_in', - 'two_factor', + 'two_factor_sms', 'two_factor_email', 'two_factor_email_sent', 'two_factor_email_interstitial', diff --git a/app/templates/views/two-factor.html b/app/templates/views/two-factor-sms.html similarity index 100% rename from app/templates/views/two-factor.html rename to app/templates/views/two-factor-sms.html diff --git a/tests/app/main/views/test_code_not_received.py b/tests/app/main/views/test_code_not_received.py index 11405790f..6343dd271 100644 --- a/tests/app/main/views/test_code_not_received.py +++ b/tests/app/main/views/test_code_not_received.py @@ -138,7 +138,7 @@ def test_check_and_redirect_to_two_factor_if_user_active( 'email': api_user_active['email_address']} response = client.get(url_for('main.check_and_resend_verification_code', next=redirect_url)) assert response.status_code == 302 - assert response.location == url_for('main.two_factor', _external=True, next=redirect_url) + assert response.location == url_for('main.two_factor_sms', _external=True, next=redirect_url) @pytest.mark.parametrize('redirect_url', [ diff --git a/tests/app/main/views/test_new_password.py b/tests/app/main/views/test_new_password.py index 53cd87754..c7102771e 100644 --- a/tests/app/main/views/test_new_password.py +++ b/tests/app/main/views/test_new_password.py @@ -56,7 +56,7 @@ def test_should_redirect_to_two_factor_when_password_reset_is_successful( response = client.post(url_for_endpoint_with_token('.new_password', token=token, next=redirect_url), data={'new_password': 'a-new_password'}) assert response.status_code == 302 - assert response.location == url_for('.two_factor', _external=True, next=redirect_url) + assert response.location == url_for('.two_factor_sms', _external=True, next=redirect_url) mock_get_user_by_email_request_password_reset.assert_called_once_with(user['email_address']) diff --git a/tests/app/main/views/test_sign_in.py b/tests/app/main/views/test_sign_in.py index d803e26ec..4dfeaf7fe 100644 --- a/tests/app/main/views/test_sign_in.py +++ b/tests/app/main/views/test_sign_in.py @@ -130,7 +130,9 @@ def test_process_sms_auth_sign_in_return_2fa_template( 'email_address': email_address, 'password': password}) assert response.status_code == 302 - assert response.location == url_for('.two_factor', next=redirect_url, _external=True) + # TODO: remove this assert once we start defaulting to returning two_factor_sms first + assert '/two-factor-sms' not in response.location + assert response.location == url_for('.two_factor_sms', next=redirect_url, _external=True) mock_verify_password.assert_called_with(api_user_active['id'], password) mock_get_user_by_email.assert_called_with('valid@example.gov.uk') diff --git a/tests/app/main/views/test_two_factor.py b/tests/app/main/views/test_two_factor.py index 7a0120bda..f431a75fd 100644 --- a/tests/app/main/views/test_two_factor.py +++ b/tests/app/main/views/test_two_factor.py @@ -54,7 +54,7 @@ def test_should_render_two_factor_page( 'id': api_user_active['id'], 'email': api_user_active['email_address']} mocker.patch('app.user_api_client.get_user', return_value=api_user_active) - response = client.get(url_for('main.two_factor', next=redirect_url)) + response = client.get(url_for('main.two_factor_sms', next=redirect_url)) assert response.status_code == 200 page = BeautifulSoup(response.data.decode('utf-8'), 'html.parser') assert page.select_one('main p').text.strip() == ( @@ -86,7 +86,7 @@ def test_should_login_user_and_should_redirect_to_next_url( 'email': api_user_active['email_address']} api_user_active['email_access_validated_at'] = '2020-01-23T11:35:21.726132Z' - response = client.post(url_for('main.two_factor', next='/services/{}'.format(SERVICE_ONE_ID)), + response = client.post(url_for('main.two_factor_sms', next='/services/{}'.format(SERVICE_ONE_ID)), data={'sms_code': '12345'}) assert response.status_code == 302 assert response.location == url_for( @@ -112,7 +112,7 @@ def test_should_send_email_and_redirect_to_info_page_if_user_needs_to_revalidate session['user_details'] = { 'id': api_user_active['id'], 'email': api_user_active['email_address']} - response = client.post(url_for('main.two_factor', next=f'/services/{SERVICE_ONE_ID}'), + response = client.post(url_for('main.two_factor_sms', next=f'/services/{SERVICE_ONE_ID}'), data={'sms_code': '12345'}) assert response.status_code == 302 @@ -140,7 +140,7 @@ def test_should_login_user_and_not_redirect_to_external_url( 'email': api_user_active['email_address']} api_user_active['email_access_validated_at'] = '2020-01-23T11:35:21.726132Z' - response = client.post(url_for('main.two_factor', next='http://www.google.com'), + response = client.post(url_for('main.two_factor_sms', next='http://www.google.com'), data={'sms_code': '12345'}) assert response.status_code == 302 assert response.location == url_for('main.show_accounts_or_dashboard', _external=True) @@ -166,7 +166,7 @@ def test_should_login_user_and_redirect_to_show_accounts( api_user_active['email_access_validated_at'] = '2020-01-23T11:35:21.726132Z' api_user_active['platform_admin'] = platform_admin - response = client.post(url_for('main.two_factor'), + response = client.post(url_for('main.two_factor_sms'), data={'sms_code': '12345'}) assert response.status_code == 302 @@ -186,7 +186,7 @@ def test_should_return_200_with_sms_code_error_when_sms_code_is_wrong( 'email': api_user_active['email_address']} mocker.patch('app.user_api_client.get_user', return_value=api_user_active) - response = client.post(url_for('main.two_factor'), + response = client.post(url_for('main.two_factor_sms'), data={'sms_code': '23456'}) assert response.status_code == 200 assert 'Code not found' in response.get_data(as_text=True) @@ -208,7 +208,7 @@ def test_should_login_user_when_multiple_valid_codes_exist( 'email': api_user_active['email_address']} api_user_active['email_access_validated_at'] = '2020-01-23T11:35:21.726132Z' - response = client.post(url_for('main.two_factor'), + response = client.post(url_for('main.two_factor_sms'), data={'sms_code': '23456'}) assert response.status_code == 302 @@ -230,7 +230,7 @@ def test_two_factor_should_set_password_when_new_password_exists_in_session( 'password': 'changedpassword'} api_user_active['email_access_validated_at'] = '2020-01-23T11:35:21.726132Z' - response = client.post(url_for('main.two_factor'), + response = client.post(url_for('main.two_factor_sms'), data={'sms_code': '12345'}) assert response.status_code == 302 assert response.location == url_for('main.show_accounts_or_dashboard', _external=True) @@ -252,7 +252,7 @@ def test_two_factor_returns_error_when_user_is_locked( 'id': api_user_locked['id'], 'email': api_user_locked['email_address'], } - response = client.post(url_for('main.two_factor'), + response = client.post(url_for('main.two_factor_sms'), data={'sms_code': '12345'}) assert response.status_code == 200 assert 'Code not found' in response.get_data(as_text=True) @@ -262,13 +262,13 @@ def test_two_factor_post_should_redirect_to_sign_in_if_user_not_in_session( client_request, ): client_request.post( - 'main.two_factor', + 'main.two_factor_sms', _data={'sms_code': '12345'}, _expected_redirect=url_for('main.sign_in', _external=True) ) -@pytest.mark.parametrize('endpoint', ['main.two_factor_webauthn', 'main.two_factor']) +@pytest.mark.parametrize('endpoint', ['main.two_factor_webauthn', 'main.two_factor_sms']) def test_two_factor_get_should_redirect_to_sign_in_if_user_not_in_session( client_request, endpoint, @@ -296,7 +296,7 @@ def test_two_factor_should_activate_pending_user( 'id': api_user_pending['id'], 'email_address': api_user_pending['email_address'] } - client.post(url_for('main.two_factor'), data={'sms_code': '12345'}) + client.post(url_for('main.two_factor_sms'), data={'sms_code': '12345'}) assert mock_activate_user.called diff --git a/tests/app/test_navigation.py b/tests/app/test_navigation.py index da168c240..3e947de47 100644 --- a/tests/app/test_navigation.py +++ b/tests/app/test_navigation.py @@ -289,7 +289,7 @@ EXCLUDED_ENDPOINTS = tuple(map(Navigation.get_endpoint_with_blueprint, { 'trial_mode', 'trial_mode_new', 'trial_services', - 'two_factor', + 'two_factor_sms', 'two_factor_email', 'two_factor_email_interstitial', 'two_factor_email_sent',