Commit Graph

29 Commits

Author SHA1 Message Date
Kenneth Kehl
91f3e6a557 fix static scan warnings 2025-04-01 08:00:33 -07:00
Kenneth Kehl
18331d0c42 code review feedback 2024-07-12 13:34:22 -07:00
Kenneth Kehl
058a999ed0 ugh 2024-07-11 09:38:32 -07:00
Kenneth Kehl
4e6f143675 fix register from join service 2024-03-19 09:30:20 -07:00
Kenneth Kehl
417c072382 maybe fix 404 on signout 2023-11-29 10:24:09 -08:00
Kenneth Kehl
e55a9273bf code review feedback 2023-11-22 08:28:07 -08:00
Kenneth Kehl
22d728f0f8 cleanup 2023-11-14 10:14:35 -08:00
Kenneth Kehl
d1682c641d fix flake 8 2023-11-14 07:14:27 -08:00
Kenneth Kehl
bc3928cb0f fix logout 2023-11-14 07:11:40 -08:00
Kenneth Kehl
e5403a52f1 notify-admin-338 login.gov integration 2023-11-02 14:10:22 -07:00
Kenneth Kehl
1d790868f3 merge from main 2023-10-31 12:22:06 -07:00
Kenneth Kehl
782cff2d5f fiddle with logout 2023-10-20 09:34:39 -07:00
Kenneth Kehl
7ca258b547 work on logout 2023-10-20 08:48:04 -07:00
Kenneth Kehl
8c9721d8e2 notify-api-412 use black to enforce python coding style 2023-08-25 09:12:23 -07:00
Rebecca Law
8a19d9496a Check if user is authenticated before signing out, this will prevent a 500 if the user is an AnonymousUser.
I ended up creating a new test user and logged_in_client, which isn't really great. But I tried adding a current_session_id to the active user in the test, but that broke all other tests.
I tried setting current_session_id in all the users being tested but that didn't work either. I'd like to come back to fixing the tests and reducing the number of conftest methods in another PR. For now this fixes the bug.
2020-02-04 12:16:58 +00:00
Rebecca Law
0e1ee504ac - Add unit test for when case when the cookie doesn't match the db.
- Move code into User.signout method to further encapsulate the code.
2020-02-03 15:08:55 +00:00
Rebecca Law
937c9f2adc Ensure that the session is logged out server side, not just client side.
Anytime a user clicks "sign out" we should be signing them out server side as well. This can be accomplished by setting the Users.current_session_id = null.
I found that the method User.logged_in_elsewhere doesn't need to check if the current_session_id is None. The current_session_ids in the cookie and db (redis or postgres) then the user should be forced to log in again.
2020-02-03 12:24:02 +00:00
Chris Hill-Scott
f3a0c505bd Enforce order and style of imports
Done using isort[1], with the following command:
```
isort -rc ./app ./tests
```

Adds linting to the `run_tests.sh` script to stop badly-sorted imports
getting re-introduced.

Chosen style is ‘Vertical Hanging Indent’ with trailing commas, because
I think it gives the cleanest diffs, eg:
```
from third_party import (
    lib1,
    lib2,
    lib3,
    lib4,
)
```

1. https://pypi.python.org/pypi/isort
2018-02-27 16:35:13 +00:00
Rebecca Law
a0e7d569e9 Send an email to the user when they change email address
This PR changes the flow to change an email address.
Once the user enter their password, they are told "Check your email".
An email has been sent to them containing a link to notify which contains an encrypted token.
The encrypted token contains the user id and new email address. Once the link is clicked the user's email address is updated to the new email address.
They are redirected to the /user-profile page.

Also in this commit is an update from flask.ext.login to flask_login.
2016-10-13 17:05:37 +01:00
Chris Hill-Scott
18963f4645 Redirect to homepage after signout 2016-06-22 14:37:02 +01:00
Adam Shimali
72c1ecc9cb Believe it or not this broke functional tests 2016-04-27 18:00:46 +01:00
Adam Shimali
7c1867fde6 Record login including remembered user login events to the api based of flask login
signals.
2016-04-27 16:39:17 +01:00
Nicholas Staples
c959678c49 Remember me functionality added and tested.
Merge extra.

Fixed comment.
2016-02-24 17:32:15 +00:00
Rebecca Law
035d4152fd Use session.clear() sign-out.
NOTE: you can not test that the session is cleared out by checking the session cookie does not exist on the index page,
because ItsDangerousSession will create a new session when it hits the index page. The unit test confirms that the session has been cleared.
2016-02-12 15:06:54 +00:00
Rebecca Law
867ef7ad99 Default service name if service name is not set on the session.
Pop service name off the session on sign out.
2016-01-29 10:40:55 +00:00
Rebecca Law
0c1592905f Update sign_out to go to the index page not sign-in 2016-01-11 12:23:08 +00:00
Nicholas Staples
10c2978f85 Merge with master and test fix. 2016-01-06 17:17:02 +00:00
Nicholas Staples
79c15ec9cf Code checks and all tests passing. 2016-01-06 16:51:35 +00:00
Nicholas Staples
5905229714 Logout functionality and test added. 2016-01-06 16:40:38 +00:00