darkhelm/notifications-admin
1
0
Fork 0
mirror of https://github.com/GSA/notifications-admin.git synced 2026-02-05 10:53:28 -05:00
Code Issues Packages Projects Releases Wiki Activity
403 Commits 51 Branches 59 Tags
2cb896fa813bdec1d1fd6cd8824b85d5aeadfb73
Commit Graph

70 Commits

Author SHA1 Message Date
Rebecca Law
2cb896fa81 Completion of forgot-password endpoints. 
Start implementation for new-password endpoints.
Created PasswordResetToken model
ToDo: create and save token, send valid url to user,
check validity of token, update user's password, redirect to /two-factor.
 2016-01-11 12:23:07 +00:00
Rebecca Law
6696426dbc Add endpoints for forgot-password. 2016-01-11 12:22:39 +00:00
Chris Hill-Scott
86db5fa0b9 Make wording on 2nd-level pages match prev. commit 2016-01-08 17:17:34 +00:00
Chris Hill-Scott
0b62d1e755 Add confirm loop 
For pages where
- we want you to be sure that you want to do what you’re about to do
- we want to be sure it’s you trying to do the thing

This adds a page that asks the user to confirm their password.
 2016-01-08 14:59:30 +00:00
Chris Hill-Scott
3989d1b576 Add pages for ‘service settings’ flow 
Adds the pages and wires them together, so that it’s possible to click
through them.

The wording is not quite English, but attempts to be an rough description of
what the consequences are for each of the four actions.
 2016-01-08 14:56:14 +00:00
Rebecca Law
afd03ea5bf Merge pull request #46 from alphagov/add-useful-headers 
Add some useful owasp suggested headers
 2016-01-07 15:39:51 +00:00
Adam Shimali
78b8aed96b Add some useful owasp suggested headers 2016-01-07 13:58:38 +00:00
Nicholas Staples
7001d8261d Fix for security hole with setting session['user_id'] before second factor of authentication has been authorised. 2016-01-07 12:43:10 +00:00
Nicholas Staples
10c2978f85 Merge with master and test fix. 2016-01-06 17:17:02 +00:00
Nicholas Staples
0a4ea6ca2e Merge branch 'master' into provide_logout_link 2016-01-06 17:06:04 +00:00
Nicholas Staples
79c15ec9cf Code checks and all tests passing. 2016-01-06 16:51:35 +00:00
Nicholas Staples
5905229714 Logout functionality and test added. 2016-01-06 16:40:38 +00:00
Nicholas Staples
921c10a1fa Merge with master. 2016-01-06 10:55:45 +00:00
Chris Hill-Scott
ba48707371 Add routing and pages for managing templates 
So that users can see what it the flow is like to:
- add new templates
- edit existing templates
 2016-01-06 09:39:42 +00:00
Nicholas Staples
0ebacd6929 Refactor for code_not_received, sign_in, two_factor and verify. 2016-01-05 17:08:50 +00:00
Nicholas Staples
1f520116f0 Sign in view, form and template refactored. 2016-01-05 14:30:06 +00:00
Chris Hill-Scott
31e6e53d46 Make data consistent from dashboard -> job 
- adds a table of recent activity to the job page, which is shared by the
  dashboard page
- uses the same filename and message template as the first job shown on the
  dashboard
- sets the time of file uploads/message delivery/message sending to always
  match ‘just now’
 2016-01-05 13:31:54 +00:00
Chris Hill-Scott
0e6dab3f5c Add unit tests for activity (and SMS) flows 
These are basic tests to make sure that the pages stay stitched together.

Added for both the jobs and send SMS flows (because the send SMS flow didn’t
have any before)
 2016-01-05 13:31:54 +00:00
Nicholas Staples
7693ba8a18 Update register view form and template. 2016-01-05 12:41:20 +00:00
Rebecca Law
785c413cde Move and rename macro.html 
Remove print statements
Fix code style
 2016-01-04 15:50:26 +00:00
Rebecca Law
ac05f6931e Refactor add-service form such that the dao is not exposed in the forms. 2016-01-04 15:31:50 +00:00
Rebecca Law
b2f544a165 110880218: Completed implementation of resend the verificaton code 2015-12-31 13:16:59 +00:00
Rebecca Law
fb5e80e0d4 110880218: Implementation to resend the verification code. 
Added implementation for GET/POST for the /verification-not-received endpoint.
 2015-12-31 11:13:42 +00:00
Rebecca Law
10dd647f2b Merge pull request #35 from alphagov/did-not-receive-code 
Implementation for did not receive email or sms code
 2015-12-31 10:32:34 +00:00
Rebecca Law
e38df7cda1 109898688: Fix unit test 2015-12-17 16:16:12 +00:00
Rebecca Law
7478f8a0f3 Make Users.email_address unique 2015-12-17 14:57:26 +00:00
Rebecca Law
010be66d31 109898688: Complete the implementation of the did not receive code. 2015-12-17 14:33:20 +00:00
Rebecca Law
64812c1614 109898688: All codes are valid until one code is used, then they are all marked used. 
Fixed the is_active() method on the Users model, if the user was pending they would come back as active, allowing a user to sign in before being active.
There is still a problem with the validate_sms_code and validate_email_code method.
 2015-12-17 14:33:20 +00:00
Rebecca Law
bd8bb3c926 109898688: Implementation of text-not-received and email-not-received 2015-12-17 14:33:20 +00:00
Rebecca Law
e9383b733e 109898688: Implement get method for email-not-received and text-not-received 2015-12-17 14:33:20 +00:00
Rebecca Law
258ae3674b 110067722: Fix code style 2015-12-15 10:32:26 +00:00
Rebecca Law
eb0cff18c5 110067722: Add form validation for duplicate service name. 2015-12-15 10:32:26 +00:00
Rebecca Law
43f2605ac4 110067722: Post add-service endpoint saves the service and maps it to the user. 2015-12-15 10:32:26 +00:00
Rebecca Law
350ccda208 110067722: Added endpoints for add-service 
Post is not complete as of yet.
 2015-12-15 10:32:25 +00:00
Rebecca Law
4b01335703 110067722: Create the model and dao for services. 
This commit creates the data model for services and user_to_service.
The dao is also created to insert, get, activate, and unrestrict the service.
 2015-12-15 10:31:27 +00:00
Rebecca Law
caabda92e0 Test for VerifyForm and TwoFactorForm 2015-12-14 14:09:29 +00:00
Rebecca Law
295dbeb7d1 Create unit tests that test the forms. 2015-12-14 13:25:27 +00:00
Rebecca Law
c0550d2c61 Refactor unit tests 2015-12-14 13:25:27 +00:00
Rebecca Law
2b4097dd2d 109526036: Updates as per comments made on pull request. 2015-12-10 15:21:06 +00:00
Rebecca Law
588730d594 109526036: Persist the verify code to the db. 
The codes are hashed and saved to the db.
The code is marked as used once a valid code is submitted.
The code is valid for 1 hour.
The codes are no longer saved to the session.
 2015-12-10 14:48:01 +00:00
Rebecca Law
975aaf58ff 109638656: Add mocker for api client, which tries to send sms 2015-12-09 12:11:43 +00:00
Rebecca Law
9ba229820a 109638656: Implementation of two factor verification 
Validation of the code is done in the form, when the form.validate_on_submit is called the validate code methods are called as well.
 2015-12-09 11:36:57 +00:00
Rebecca Law
1af2dd5e98 109638656: Use Regex validator for sms code to ensure it is 5 digits. 2015-12-09 10:17:50 +00:00
Rebecca Law
7570a80a00 109638656: Added test and moved common function to __init__ 2015-12-09 10:17:09 +00:00
Rebecca Law
2e59870490 109638656: Implement two factor verify flow 
When user enters valid sms code they are redirected to the dashboard.
Otherwise, form errors are present.
 2015-12-09 10:17:09 +00:00
Rebecca Law
c946f85f9d 109638656: Send sms code from sign-in post. 2015-12-09 10:16:30 +00:00
Rebecca Law
eae2756a5e 109638656: Initial implementation for two-factor 2015-12-09 10:15:41 +00:00
Rebecca Law
ae19161b32 109526520: Use Regex validator to test the code is 5 digits. 2015-12-09 10:12:21 +00:00
Rebecca Law
9923c14e73 109526520: Changed the code form fields to StringField 
When the codes were IntegerFields and the code started with zero, the zero was trimmed, resulting in a failed match.
 2015-12-09 10:12:21 +00:00
Rebecca Law
bef2258803 109526520: Add custom validators for the VerifyForm 
If the email_code or sms_code entered does not pass check password, then add errors to the form.
 2015-12-09 10:12:21 +00:00