Added a test to check that the password is updated when the password exists in the session object on the two-factor page.

2026-02-05 02:42:26 -05:00 · 2016-03-08 14:58:29 +00:00
parent 3e969b3640
commit e735d772fe
3 changed files with 29 additions and 5 deletions
--- a/app/main/views/two_factor.py
+++ b/app/main/views/two_factor.py
@@ -1,6 +1,6 @@

 from flask import (
-    render_template, redirect, jsonify, session, url_for)
+    render_template, redirect, session, url_for)

 from flask_login import login_user

@@ -33,7 +33,7 @@ def two_factor():
            login_user(user, remember=form.remember_me.data if form.remember_me.data else False)
        finally:
            del session['user_details']
-        if (len(services) == 1):
+        if len(services) == 1:
            return redirect(url_for('main.service_dashboard', service_id=services[0]['id']))
        else:
            return redirect(url_for('main.choose_service'))
--- a/tests/app/main/views/test_new_password.py
+++ b/tests/app/main/views/test_new_password.py
@@ -3,7 +3,6 @@ from datetime import datetime

 from flask import url_for
 from utils.url_safe_token import generate_token
-import pytest


 def test_should_render_new_password_template(app_,
--- a/tests/app/main/views/test_two_factor.py
+++ b/tests/app/main/views/test_two_factor.py
@@ -1,7 +1,5 @@
 from flask import url_for

-from tests import create_test_user
-

 def test_should_render_two_factor_page(app_,
                                       api_user_active,
@@ -109,3 +107,30 @@ def test_remember_me_set(app_,
            response = client.post(url_for('main.two_factor'),
                                   data={'sms_code': '23456', 'remember_me': True})
            assert response.status_code == 302
+
+
+def test_two_factor_should_set_password_when_new_password_exists_in_session(app_,
+                                                                            api_user_active,
+                                                                            mock_get_user,
+                                                                            mock_check_verify_code,
+                                                                            mock_get_services_with_one_service,
+                                                                            mock_update_user):
+    with app_.test_request_context():
+        with app_.test_client() as client:
+            with client.session_transaction() as session:
+                session['user_details'] = {
+                    'id': api_user_active.id,
+                    'email': api_user_active.email_address,
+                    'password': 'changedpassword'}
+
+            response = client.post(url_for('main.two_factor'),
+                                   data={'sms_code': '12345'})
+
+            assert response.status_code == 302
+            assert response.location == url_for(
+                'main.service_dashboard',
+                service_id="596364a0-858e-42c8-9062-a8fe822260eb",
+                _external=True
+            )
+            api_user_active.password = 'changedpassword'
+            mock_update_user.assert_called_once_with(api_user_active)