Merge pull request #286 from alphagov/always-return-password-resent-page

Fix to forgot password
2026-02-05 19:03:30 -05:00 · 2016-03-16 14:39:42 +00:00
parent 2292ea4d15 271e194e1c
commit cc15d92aaa
2 changed files with 28 additions and 3 deletions
--- a/app/main/views/forgot_password.py
+++ b/app/main/views/forgot_password.py
@@ -1,6 +1,7 @@
 from flask import (
    render_template,
 )
+from notifications_python_client.errors import HTTPError

 from app.main import main
 from app.main.forms import ForgotPasswordForm
@@ -11,8 +12,13 @@ from app import user_api_client
 def forgot_password():
    form = ForgotPasswordForm()
    if form.validate_on_submit():
-        user_api_client.send_reset_password_url(form.email_address.data)
-
+        try:
+            user_api_client.send_reset_password_url(form.email_address.data)
+        except HTTPError as e:
+            if e.status_code == 404:
+                return render_template('views/password-reset-sent.html')
+            else:
+                raise e
        return render_template('views/password-reset-sent.html')

    return render_template('views/forgot-password.html', form=form)
--- a/tests/app/main/views/test_forgot_password.py
+++ b/tests/app/main/views/test_forgot_password.py
@@ -1,4 +1,5 @@
-from flask import url_for
+from flask import url_for, Response
+from notifications_python_client.errors import HTTPError

 import app

@@ -25,3 +26,21 @@ def test_should_redirect_to_password_reset_sent_for_valid_email(
            'You have been sent an email containing a link'
            ' to reset your password.') in response.get_data(as_text=True)
        app.user_api_client.send_reset_password_url.assert_called_once_with(api_user_active.email_address)
+
+
+def test_should_redirect_to_password_reset_sent_for_missing_email(
+        app_,
+        api_user_active,
+        mocker):
+    with app_.test_request_context():
+
+        mocker.patch('app.user_api_client.send_reset_password_url', side_effect=HTTPError(Response(status=404),
+                                                                                          'Not found'))
+        response = app_.test_client().post(
+            url_for('.forgot_password'),
+            data={'email_address': api_user_active.email_address})
+        assert response.status_code == 200
+        assert (
+            'You have been sent an email containing a link'
+            ' to reset your password.') in response.get_data(as_text=True)
+        app.user_api_client.send_reset_password_url.assert_called_once_with(api_user_active.email_address)